Founder and CEO, Corix Partners | Board Advisor | Non-executive director | Author “The spiral of cybersecurity failure and how to escape from it”.
Everyone is talking about generative AI. You’ve probably been living at the bottom of the deepest cave for most of the last 18 months if you haven’t seen anything about it. In fact, it’s hard to find professional content online that doesn’t reference it. Rightly or wrongly, the subject comes up in all kinds of conversations.
If you’ve been working in the tech industry long enough, you can be forgiven for having a slightly cynical view of the situation. After all, we heard a lot of hype not long ago about blockchain. As the co-founder of Deepmind reminds us in a recent interview with the Financial Timessome tech companies and their marketing are threaten the booming industry through scams similar to what we have seen for crypto.
But the purpose of this article is not to fuel the debate about the impact that generative AI will or will not have on businesses or the future of work. Rather, it is a call for a more measured approach.
Craze for generative AI
Of course, every cycle we hear “this time it’s for real”, but looking at the situation from the side and focusing on cybersecurity, I see a number of forms emerging that are very rarely mentioned in the current context.
First of all, the magnitude of the wave of hype around generative AI is colossal, and we cannot be sure that we have reached the peak. (Although comments from Demis Hassabis mentioned above and some emerging suppliers investigations This could be a clue that we are close.)
Over the past 12 to 18 months, every board of directors has asked their leadership team about this; each leader in turn asked questions to his team; and each team under their leadership is currently engaged in various experiments, pushing the old shadow computing Businesses have encountered problems in one form or another since the advent of SaaS solutions over 10 years ago.
I see that much of this is happening without sufficient concern for data security, privacy, legal or copyright issues – or even without any meaningful understanding of the effect of the underlying technology. underlying data in many cases.
Time, resources and productivity
Even leaving these aspects aside, what concerns me the most, and something that I don’t think is discussed enough, is the monumental amount of time and resources that this focus on AI consumes , and the often very low level of real productivity. see these discussions having. Between executives who rarely understand the questions they should be asking and technologists who rarely understand the underlying platforms and the full implications of using them, I think caution is warranted.
Time spent figuring out what generative AI can do is often better spent on other topics; I find that this hyperorientation toward AI frequently creates increasing management and leadership debt. This in turn leads to delays in decisions and a deprioritization of non-AI issues, regardless of their nature or relative urgency.
Prioritize the Basics
Why is this a cybersecurity issue in many businesses? Because where cybersecurity maturity is low and needs to improve, the key is almost always to get the basics right. I think this often doesn’t involve any form of AI.
Information security leaders, who already had a nearly impossible task ahead of them, now see a number of new fronts opening up before them. They must master the complex implications of relatively opaque data security technology, carried across the enterprise by an immeasurable wave of shadow IT.
They are expected to inform their bosses and sometimes the board of directors of the risks involved, but they may be faced with the inflated and unfounded expectations created by the colossal hype cycle the world is facing when it comes to AI tools.
They may struggle to justify any new non-AI activities – if they find the time to continue promoting them – regardless of their actual importance to protecting the company and its business.
Prioritize cybersecurity
I think allowing AI hype and FOMO to hijack cybersecurity decisions could be a high price to pay for many companies, especially where maturity is low and resources scarce.
So I think it’s time to come back to common sense for many of us slow things down. I urge those in the profession to put things into perspective and enable crucial discussions about the need for AI. Overall, I think a more balanced and measured approach is needed when adopting AI in cybersecurity.
Forbes Business Advice is the leading growth and networking organization for business owners and leaders. Am I eligible?