{{item.title}}
{{item.text}}
{{item.title}}
{{item.text}}
Generative artificial intelligence (GenAI) offers an incredible opportunity for businesses to change the game when it comes to their operations. But if you want to create sustainable value for your organization using GenAI, in addition to enthusiasm, you’ll need a commitment to managing risks you might not be fully aware of or well positioned to control.
Many companies are only beginning to appreciate some of the challenges associated with implementing GenAI. In this year’s Global Digital Trust Insights survey, 39% of companies globally said addressing the difficulty of incorporating with existing systems and processes would be one of their most significant challenges internally on the GenAI front over the next twelve months, while 39% selected lack of trust in GenAI by internal stakeholders and 37% selected inadequate internal controls and risk management. Navigating these challenges and their associated risks can be difficult, but for companies looking to get the most from GenAI, factoring them into your strategy early is critical.
If you’re excited about the possibilities GenAI and want to set your organization up for long-term success, consider taking a proactive approach to your GenAI strategy that considers GenAI governance and cyber risk management from the beginning.
Interest in GenAI is expected to increase in the months and years ahead as companies look to use it to drive new business value. With GenAI tools becoming increasingly accessible, closing the door entirely on the use of GenAI in your organization isn’t realistic, since you’d lose any control or visibility into where or how it’s being used by people choosing to disregard your guidance. This would leave your business exposed to the risks without being able to take advantage of the benefits.
The best defence when it comes to managing GenAI risks is to be proactive. By building trusted avenues and processes for your people to use GenAI, you can reduce the possibility that your people will use GenAI tools in an unapproved way while establishing the internal controls and governance you’ll need to manage risks.
Embracing GenAI can be daunting, but you don’t need to start from scratch. At PwC Canada, we’ve gone through our own GenAI transformation journey and have helped clients do the same. Based on our internal and client experience, here are seven key activities you should consider to reduce risk and better embed GenAI into your cyber risk posture:
When it comes to getting GenAI right, we’ve found people are often the key to success. This is why you should prioritize your people and education strategy.
As you develop your strategy, consider how you can both introduce the topic to your employees and then reinforce the behaviours you want to encourage over time. For example, this might include providing initial training before anyone in your organization can use your GenAI tools, and then offering additional learning opportunities through follow-on activities (e.g. webinars, townhalls, direct communications).
The opportunities presented by GenAI may be exciting, but if your organization has any gaps in your cybersecurity and data environment, embracing GenAI will expose them. Take a proactive approach to defining your GenAI strategy, governance and controls to better position your organization to embrace GenAI successfully while also mitigating potential risks and enabling you to respond effectively should issues arise.
Of course, taking a proactive approach to GenAI shouldn’t stop at the end of your initial transformation journey. With GenAI solutions and tools evolving quick, you’ll need to review and update your approach on a regular basis, continuously monitor for new cyber risks and test your mitigation and response plans to enable your approach to remain sustainable for the long term.
Whether you’re just starting out on your GenAI journey or looking to drive more value from your GenAI approach, the best time to start is now. With a solid foundation, you’ll be ready to take advantage of all GenAI has to offer in the months and years ahead.
Partner, National Cybersecurity Managed Services Leader, PwC Canada
Tel: +1 416 815 5274