'The question is no longer whether organisations should adopt AI. It's whether they can explain, govern and trust the AI they've already deployed': Many companies deploying AI often end up with much bigger security issues

- 75% have deployed 4+ AI tools in the past six months, 35% have deployed 10+ tools
- This is despite four in five experiencing AI security incidents or vulnerabilities
- Governance and dedicated security budgets could be part of the answer
New DigiCert data has claimed four in five (78%) organizations have either experienced an AI-related security incident or have identified an AI-related vulnerability, despite ongoing AI investments and increased adoption.
Despite uncertainty around security, three-quarters of the companies surveyed have deployed four or more AI tools in the past six months alone, with a third (35%) having deployed more than 10 AI systems in that same period.
With this new data, DigiCert says organizations need to treat AI like any other business system rather than an experimental toy, deeply rooting security into the entire strategy.
AI is causing a security headache for most companies
While discussions are clearly taking place, fixes are slow to roll out. For example, 90% have discussion AI governance at executive or board level, but only 50% have implemented both dedicated AI security budgets and formal AI governance programs.
Following years of pilots, two-thirds (64%) have now started logging AI inventories, implying they're still discovering what AI exists across their business. Currently, nearly half lack centralized visibility into AI systems, and only 53% can fully trace AI outputs back to the underlying models and source data.
"The question is no longer whether organisations should adopt AI. It's whether they can explain, govern and trust the AI they've already deployed," SVP Brian Trzupek explained.
While AI explainability remains pretty consistent, at around half, across multiple regions and countries like the US, the UK and Australia, some sectors see more incidents and vulnerabilities than others. Those include science, technology, banking, telecoms and retail.
Looking ahead, many companies are now trialling giving AI agents their own identities, much like human workers, to improve visibility across autonomous actions. Greater governance and stricter policies to iron out the use of unapproved tools should also help companies address some of the growing security issues as adoption continues to mature.

This is a preview from the original publisher. Continue reading at the source:
Read Full Article on techradar.com →
