Twenty per cent of organisations admit that an employee at their organisation has exposed company data using AI tools such as ChatGPT, according to new research.
The findings were revealed in Underfunded and Under Reported: Threats, Breaches, and Budgetsreport, a survey of 250 UK CISOs conducted by independent polling agency Censuswide, which detailed the intersection of AI tools and cybersecurity.
RiverSafe found that 75 per cent of security leaders believe that insider threats pose a more significant risk than external threats to their organisation’s cybersecurity. On top of this, 20 per cent identified AI as their biggest cybersecurity threat, pointing to more concerns over AI’s potential misuse in cyber-attacks.
These findings spotlight the inherent risks associated with increasing insider threats and suspicion towards employee-led security concerns within organisations. The exposure of data by insiders poses a profound danger, surpassing the threat posed by external actors.
Additionally, the escalating sophistication and prevalence of AI tools introduces new complexities and vulnerabilities, contributing to the ever-evolving landscape of cyber threats.
Suid Adeyanju, CEO at RiverSafe, that conducted the research, said: “Our research has highlighted the prominent danger that insider threats are posing to businesses, both by unaware employees and malicious staff members. This report sheds light on the intersection of AI and insider threats, where the increasing use of AI creates a wider concern for the potential for data breaches.”
“As the complexity of AI-Driven cyber threats continue to evolve, proactive measures are essential to safeguard sensitive data assets and mitigate the risks posed by insider threats. A revised and up-to-date cyber strategy should no longer be a second thought, but instead a priority for all organisations to mitigate the risks, especially when considering ever increasing use of AI.”
Oseloka Obiora, CTO at RiverSafe commented: “”Although AI presents enticing opportunities for businesses, it’s imperative to proceed cautiously, particularly concerning insider threats and data breaches originating from employees. Organisations must leverage AI for competitive advantage while strengthening cybersecurity defences to prevent potential vulnerabilities. The repercussions of a breach, compromising both customer and employee data, can inflict irreparable damage, underscoring the critical importance of comprehensive security measures.”