Companies have good reasons to be concerned about generative AI

Companies need help to get visibility into the operations of their AI programs, potentially reducing productivity while creating significant risks around governance, data security, and more, according to Portal26.

Two-thirds of respondents admitted to a Generative AI security or misuse incident in the past year. 73% have already experienced GenAI-related security incidents; of those, 67% occurred within the last year alone.

GenAI investments skyrocket in the last 12 months

The newness of these programs is likely why. While 84% of respondents have invested or are planning to invest in GenAI, 71% of these GenAI operations were launched within the last two years, and 49% were launched in just the last 12 months. Of those respondents whose businesses have adopted AI, 85% are concerned about its privacy and security risks.

The survey revealed a range of concerns surrounding GenAI that remain very much active and unresolved for businesses, including Shadow AI (unknown or unsanctioned use of GenAI), which sits at 58%, data privacy (56%), governance (63%), IP protection (62%), bias in training (55%), data security (60%), employee use of prompts (63%), employee training (58%), and rules and compliance both internal and external (64% and 62%, respectively).

Data security is a particularly pressing issue for large organizations (5,000+ employees), 93% of which reported heightened concerns around Shadow AI. The reason for this is simple: the more employees a company has, the more potential entry points for a bad actor or inadvertent human error.

Regardless of the risks, optimism for the benefits of Generative AI for their business is strong: 82% of respondents reported high confidence that GenAI grants them a competitive advantage.

Organizations establish guidelines for safe AI use

As organizations strive for adoption, the survey provides an early glimpse into how businesses deal with these emergent issues. 80% have already instituted guidelines and policies around AI, an essential first step in safely enabling usage.

68%, meanwhile, have created and shared acceptable use policies to ensure that employees don’t inadvertently share private information or accidentally violate compliance mandates.

From the responses, it is clear that companies are beginning to take the risks presented by inadequate visibility into GenAI very seriously. 99% of respondents said that they have or are going to invest in a GenAI data governance tool for their company, and 0% said it was not being considered (1% were unsure).

33% already have such programs, and 32% are in the early conversation stages. At the same time, employee GenAI training is lagging behind technological developments, with 58% of companies providing their employees less than five hours of annual education and training on GenAI issues.

“With the widespread adoption of GenAI among corporations, we’re witnessing a massive experiment take place in real time,” said Arti Raman, CEO of Portal26.

“The benefits of GenAI are undeniable, but a lack of visibility will invariably lead to lower productivity and higher risks around security, Shadow AI, governance, privacy and more. As these survey results demonstrate, most of these GenAI programs are barely a year old, and a lot of foundation work will need to take place before corporations can comfortably reap all the benefits GenAI can offer. It’s heartening to see, per this survey, that so many companies are already acutely aware of the need for infrastructure around visibility, governance, etc., and are ramping up spending on related technology accordingly. This process is still in its early stages, and we can expect to see even more robust investment in visibility infrastructure in the months and years to come,” added Raman.