The innovative technology of GenAI tools such as ChatGPT has posed significant risks to an organization’s sensitive data.But what do we really know about this risk? new research Browser Security company LayerX sheds light on the scope and nature of these risks. The report, titled “Uncovering GenAI’s True Data Breach Risks,” provides key insights for data protection stakeholders to enable them to take proactive measures.
The numbers behind ChatGPT risk
The report identified key areas of concern by analyzing the usage of ChatGPT and other generative AI apps among 10,000 employees. One of the alarming findings reveals that 6% of his employees have pasted sensitive data into his GenAI, with 4% doing this dangerous practice on a weekly basis. This repetitive act poses a significant threat of data breach to the organization.
This report looks at the actual extent of GenAI use across enterprise employees, the relative percentage of “paste” actions in this use, the number and frequency of employees pasting sensitive data into GenAI, and the top use of GenAI. Addresses key risk assessment questions, such as which departments , and the types of sensitive data that paste is most likely to expose.
Usage and data breaches are on the rise
One of the surprising findings was a 44% increase in GenAI usage in the last three months alone. Despite this growth, only an average of 19% of employees in organizations are currently using GenAI tools. However, the risks associated with using GenAI are still significant, even at the current level of adoption.
of research It also highlights the prevalence of sensitive data leaks. Of employees using GenAI, 15% engage in data paste, 4% weekly, and 0.7% multiple times a week. This repeated act highlights the urgent need for robust data protection measures to prevent data breaches.
The main types of sensitive data pasted are source code, internal business information, and personally identifiable information (PII). Most of this data was pasted by users in R&D, sales and marketing, and finance.
How reports can be leveraged within your organization
Data protection stakeholders can leverage the insights provided by the report to build effective GenAI data protection plans. In the GenAI era, it is critical to assess the visibility of her GenAI usage patterns within the organization and ensure that existing products can provide the necessary insight and protection. Otherwise, stakeholders should consider adopting a solution that provides continuous monitoring, risk analysis, and real-time governance for all events within a browsing session.
Download the entire study here.
