The Year in GenAI: Security Catches Up with Innovation

By Arti Raman, CEO and founder of Portal26 [ Join Cybersecurity Insiders ]

Over a year ago, the general public got its first taste of the possibilities of generative artificial intelligence (GenAI) with the public rollout of ChatGPT. As far as watershed tech moments go, it was comparable only to the iPhone launch fifteen years earlier—another occasion on which millions of people realized, simultaneously, that nothing would ever be the same.

The enterprise implications of this technology were apparent from the beginning, but that doesn’t mean the relationship between GenAI and enterprise has been uncomplicated. On the contrary, over the last year, we’ve witnessed every stage of the innovation life cycle play out in real time. What started as white-hot excitement soon cooled to skepticism and has now come back around to widespread excitement.

What changed? How did artificial intelligence (AI) go from an exciting but risky new technology to a must-have for most businesses? Understanding how we got to this point can tell us a lot about the present state of GenAI and where it might be headed in the near future.

Why some businesses were slow to adopt GenAI

It makes sense that many organizations spent the early part of 2023 wary about implementing GenAI. To start, many saw the quick rise and even quicker fall of digital innovations like the Metaverse and crypto around the same time. Large enterprises like Meta and Microsoft were entrenched in the Metaverse, causing hype and promising plans for future additions. However, we’ve entered 2024, and it’s nearly forgotten about. While AI promises quite a bit, there was no guarantee it wouldn’t head in the same direction during an overheated initial hype cycle.

It’s more important to note, however, that a few things can damage a company’s reputation and bottom line, like hacked or otherwise exfiltrated data. However incredible AI’s capabilities might be, they could not—in the eyes of many businesses—outweigh the potential security risks.

The most prominent of these risks was the chronic lack of visibility endemic to many GenAI tools. Remember that many of these GenAI-skeptical businesses had spent the preceding few years working diligently to gain insight into newly sprawling multi-cloud operations. In other words, the perils of partial transparency were well-known to them, and by now, it’s a cybersecurity maxim that you can’t protect yourself from what you can’t see. So it makes sense that these businesses were wary of implementing GenAI tools, which—at least at the time—could not offer the kind of comprehensive visibility they’d come to view as a baseline cybersecurity expectation.

There were other security issues, however. For instance, there is difficulty integrating GenAI with pre-existing security stacks and generating unified internal policies for GenAI usage. Beyond security concerns, the very newness of this technology meant many employees would lack the skills to use it effectively. Any investment in GenAI tech would have to come with a concomitant investment in new security protocols and employee training.

Enterprise adoption spiked dramatically in 2023—what changed?

In the world of AI, everything moves fast. It is no surprise that in a year, everything about this situation has changed. In 2023, we saw many companies race to implement GenAI, but the small segment that held out last year may be struggling to catch up in 2024.

This is partly a result of competitive pressure. Many of the companies that took the GenAI plunge early saw spectacular gains in productivity over the year—approximately a 40% increase, according to a recent study from Accenture. Per a recent State of GenAI survey, these gains can be chalked up to a few notable factors, including GenAI’s ability to generate starting points for presentations or for code; its ability to replace traditional web research; and its usefulness for labor-intensive tasks like generating letters or structured responses.

Customers have also benefited from the improved user experience GenAI facilitates, and they are favoring AI-powered products and services accordingly. At the same time, GenAI has become inescapable, the subject of countless conference presentations and research papers from analysts like Gartner, Forrester, and IDC.

While the companies that took a risk in 2023 saw productivity gains, those who took a more cautious approach now see the reaping benefits from afar. Business leaders now see the potential return on investment (ROI) from these trailblazers, and they’re continuing to see GenAI’s relevance in industry research. These C-suite executives, board members, and investors are now asking, “Where’s our GenAI strategy?”

While these are all important factors, none would matter if GenAI tools were still riddled with security risks. Thankfully, that situation has likewise changed dramatically in the last few months.

In 2023, security concerns finally caught up with innovation

GenAI posed unique security risks from day one. For instance, visibility. As mentioned, this was the key concern for many enterprise GenAI skeptics. However, as we’ve learned more about GenAI and its benefits, we have also developed a deeper understanding of the technology that has culminated in better tools for GenAI security.

Visibility concerns have been definitively put to rest through tools developed and perfected in just the last year or so. Businesses can now easily determine how their AI technology is being utilized across systems, who is using them and for what purposes.

These new tools have also significantly impacted things like risk management and data privacy. Employers now have the option of next-generation security and privacy controls that ensure employees do not intentionally or inadvertently exfiltrate sensitive data. They can also easily catalog AI-specific risks and determine appropriate mitigation strategies. Combined with GenAI-facilitated advances in employee training and internal governance, these developments explain why the pool of GenAI holdouts grows smaller by the day.

In 2023, businesses were effectively faced with a binary question: namely, are you willing to potentially sacrifice security for the sake of increased productivity? Throughout 2023, we rapidly saw this question proven irrelevant, but throughout 2024, we we’re seeing new aspects of the conversation unfold. In the world of GenAI, innovation and security are no longer in opposition. The latter has finally caught up to the former. And both are advancing—in tandem—at an unimaginable pace. The unique security challenges presented by GenAI are now better understood, and companies now have to decide what security investments need to be made to keep GenAI secure.


No posts to display