As the hype grows around AI and more people try it out, many are using it at work to see how it can help them become more efficient. But there's a real problem: Some employees are using public instances of chatbots, putting proprietary company data at risk by giving an open LLM access. Others use the company's access to AI, but input highly sensitive and personal data, like Social Security numbers and financial data.
A new study from technology security company Kiteworks found that 27% of companies reported that nearly a third of all of the data sent to AI systems is the type of information that should be kept private, like company records, employee information and trade secrets. (It could be more; 17% of companies don't know how much private data ends up getting sent to AI.) It's a problem that's growing. A Stanford University report on AI found a 56.4% increase in security incidents with the technology last year.
While it may seem obvious to the tech savvy, many employees might not know the risks of this kind of AI sharing, and 83% of companies only rely on training or warning emails to let them know. Kiteworks found that just 17% have automatic controls that keep employees from uploading sensitive information to public AI tools. Further, most companies don't have much of an AI governance structure -- only 9%, according to Deloitte research cited by Kiteworks.
The study results show that companies need to add policies and infrastructure to control employee use of AI and protect their own data. This kind of use can cause real damage to companies -- not to mention their employees and clients. The study concludes that companies need to acknowledge the threat, deploy controls that can be verified, and ensure that they can stand up to regulatory scrutiny.
"With incidents surging, zero-day attacks targeting the security infrastructure itself, and the vast majority lacking real visibility or control, the window for implementing meaningful protections is rapidly closing," Kiteworks CMO Tim Freestone said in a statement.
Many people still haven't grasped how to truly use AI to benefit their company -- we all know its practical business functions go beyond asking a chatbot for advice. I talked to Lindsay Phillips, cofounder and COO of tech change coaching firm SkyPhi Studios, about how to bring AI to your company and get people using it. An excerpt from our conversation is later in this newsletter.
Nvidia is back on top, pulling ahead of Microsoft as the world's most valuable company. A research note on Wednesday from Loop Capital analyst Ananda Baruah raised his price target for Nvidia's stock from $175 to $250. Baruah wrote that Nvidia will lead the next "Golden Wave" for generative AI and will see "stronger-than-anticipated demand." The research note -- as well as Nvidia's annual shareholder meeting, where CEO Jensen Huang laid out an optimistic view of the company's future -- drove the company's stock to hit a record high of $154.43. While share prices dropped somewhat before markets closed, it was a banner day for the chips company.
Chips and robotics company, that is. At the annual meeting, Nvidia positioned itself squarely in the robotics and physical industrial AI spaces. In the company's annual report, Huang wrote that so far this year, Nvidia has fundamentally transformed itself from a chip maker to a builder of infrastructure. While AI data centers will continue to be important, AI-powered robots in factories, hospitals, farms and cities will be what moves society forward in the not-so-distant future. "We stopped thinking of ourselves as a chip company long ago," Huang said at the meeting, according to CNBC.
While it seems for now that the physical conflict between Iran and Israel -- which the U.S. inserted itself into by bombing Iranian nuclear facilities -- is on hold, the war will likely still be bitterly fought online. Forbes' Thomas Brewster writes that Iran, which has a "robust cyber apparatus" according to Middle East cybersecurity experts, is likely to launch disruptive attacks on U.S. and Israeli interests. For the U.S. government, this could be especially challenging. Since the start of President Donald Trump's second term, the Department of Homeland Security's Cybersecurity and Infrastructure Agency has lost many experienced employees and does not even have a permanent director. Insiders told Forbes that CISA already is stretched thin, but coordinated attacks from Iran could make it much worse.
The PR war over how the attacks are seen is also riddled with conflicting imagery. AI-generated Iranian propaganda showing a rocket launch and a convoy of tanks and missiles have racked up millions of views, writes Forbes' Emily Baker-White. These videos, which were seen throughout social media, abruptly disappeared. None of the platforms have any policies against releasing propaganda, and the videos didn't appear to be labeled as AI-generated.
AI can be a force for good, but it can also be nefarious. New research from Barracuda, Columbia University and the University of Chicago found that AI writes more than half of all spam email now, writes Forbes senior contributor Davey Winder. This includes the vast majority of messages in your personal account's spam folder -- but it's also getting prevalent in business emails as well. About 14% of business inbox attacks, in which often senior people in organizations are targeted with requests for financial transactions, are written by AI.
Winder writes that it makes sense to use AI for spam. It tends to do a passable job of writing with proper grammar and spelling across a variety of languages. It can also write in a convincing way to provoke a recipient to respond. The study found that attackers seem to be using AI to draft different versions of spam and hacking emails, searching for the best way to get a recipient's attention.
AI truly can transform the way we do business, but in order for it to make a difference, employees actually need to use it. AI is unlike any other tech shift in recent years, and it can be difficult for everyone at a company to embrace it. I talked to Lindsay Phillips, cofounder and COO of tech change coaching firm SkyPhi Studios, about the best way to get your employees through these challenges. This conversation has been edited for length, clarity and continuity.
What is the biggest hurdle that you see to widespread AI adoption in companies?
Phillips: The biggest hurdle is companies approaching AI as a software shift, and AI is really a mindset shift. It's not just about teaching people how to do the same work in a different tool. They have to completely change how they think about work, how they think about the value that they're bringing to the workplace, how they approach their workflows. Companies that are just trying to make tools available and don't help people understand how to use it, how to adopt it successfully and how to integrate it are running into adoption challenges.
How do you get past that roadblock?
Understanding how you want people to change to use the tool. Understanding how roles and responsibilities need to change; the RACI [responsibility matrix] that's required so that folks adopt this tool and integrate it into their workflows. You want to also make sure that leadership across the org understands that strategy. Most folks want to get guidance from their manager; so you want to leverage leadership cascades and really make sure they’re carrying that message forward and reinforcing it.
The other thing that we're seeing with companies that are successful is a community of practice: Creating ambassadors throughout the org at ground level boots on the street that are supporting their team members adopting these tools helping them make that mindset shift.
How does the move toward AI compare to other technology shifts in the past like moving to cloud increasing cybersecurity?
It definitely feels like we're driving the car while we're building the car so we need our team members to be very collaborative in helping us figure out how to use these tools. Experts are going to be able tell you how AI is going make their jobs more productive able help them do their work better. Leadership's not necessarily going know that so it really does need be lot more collaborative agile than needed be past. In past you’d find requirements help people adopt those new ways working meet those requirements. This we’re figuring it out as we go much more experimental.
What sets the companies that are most successfully integrating AI apart?
A comfort with experimentation and a certain amount of comfort with uncertainty of saying ‘We’re going give it try. We’re going see how goes; we’ll pivot we need.’ Companies that very attached clarity certainty always having right answer going struggle AI adoption. It’s not linear straight path. It going something you have figure out you go.
What advice would you give executives trying get their employees use AI?
The more accessible we can make it better. There’s companies doing weekly challenges. Just start encourage folks incorporate into daily lives. Encourage folks share wins. You want hear about other people using these tools so that can give ideas how also use it your day-to-day. It is massive mindset shift. Approach little tiny bites you can take start shift habits daily.