Technology

Small Businesses Rush to Adopt GenAI Despite Security Risks

Published November 20, 2023

As generative AI (GenAI) gains popularity for its potential to enhance business efficiency and innovation, small to mid-sized firms are aggressively adopting these tools. Alarmingly, they do so in the face of significant security risks. Insights from Zscaler's survey of over 900 global IT decision makers reveal a startling trend: while 89% acknowledge the security threats posed by GenAI technologies like ChatGPT, a whopping 95% admit to incorporating them into their operations.

Security Oversight in GenAI Adoption

The situation raises concerns as 23% of these businesses are not monitoring the use of GenAI technologies at all, with 33% having no specific security measures in place. Smaller enterprises, particularly those with 500 to 999 employees, are in a precarious position. Although the same proportion of these smaller businesses are using GenAI, an overwhelming 94% are aware of the dangers involved.

'GenAI tools hold immense promise, but the security risks cannot be ignored,' states Sanjay Kalra of Zscaler. 'Seeing only 39% of organizations view the adoption of such tools as a beneficial opportunity is concerning.' The lack of security could compromise data integrity and negate the advantages GenAI can offer.

Who's Pushing for GenAI?

Contrary to assumptions, it's not employee demand driving the GenAI revolution but the IT departments themselves. Only 5% attribute the push to employee interest, whereas 59% see it as a directive from IT teams. This suggests that businesses have an opportunity to strategically manage GenAI adoption and address security challenges under IT leadership. However, the urgency to act is high, with 51% of respondents expecting a GenAI interest surge by the year's end.

Business leaders are encouraged to implement key security actions promptly:

  • Adopt a comprehensive zero-trust architecture.
  • Perform detailed security assessments for each new AI tool.
  • Create robust logging for AI interactions.
  • Enforce zero trust-based DLP protocols for AI-related data.
GenAI, security, business