AI is dominating the headlines, with reports naming artificial intelligence as the biggest spend for nearly half of top tech businesses across the economy; a signal of just how much the AI boom is spreading. Venky Sundar, Founder and President of Indusface analyses.
However, it’s not only the tech industry utilising this software, and the use of AI across all sectors is at an all time high, with 77% of businesses globally using or exploring AI.
Keen to learn more about the industries using AI the most, Web Security Company, Indusface, gathered insights into UK businesses to determine the sectors most at risk of AI dependence.
Adding to the findings, Venky Sundar, Founder and President of Indusface, shares his insight around the risks of relying too much on AI in the business world:
“Any sectors powered by tech as a key element of their business, from farming to finance are at risk of relying too much on AI. Anything data heavy, requiring analytics to stay relevant (consumer engagement and insights in ecomm and retail, credit and risk rating, and consumer understanding will see faster adoption of AI than other sectors).
The risk though is that POC (proof of concept) should just be used for that purpose. If you go to market with the POC, there could be serious consequences around application security and data privacy. AI could give you code that is vulnerable to attacks, as secure coding practices are rarely followed, and you can bet that most code that AI has been trained on would be vulnerable to attacks.
The other risk is with just using LLMs (large language models) as an input interface for the products. So far, the inputs that you could provide the software with were very limited, as form fields such as text boxes or drop down lists controlled most inputs into the software. But using AI to read and interpret a prompt could actually remove this predictability. This can lead to serious consequences and early risks of these “prompt injections” are being captured by OWASP (the Open Worldwide Application Security Project).
Whilst AI can help businesses conceptualise and build code, AI should still be used as a sidekick, not a dependent, especially for software development. Before companies go to market, we would still recommend following the same best practices of 1) vulnerability scanning 2) penetration testing 3) patching and 4) WAAP implementations to thwart attacks.
Since LLM injections are a threat, the knowledge base used to build productivity use cases, and the knowledge base used to build defence use cases on what’s not acceptable have to be separate sources that need to be trained and updated continuously. There needs to be oversight from human beings, and the people maintaining these datasets have to be diverse so that the data sets are diverse enough.”
Read more exclusives and news in our latest issue here.
Never miss a story… Follow us on:
Security Buyer
@SecurityBuyer
@Secbuyer
Media Contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: [email protected]
