Excerpt from IT Brief Asia Article, Published on Apr 2, 2025.
A recent study has revealed that more than half of employees are putting sensitive data at risk by entering high-risk information into AI tools. The alarming findings have sparked concerns among cybersecurity experts, highlighting the urgent need for businesses to implement strict policies regarding AI tools to mitigate potential data breaches. Jared Siddle, Vice President of Risk & Compliance at Protecht, emphasized that organizations must take proactive steps to regulate the use of AI tools in the workplace. He warned that without clear policies, employees could unknowingly expose confidential business data. “If you wouldn’t post it publicly, don’t put it into an AI tool,” Siddle cautioned, explaining that AI tools process and retain data, making them potential targets for cybercriminals. He also noted that while enterprise versions of AI tools may have stronger privacy protections.
The study by TELUS Digital found that 57% of enterprise employees admitted to inputting confidential information into AI tools, reinforcing the urgent need for businesses to act. Siddle stressed that ignoring the risks posed by AI tools is not an option. He advised companies to establish formal AI policies, implement enterprise-approved AI tools, educate employees on security protocols, and continuously monitor AI usage to prevent data leaks.
AI security training, according to Siddle, should be a priority for all organizations. He pointed out that AI tools have become an integral part of daily operations, and without proper training, a simple query could result in a costly data breach. Businesses that already train employees on cybersecurity and phishing must integrate AI security into their programs to prevent mishandling of sensitive data. To strengthen security measures, Siddle recommended encrypting data, enforcing access controls, securing APIs, monitoring AI tools for threats, and adhering to ethical AI practices. With the growing reliance on AI tools, businesses must take immediate action to protect sensitive data and prevent potential breaches.
To delve deeper into this topic, please read the full article IT Brief Asia.
