Hitachi Application Reliability Centers

Risks and security considerations for organisations starting on Generative AI

This thread has been viewed 12 times
  • 1.  Risks and security considerations for organisations starting on Generative AI

    Posted 08-24-2023 10:22

    Generative AI: "With great power comes great responsibility" 


    In recent years, Generative Artificial Intelligence (AI) technology has emerged as a revolutionary force, transforming industries ranging from art and entertainment to healthcare and finance. This technology, driven by models like OpenAI's GPT or Dall-E, holds immense potential, allowing machines to generate human-like text, images, and even code. 

    However, this "With great power comes great responsibility" and its fair share of challenges, primarily centred around issues of trust, risk, security, and compliance.

    In this blog post, the first of a series we will publish in the upcoming months, we'll delve into the intricacies of managing these aspects when dealing with Generative AI technology.

    • The Promise of Generative AI: Generative AI technology has captivated the world with its ability to create content that closely resembles human creations. From writing creative stories to generating realistic images and assisting in software development, the possibilities seem limitless. This technology has demonstrated potential in automating repetitive tasks, aiding content creators, and even assisting professionals in various domains. Nevertheless, as we harness its capabilities, we must also be mindful of the risks it brings to the table.
    • Building Trust in AI-Generated Content: One of the foremost challenges posed by Generative AI technology is establishing trust in the content it generates. As the lines between human and AI-generated content blur, consumers and users can find it challenging to discern authenticity. This calls for a concerted effort to develop methods that can indicate whether a piece of content was created by a human or AI. Implementing transparency measures, such as watermarks or metadata, can help build confidence in the origins of the content. Additionally, platforms and applications utilising Generative AI should educate users about the technology's capabilities and limitations, fostering a realistic understanding of what to expect. The same should happen in any organisation leveraging Generative AI, where collaborators should be trained on how to keep ethical behaviour, and mitigation of security concerns in mind.
    • Navigating Ethical and Legal Risks: The rapid advancement of Generative AI has led to novel ethical and legal dilemmas. Plagiarism, copyright infringement, and misrepresentation are just a few concerns that arise when AI generates content. Clear guidelines must be established to determine ownership and responsibility. Developers and users of Generative AI technology should respect intellectual property rights and comply with copyright laws. This includes utilising proper attribution and permissions, even when using AI-generated content. Striking a balance between creative freedom and ethical responsibility is crucial for the responsible use of this technology.
    • Continuous Monitoring and Reliability: The technology landscape is ever-changing, and Generative AI is no exception. Enterprises must adopt a proactive stance by continually monitoring the performance and robustness of AI models, identifying potential biases or inaccuracies, and adapting the models accordingly. Regular audits of AI-generated content can help maintain the quality and credibility of the outputs over time. That's where AIOps and frameworks will need to be in place, to make sure that models do not break security concerns neither go out of ethical and legal risks. Here is where AIOps and Reliability Engineering will cross.
    • Mitigating Security Concerns: Security is another vital aspect of Generative AI technology. As AI models become more sophisticated, there's a potential for them to be exploited by malicious actors, the consequences of AI misuse could be dire. To address this, robust security measures must be implemented. This includes scrutinising the sources of training data, ensuring that models are not biased or maliciously trained, and critical to regularly update models to patch vulnerabilities. Collaboration between AI developers, cybersecurity experts, and policymakers is essential to stay ahead of potential security breaches.
    • Establish a culture of responsible AI: Empowering users with knowledge about Generative AI technology is crucial. Educating the public about how AI works, its capabilities, and limitations can go a long way in building trust and reducing risks. Users should make use of AI-generated content, however being cautious when interacting with, especially in sensitive contexts.
    • Make sure that your organisation has a Generative AI policy in place: In enterprise environments, users should be cautious about any piece of data they share with others (including ChatGPT and other AI-powered models or chatbots and API's). A noticeable recent incident is the data leakage caused by Samsung employees who shared sensitive data with ChatGPT. Engineers uploaded confidential source code to the ChatGPT model, in addition to using the service to create meeting notes and summarise business reports containing sensitive work-related information over the generic APIs. This must be fixed by making sure models and APIs used are "internal" to the organisation. To allow a compliant use of generative AI, organisations must set guidelines for generative AI use at work by developing na enterprise security and acceptable use policy that must be known by everyone.
    • Data Quality and Source Authenticity: At the heart of any successful AI initiative lies high-quality data. For Generative AI, ensuring the authenticity and reliability of training data is crucial. Enterprises must carefully curate datasets, incorporating diverse and representative samples to mitigate biases and inaccuracies. Moreover, establishing a process to verify the authenticity of training data sources helps maintain the credibility of AI-generated content. Including datasets used in training models should be incorporated into Data Governance strategy and platforms. This approach builds trust among users and minimizes the potential for misleading or unreliable outputs.
    • Security Protocols and Data Privacy: Security is a paramount concern when incorporating AI technology into an enterprise data strategy. Generative AI models, like any other digital assets, are susceptible to cyberattacks and unauthorised access. Enterprises must implement stringent security protocols to safeguard AI models and the data they handle. This includes encryption, access controls, and continuous monitoring for any suspicious activity. Moreover, compliance with data privacy regulations, such as GDPR or HIPAA, is essential to maintain customer trust and avoid legal repercussions.


    Generative AI technology is a remarkable innovation that promises to reshape industries and enhance human creativity. However, its implementation comes with inherent challenges related to trust, risk, security and compliance. By prioritising transparency, ethical considerations, and robust security measures, we can harness the potential of Generative AI while minimising its potential drawbacks. As technology continues to evolve, an ongoing collaboration between developers, users, and policymakers will be essential to navigate the complex landscape of AI-generated content responsibly. An agile and well-rounded approach to incorporating Generative AI will be essential as organisations embrace this technology-driven future, reach out to discuss.


    A Generative Approach to AI

    Generative Artificial Intelligence Creates Copyright Issues

    Generative AI: What it means for the enterprise and how to get started

    The Rise of Generative AI: What Does This Mean for Enterprise Data Strategy?

    Generative AI Projects Pose Major Cybersecurity Risk to Enterprises


    Miguel Gaspar
    Software Architecture Engineer Principal
    Hitachi Vantara