Better security needed to harness the positive potential of AI

New WAF attack timelines show the start and end of a threat.
No more logs. See how →

Despite heightened interest in enterprise deployment of artificial intelligence, only 40 percent of respondents to ISACA’s second annual Digital Transformation Barometer express confidence that their organizations can accurately assess the security of systems based on AI and machine learning.

security positive potential ai

This becomes especially striking given the potential for serious consequences from maliciously trained AI; survey respondents identify social engineering, manipulated media content and data poisoning as the types of malicious AI attacks that pose the greatest threat within the next five years.

AI/machine learning also continued to rise toward the top of technologies considered to have the highest potential to deliver transformative value to organizations. While placing second in these rankings in the 2017 and 2018 Digital Transformation Barometers, AI/machine learning went from 18 points behind big data in 2017, to just 3 points behind big data in 2018. As the perceived value of AI continues to increase, the proportion of organizations planning to deploy AI continues to increase as well, with a 35 percent increase over 2017.

“Enterprises must make the needed investments in well-trained staffs capable of putting AI safeguards in place,” said Rob Clyde, ISACA Board Chair. “As AI evolves—consider the likely proliferation of self-driving vehicles, or AI systems designed to reduce urban traffic—it will become imperative that enterprises can provide assurance that the AI will not take action that puts people in harm’s way.”

In addition to today’s common uses for AI, such as virtual personal assistants and fraud detection, there are high hopes that AI and machine learning have the potential to cause major breakthroughs across various industries, including helping to accelerate medical research, improving crop yields and assisting law enforcement with cases. These advancements, though, are unfolding so quickly that it often is challenging for organizations to develop the expertise needed to put safeguards in place to account for security vulnerabilities and ethical implications.

While AI/machine learning—along with big data and the public cloud—lead the way in promising transformative value, these technologies also are among the top five facing organizational resistance, with public cloud prompting the highest level of resistance (52 percent).

The 5,847 respondents among ISACA’s global business technology members also identified which emerging technologies appear to be more hype than reality so far. Big data, AI/machine learning and public cloud were the top three technologies that practitioners anticipate will be deployed at their enterprises in the next year, while only 12 percent indicate their organizations will deploy blockchain, and only 6 percent will deploy augmented/virtual reality.

Organizations overwhelmingly pursuing digital transformation

Nine in 10 enterprises (91 percent) are attempting digital transformation as they look to spark innovation and efficiencies, but a majority (64 percent) are encountering challenges in trying to integrate emerging and immature technologies.

However, organizations that embrace emerging technologies have been rewarded. The ISACA data explores the progress organizations have made on this frontier, the extent to which they understand and are adopting transformative technologies, the impact of digital literacy, and the state of this journey through different industries worldwide.

For emerging technologies such as AI, having digitally literate leaders correlates to lower perceived risks, which is key when making the case for deploying technologies.

Last year, ISACA found that just 53 percent of respondents described their leadership as digitally literate. In 2018, that number stayed consistent at 54 percent. The lack of improvement is cause for concern, given the benefits organizations reap when their leaders are digitally literate, including less resistance to deploying emerging technologies.

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.