Although artificial intelligence promises leaps in efficiency, Polish entrepreneurs approach it cautiously. The latest PARP report shows that as many as 7 out of 10 Polish companies are afraid of AI implementations, pointing to security and privacy as the main barriers. Is this right? Experts point out that the real threat may be the lack of AI procedures and foundations.
Data on target
According to the PARP report ‘Artificial intelligence in companies: readiness for adoption, competences and needs‘, some of the biggest concerns for companies (both those planning to implement and those already using AI) are the breach of company data protection and the risk of wrong algorithmic decisions (39% each). Interestingly, the perspective changes with the level of knowledge and experience. In companies already using AI, the fear of data leakage rises to 47%. Companies are also concerned about the high cost of security (36%) and the loss of control over how algorithms are created.
Pawel Kulpa, Cybersecurity Architect at Safesqr, notes that the biggest challenges with cyber security stem from an organisation’s unfamiliarity with the subject and lack of proper procedures. – The biggest problem from a cyber-security perspective is not that AI will steal data, but that employees of companies are feeding sensitive information to algorithms, and companies have no control over this process. Confidential documents are often uploaded into public language models, for example to prepare a summary. Employees do not realise that this data becomes part of the base on which the language model is trained.
The expert stresses that an effective response to these risks is to combine appropriate technology with clearly defined security procedures: – ‘A far better solution is to implement our own local, closed AI models that preserve the flow of data within the organisation and combine this with DLP systems that monitor external traffic. Such tools can detect an attempt to send sensitive information outside the company faster than any auditor.
Foundations more important than innovation
The readiness to adopt AI is directly correlated with the state of the IT infrastructure. Companies are more likely to implement new solutions if they have a secure and stable system (44%) and modern technical facilities (42%).
Although 23% of respondents are already using AI to detect anomalies and a further 28% are planning to do so, the formal side is still limping along. Only 41% of companies implementing AI have comprehensive security procedures in place.
Procedures
Companies that are serious about the topic rely primarily on education and external support. The most popular protection measures focus on systematic training of employees in the safe operation of AI systems, as 44% of organisations declare. Close cooperation with external cyber security experts and the implementation of advanced measures to protect against unauthorised access to systems, allowing to build a multi-layered protective barrier around company resources, are proving to be equally important.
– Companies often look to AI for magical solutions, forgetting about digital hygiene, notes Paweł Kulpa. – Meanwhile, the biggest challenge is that cybercriminals are already using AI to personalise phishing attacks on a massive scale. Before we can implement advanced AI, we need to have a solid foundation: multi-factor authentication (MFA), effective privilege management (IAM), network segmentation and clear incident response procedures. AI in security should be a second line of defence and a system that analyses anomalies in user behaviour and blocks them in real time, but only if the first line, i.e. an informed workforce and a tight system, works flawlessly.
Lessons for business
Fears of AI often stem from a lack of digital maturity. Businesses that start with small, secure projects that do not involve sensitive data are quicker to tame the technology and build a competitive advantage. The key to success is not to avoid AI, but to prioritise security at every stage of its implementation, from staff training to regular audits.
The report ‘Artificial intelligence in companies: readiness for adoption, competences and needs’ was developed by the Polish Agency for Enterprise Development in cooperation with Jagiellonian University. The study combines desk-based data analysis, qualitative research and an extensive quantitative survey among employers.
source: press release
