CybersecuritySecurity NewswireCybersecurity News

10% of organizations have a formal AI policy in place

By Security Staff
blue geometric graphic

Image via Unsplash

October 25, 2023

Security leaders were surveyed by ISACA on generative artificial intelligence (AI) uses and policies within the workplace. The poll found that many employees at respondents’ organizations are using generative AI, even without policies in place for its use. 

The report found that 28% of organizations say their companies expressly permit the use of generative AI, 10% say a formal comprehensive policy is in place, and more than one in four say no policy exists and there is no plan for one. Despite this, over 40% say employees are using it regardless — and the percentage is likely much higher given that an additional 35% aren’t sure.

However, despite employees quickly moving forward with use of the technology, 6% of respondents’ organizations are providing training to all staff on AI, and more than half (54%) say that no AI training at all is provided, even to teams directly impacted by AI. Twenty-five percent of respondents indicated they have a high degree of familiarity with generative AI.

Fewer than one-third of their organizations consider managing AI risk to be an immediate priority, 29% say it is a longer-term priority and 23% say their organization does not have plans to consider AI risk at the moment, even though respondents note the following as top risks of the technology:

  • Misinformation/disinformation (77%)
  • Privacy violations (68%)
  • Social engineering (63)
  • Loss of intellectual property (IP) (58%)
  • Job displacement and widening of the skills gap (tied at 35%)

Fifty-seven percent of respondents indicated they are very or extremely worried about generative AI being exploited by bad actors. Sixty-nine percent say that adversaries are using AI as successfully or more successfully than digital trust professionals.

Examining how current roles are involved with AI, respondents believe that security (47%), IT operations (42%) and risk and compliance (tie, 35%) are responsible for the safe deployment of AI. When looking ahead, one in five organizations (19%) are opening job roles related to AI-related functions in the next 12 months.

Read the full report here.

KEYWORDS: artificial intelligence (AI) privacy concerns risk management security compliance security strategy

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

close

1 COMPLIMENTARY ARTICLE(S) LEFT

Loader

Already Registered? Sign in now.

Related Articles

Related Products

See More ProductsSee More Products

Events

View AllSubmit An Event
  • November 14, 2024

    Best Practices for Integrating AI Responsibly

    ON DEMAND: Discover how artificial intelligence is reshaping the business landscape. AI holds immense potential to revolutionize industries, but with it comes complex questions about its risks and rewards.
  • August 27, 2025

    Risk Mitigation as a Competitive Edge

    In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.
View AllSubmit An Event

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!