CISOs lack insight into AI training data

The rapid rise of AI across industries has created a critical data blind spot, a lack of insight into the data powering these systems. Training data for AI models can harbor hidden risks, including leaking sensitive information, personal data, and intellectual property.

A new survey of 168 members of the CISO Society carried out by BigID and Lorem Advisory Group looks at the challenges CISOs face in governing, securing, and safeguarding data in today's AI-driven landscape.

"The findings from our survey underscore the complex challenges facing CISOs and highlight the common trends that all of us face with regards to securing data in our environments," says Tyler Young, chief information security officer for BigID. "As data breaches continue to impact organizations, it is imperative for security leaders to prioritize data security initiatives that aim to provide visibility and capabilities to protect sensitive data."

Among the findings are that 66 percent of CISOs prioritize proactive data risk detection and remediation to bolster security, deeming that just scanning data is not enough.

Nearly half of CISOs say they use Data Security Posture Management (DSPM) to mitigate insider risk, and over 85 percent of CISOs want more visibility into who has access to the organization’s data, signaling a shift towards a risk-aware, data-centric security approach.

The majority (57.4 percent) spent between one and five percent of their budget on data security tools in 2023 and half (50.3 percent) expect to invest the same amount again in 2024. Larger organizations are set to spend more, however, 6.3 percent of businesses with 10,000+ employees anticipate that they will spend 20 percent or more of their budget on data security tools this year -- a two times increase over 2023.

The full report is available from the BigID site.

Image credit: Wrightstudio/Dreamstime.com