Generative AI use in the workplace leads to added risks
More than 10 percent of enterprise employees access at least one generative AI application every month, compared to just two percent a year ago, but there are security risks as a result.
New research from Netskope shows ChatGPT was the most popular generative AI application in 2023, accounting for seven percent of enterprise usage. The number of cloud apps the enterprise accessed also increased by an average of 19 percent per year, with users jumping from 14 to 20 different apps in just two years.
"With growing AI app usage, employees are more likely to expose sensitive data like credentials, personal information, or intellectual property," says Ray Canzanese, threat research director at Netskope Threat Labs. "For safe enablement of AI apps, organizations must implement reasonable controls and advanced data security capabilities while focusing on how employees can use AI productively."
Most users only interact with generative AI apps a few times per month. Over the course of the past year, the average user went from five activities per month to 14 activities per month, where an activity is most commonly a prompt posted to a chatbot. The top quarter though shows a more significant increase, from 15 to 85 activities over the course of the year.
One of the most popular uses of generative AI technology in the enterprise so far is as a writing assistant. Grammarly, the second most popular generative AI app after ChatGPT, is used by 3.1 percent of enterprise users. AI art generators are creeping in too, taking ninth and 10th places on the list.
Netskope recommends organizations take steps to limit access to only those apps that serve a legitimate business purpose, create a review and approval process for new apps and implement a continuous monitoring process that will alert security operators when apps are being misused or have been compromised.
Ensuring the safe enablement and adoption of AI apps should now be an urgent priority for most organizations, including identifying permissible apps and implementing controls that empower users to use them to their fullest potential while safeguarding the organization from risks.
The full report is available from the Netskope site.