Be Aware of GenAI’s Risks To Your Company

Although many companies are exploring the use of generative artificial intelligence (GenAI), some are prohibiting its use until they figure out the risks. Others are just waiting to see how it shakes out before deciding on a company position. No matter which camp your company is in, it is important to set a strategy before employees adopt AI. Once users get used to working with the technology in day-to-day operations, it’s harder to pull them back. As users don’t necessarily understand the risk to their organizations, it’s critical to evaluate the risks, establish a strategy and communicate it to your employees. The author recommends forming a group of stakeholders from within the organization to evaluate the risks of using AI, reduce those risks, determine a corporate strategy, and educate and train users. 

The author recommends A CISO’s Guide to Generative AI and ChatGPT Enterprise Risks, published by the Team8 CISO Village, to evaluate the risk of using AI. Although the title is “A CISO’s Guide,” it is also directed at security practitioners — including legal ops professionals, whose interests align with CISOs concerns. The guide provides actionable tools to understand and communicate the security implications of GenAI for organizations, and the associated legal and compliance risks they need to share with other company stakeholders.