Many companies focus on innovation or automation leveraging AI without considering the risks. While any business activity or tool has risk, leveraging or developing AI involves several unique risks and considerations.
Employee Risks
Your employees are using AI, whether you know it or not. A Deloitte study characterizes that over 60% of employees use AI at work. Yet well under 50% of companies have an AI acceptable use policy. Fewer still have AI Awareness training.
Several companies have seen their intellectual property compromised as it’s put into the public domain via employee use. Other companies have seen factually incorrect information (AI hallucinations) advanced in company output.
If you don’t define the rules via policies and train your employees, the liability is on you, the business.
Financial and Reputational Risks
Misuse or mistakes from AI fall back on the company. This may undermine your reputation, or may cost you directly.
In several instances, bad actors (or simply mischievous ones) have tricked AI chat bots into making promises on behalf of the company. In at least one case, a court required the company to honor the promise.
When your employees, or even your AI bots, make mistakes. The company is responsible.
Training Data Risks
Model Risks
Output Risks
Sensitive Data
PHI, PII, Biometrics
Racial/Ethnic, Financial, Educational, Location
Training Data Provenence
Ownership, Usage Rights/Consent
Source, Accuracy, Integrity, Bias
Bias Risks
Employment, Financial, Justice/Legal
Decision Risks
Critical Infrastructure, Healthcare, Safety
Liability & Reputational Risks Hallucinations, Intellectual Property rights, Privacy/Breaches, Unintended Consequences
Misuse of Output Data
Deepfakes, Propaganda, Fraud
AI-Specific Cyber Security Vulnerabilities
Model Inversion, Model Extraction, Model poisoning, Adversarial Attacks
Check out our services to see how we help you manage these risks: Our Services
Privacy Risks
Privacy risks range from regulatory and legal obligations to reputation and liability impacts. Maintaining the security and confidentiality of client data is the foundation of a trusted relationship.
With privacy legislation proliferating around the world, more companies are falling under the regulatory umbrella. In addition, as our clients implement formal privacy programs, they cascade privacy requirements onto their suppliers via contractual obligations.
And you don’t have to have a direct presence in a state to be subject to their privacy regulations. If you have a threshold level of a states residents data in your databases, you may be subject to their laws. Over 14 states have passed privacy legislation in the last 18 months. Here’s what the trend looks like:
Check out our services to see how we help you manage these risks: Our Services