Report Examines AI and Security Views, Concerns of Organizations
Immuta survey finds 80% of data experts agree that AI is making data security more challenging, increasing sensitive information exposure risks and the likelihood of AI-powered attacks.
Note: TDWI's editors carefully choose vendor-issued press releases about new or interesting research and services. We have edited and/or condensed this release to highlight key study results or service features but make no claims as to the accuracy of the vendor's statements.
Immuta, a leader in data security, released results of its The AI Security & Governance Report, which surveyed nearly 700 engineering leaders, data security professionals, and governance experts about their outlook for AI security and governance. The report features insights about how organizations are adopting AI, navigating emerging security and privacy challenges, and updating governance guidelines to safely capitalize on the technology’s potential.
The findings indicate that AI adoption remains sky high, with more than half of data experts (54%) saying that their organization already leverages at least four AI systems or applications. Over three-quarters of respondents (79%) report that their budget for AI systems, applications, and development has increased in the last 12 months.
However, this fast-paced adoption also carries massive uncertainty. For example, 80% of data experts agree that AI is making data security more challenging. Experts expressed concern about the inadvertent exposure of sensitive data by LLMs and adversarial attacks by malicious actors via AI models. More than half of respondents (57% have seen a significant increase in AI-powered attacks in the past year.
Although rapid AI adoption is certainly introducing new security challenges, optimism about its potential is pushing organizations to adapt. For example, data leaders believe that AI will enhance current security practices for tasks such as AI-driven threat detection systems (40%) and the use of AI as an advanced encryption method (28%). With these benefits looming in the face of security risks, most organizations (83%) are updating internal privacy and governance guidelines and taking steps to address the new risks:
- 78% of data leaders say their organization has conducted risk assessments specific to AI security
- 72% are driving transparency by monitoring AI predictions for anomalies
- 61% use purpose-based access controls to prevent unauthorized usage of AI models
- 37% say they have a comprehensive strategy to remain compliant with recent and forthcoming AI regulations and data security needs
“Current standards, regulations, and controls are not adapting fast enough to meet the rapid evolution of AI, but there is optimism for the future,” said Matt DiAntonio, VP of product management at Immuta. “The report clearly outlines a number of AI security challenges as well as how organizations are looking to AI to help solve them. AI and machine learning are able to automate processes and quickly analyze vast data sets to improve threat detection and enable advanced encryption methods to secure data. As organizations mature on their AI journeys, it is critical to ‘de-risk’ data to prevent unintended or malicious exposure of sensitive data to AI models. Adopting an airtight security and governance strategy around generative AI data pipelines and outputs is imperative to this de-risking.”
Despite so many data leaders expressing that AI makes security more challenging, 85% say they’re somewhat or very confident that their organization’s data security strategy will keep pace with the evolution of AI. In contrast to research just last year that found 50% strongly or somewhat agreed that their organization’s data security strategy was failing to keep up with the pace of AI evolution, this indicates that there’s a maturity curve and many organizations are plowing ahead on AI initiatives despite the risks as the expected payoff is worth it.
The rapid changes in AI are understandably exciting, but also unknown. This is especially true as regulations are fluid and many models lack transparency. Data leaders should pair their optimism with the reality that AI will continue to change -- and the goalposts of compliance will continue to move as it does. No matter what the future of AI holds, one action is clear: there is no responsible AI strategy without a data security strategy. Companies need to establish governance that supports a data security strategy that isn’t static, but rather one that dynamically adapts as innovation delivers results for the business.
Read the full report here (short registration required).