Generative AI Employee Risk Management Neglected by Majority of Companies

By Greg Tavarez October 23, 2023

Generative AI, characterized by its ability to create content, data and even human-like text and imagery, continues to gain prominence in various industries. While it promises innovative solutions, its lightning-fast growth also brings forth a new set of business risks.




These risks encompass concerns about the misuse of AI-generated content for misinformation and fraud, intellectual property disputes related to AI-generated works and the ethical implications of AI-driven decision-making. The concerning part is organizations lag in awareness surrounding generative AI threats. I recently wrote a story on it.

A new study, released by Riskonnect, goes a few steps further and reveals only 9% of companies say they’re prepared to manage risks associated with using generative AI inside the enterprise, and only 17% of risk and compliance leaders have formally trained or briefed their organizations on the risks of using generative AI.

At the forefront, data privacy and cybersecurity issues are sizeable, with 65% of companies expressing worries about the safeguarding of sensitive information and potential cyber threats. Moreover, the risk of employees making decisions based on inaccurate AI-generated information is a significant apprehension, affecting 60% of organizations, highlighting the critical need for ensuring data accuracy and employee training.

Ethical concerns associated with employee misuse of AI and the broader ethical implications of AI technologies affect 55% of companies, necessitating the establishment of robust ethical guidelines. The unethical use of AI can involve the manipulation of AI-generated content for fraudulent or malicious purposes, such as generating fake reviews, deepfake videos or misinformation, which can undermine trust and credibility.

Ensuring ethical AI use necessitates robust employee training and the establishment of clear guidelines to prevent misuse while upholding principles of fairness, transparency and accountability.

The study also found that companies' preparedness in managing risk leaves much to be desired, with 63% failing to simulate their worst-case scenarios. This is indicative of a gap in anticipating and mitigating unforeseeable risk events. Only 5% of organizations feel adequately prepared to assess, manage and recover from unpredictable risk events, emphasizing the need for comprehensive risk management strategies.

By identifying, assessing and mitigating potential risks, these strategies help protect against financial losses, reputational damage and operational disruptions, ensuring business continuity. They enable companies to proactively adapt to the business landscape and comply with regulatory requirements, enhancing their overall ability to thrive and navigate uncertainty.

Another point revealed by the study: challenges in data quality and reliability hinder the effectiveness of risk and compliance teams. Only 23% of organizations express a high level of confidence in the accuracy, quality and actionable nature of their risk management data, indicating room for improvement in data handling and validation. Similarly, only 5% are very confident in their ability to extract, aggregate and report on risk insights for informed decision-making, signaling a critical area for data management enhancement.

“Our research shows that most companies have been slow to respond, which creates vulnerabilities across the enterprise,” said Jim Wetekamp, CEO of Riskonnect. “The rise of generative AI is the latest example of how quickly today’s risk landscape evolves. We’ve officially entered a new generation of risk.”

Because of the evolving threat landscape, ongoing market disruptions and lack of awareness prior to this study, organizations are now forced to reevaluate their approach to enterprise risk management. More than half of companies now have a chief risk officer, and 82% have either increased or maintained their risk management department's headcount in the past six months, according to the study.

“We are seeing meaningful and positive changes to how companies identify, prioritize and manage risk,” said Wetekamp. “Risk leaders are planning for worst-case scenarios, prioritizing enterprise-wide visibility and investing in tools to combat the full and interconnected spectrum of risk.”

Be part of the discussion about the latest trends and developments in the Generative AI space at Generative AI Expo, taking place February 13-15, 2024, in Fort Lauderdale, Florida. Generative AI Expo discusses the evolution of GenAI and feature conversations focused on the potential for GenAI across industries and how the technology is already being used to create new opportunities for businesses to improve operations, enhance customer experiences, and create new growth opportunities.




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE

Barco ClickShare Embraces Microsoft Platform for Enhanced Security and User Experience

Barco announced that its next generation of ClickShare solutions will use the Microsoft Device Ecosystem Platform.

Read More

NICE Introduces 1CX, Its New Unified Communications-As-A-Service Solution

CX solutions provider NICE recently announced 1CX, the company's new unified communications-as-a-service (UCaaS) solution designed for rapid implementation and fast return on investment.

Read More

Navy Sets Sail with T-Mobile: $2.67B Contract for Next-Gen Connectivity

T-Mobile was picked as a wireless solutions provider by the U.S. Department of the Navy as part of the $2.67 billion Spiral 4 contract.

Read More

CallCabinet Expands Call Compliance via NUWAVE's iPILOT Platform

CallCabinet, a provider of call recording and AI-driven conversation analytics, announced its solution is available for Microsoft Teams and Webex Calling via NUWAVE's iPILOT platform.

Read More

Somos Earns Key Role in Securing Phone Calls with STI-CA Certification

Somos was recently approved as a Secure Telephone Identity Certification Authority, or STI-CA.

Read More