Small businesses reimagining their operations using generative AI must ensure they can combat the risks posed by the latest surge of innovation.
Data security, privacy violations, accuracy and bias are among the chief concerns that businesses using GenAI must address if they are to achieve success.
The Dell Technologies 2024 Global Data Protection Index survey found that though 52% of the IT and security leaders questioned believed AI would initially advantage organisations over cybercriminals, 27% believed the reverse. A further 21% thought both would benefit early on.1
As Rob Tomlin, Vice President of Dell’s UK Channel operations says, AI “can be a powerful tool to strengthen organisations’ cyber posture while simultaneously creating new attack vectors and increasing the risk of cyberattacks”.
This is why businesses need a robust AI security strategy.
Awareness
To be effective, AI needs to be embedded into everyday processes and workflows, with all employees aware of the risks involved.
Shadow AI is a serious concern, with workers using public Large Language Models (LLMs) without considering the security implications. They need to understand why sensitive data should not be copied into LLMs ad-hoc, where it may later leak out to anyone with access to the training data or become otherwise compromised.
Every AI solution and model has its own benefits and security trade-offs. Only by understanding these can businesses build robust policies to secure models, identities and data.
IT and security teams also need to train their staff on how AI is making phishing and social engineering attacks more convincing.
In some cases, it’s wiser to run sensitive GenAI workloads on local infrastructure or directly on AI PCs. The new breed of AI PCs can run many operations directly, or provide secure and controllable access to secure AI services such as Microsoft 365 Copilot.
Data security
GenAI has serious implications for data strategy. It creates more vulnerabilities both at the input stage, before data enters the model, and at the output stage, where content is delivered and insights formed.
Encryption, access control and zero trust approaches are necessary to safeguard data at both ends.
What’s more, organisations have more obligations to secure, clean, validate and anonymise personal data before it enters AI systems, and verify the resulting outputs.
Vigilance
Firms running their own AI models face additional risks, including model poisoning – where inaccurate data is deliberately fed into the model – and targeted adversarial attacks. It’s crucial that firms continually monitor their models, track inputs and outputs, and stay vigilant for emerging vulnerabilities.
AI to fight AI
AI poses challenges for security, but also assistance. AI-powered anomaly detection and intrusion prevention tools can harden networks against both human and AI attack.
Automation of Security Information and Event Management (SIEM) systems can prioritise alerts and automate responses, reducing workloads and improving response speeds.
Just as AI can be used to enhance phishing and social engineering attacks, it can also be used to combat them through behavioural analysis.
At the endpoint level, Dell’s new AI PCs and Copilot+ PCs across XPS, Inspiron and Latitude can use their hardware AI acceleration to boost security.
With software support, the Neural Processing Units (NPUs) designed to accelerate AI processes running locally can also work efficiently to run malware scans or check for spam and phishing emails, synthesising threat intelligence and behavioural analysis to spot emerging threats.
What’s more, the Microsoft Pluton crypto-processor found in the Latitude 7455 protects passwords and credentials, identities and encryption keys, making the PC and data harder to access.
AI can be an enabler for cyber-crime, but AI-enhanced security and AI PCs offer business protection.
Find out more about Dell Laptops with Snapdragon X Series Next-Gen AI PC Technology.
1Dell Technologies Global Data Protection Index, October 2023, https://www.delltechnologies.com/asset/en-gb/products/data-protection/industry-market/global-data-protection-index-key-findings.pdf