Seattle: A report, that analyzes organizations’ plans for securing and governing the use of generative AI tools, details cognitive dissonance among security leaders as the technology increasingly becomes a mainstay at work.

According to the findings, 73 percent of IT and security leaders admit their employees use generative AI tools or Large Language Models sometimes or frequently at work, yet, they aren’t sure how to appropriately address security risks.

ExtraHop, a cloud-native network detection and response (NDR), released The Generative AI Tipping Point, a new research report, that found enterprises are struggling to understand and address the security concerns that come with employee generative AI use.

When asked, IT and security leaders are more concerned about getting inaccurate or nonsensical responses (40 percent) than security-centric issues, like exposure of customer and employee Personal Identifiable Information (36 percent), exposure of trade secrets (33 percent), and financial loss (25 percent).

Almost a third of respondents shared that their organization has banned the use of generative AI tools, a similar proportion to those who are very confident in their ability to protect against AI threats (36 percent). Despite these bans, only 5 percent say employees never use these tools at work, signaling that they are ineffective.

Although nearly three-quarters surveyed have invested or are planning to invest in generative AI protections or security measures this year, IT and security leaders want more guidance. A majority (90 percent) of respondents want the government involved in some way, with 60 percent favoring mandatory regulations and 30 percent supporting government standards that businesses can adopt at their own discretion.

More than four in five are very or somewhat confident their current security stack can protect against threats from generative AI tools. However, less than half have invested in technology that helps their organization monitor the use of generative AI. Furthermore, only 46 percent have policies in place governing acceptable use, and 42 percent train users on safe use of these tools.

Following the launch of ChatGPT in November 2022, enterprises have had less than a year to fully weigh the risks versus the rewards that come with generative AI tools. Amid rapid adoption, it is important that business leaders better understand their employees’ generative AI usage so they can then identify potential gaps in their security protections to ensure data or intellectual property is not improperly shared.

“There is a tremendous opportunity for generative AI to be a revolutionary technology in the workplace,” said Raja Mukerji, Co-founder of ExtraHop. “However, as with all emerging technologies we’ve seen become a staple of modern businesses, leaders need more guidance and education to understand how generative AI can be applied across their organization and the potential risks associated with it. By blending innovation with strong safeguards, generative AI will continue to be a force that will uplevel entire industries in the years to come.”