We Asked People if They Used AI Tools with Security in Mind

It’s a no-brainer that AI tools will continue to make a lasting impact in the years to come. However, using them ultimately carries the risk of unintentionally exposing data, potentially compromising everything from non-public financial information, proprietary intellectual property, company strategy, marketing plans and more. Unregulated AI use can truly be a slippery slope for today’s distributed workforces.

Never Have AI Ever

We launched the “Never Have AI Ever” quiz last year to help people identify the link between the data they feed into AI and the risks that are born out of that. The quiz covered five questions related to using AI for different business scenarios, including understanding whether people were using AI to support tasks that require proprietary information such as running financial analysis or debugging code.

We had participants put one finger down for each time they used AI in a way that invited risk into the organization. Considering the rules, if participants finished the quiz with all five fingers still upright, they were using AI safely.

Out of hundreds of quiz responses we received:

• 47 percent reported no risky interaction with AI.  
• …which means 53 percent put data at risk in some shape or form.
• 11 percent of participants could be classed as high-risk AI users, having claimed to have taken part in at least four out of five of the risky behaviors noted in the quiz.
• That’s one in every 10 responses, and it only takes one interaction to put the enterprise at risk.

The reality is that people severely underestimate risk when it comes to AI – and that makes sense. AI makes our lives easier, and it’s natural for people to gravitate toward technologies that save them time. But AI poses the risk to unintentionally leak information or become the target of threat actors, and it must be considered in a data security strategy.

Unlock the Power of Generative AI

Security leaders today have a responsibility to empower the workforce to take advantage of AI tools without inviting risk into the business. Restricting access may seem like a logical solution at first, but this can unfortunately lead to further shadow IT risk, productivity loss, or unhappy employees who may feel creatively stifled without secure access to the latest and greatest tools.

At the end of the day, generative AI offers so many positive benefits for the workforce that spending time to put a data security plan into action is always worth the effort. To balance security and productivity, security leaders should prioritize three key cornerstones for their teams:

• Employee Education: We know it can be easy for employees to overlook or not even think about data risks when using AI tools. Developing company-wide guidelines or frameworks on working with approved AI tools and eliminating shadow IT usage of AI can help users make the right decisions from the start.
• Prioritize Safe Browsing: Stop employees from uploading sensitive data to AI and prevent potential data breaches. Forcepoint ONE Secure Web Gateway (SWG)  monitors traffic from the web and prevent users from accessing unknown or risky content, blocking sensitive data uploads on the web and unmanaged devices. Consider pairing SWG with Data Loss Prevention (DLP) to extend data security policies from other channels to the web to block copying and pasting of sensitive data.
• Lean Into Data Security Everywhere: At Forcepoint, our Data-first SASE approach universally enforces policies to secure sensitive data on any managed or unmanaged device. With more than 1,700 pre-defined policies, templates and classifiers to stop data loss, Forcepoint enables organizations to confidently integrate generative AI with full, real-time visibility and control.

Forcepoint delivers industry-leading data security and access control on any device for generative AI, enabling users to maximize benefits without inviting risk into the business. Talk to an expert to learn how to get started with Data Security for Web today.