Only 17% of employers have addressed risks with staff
Most organizations are "slow" to respond to the threat of generative AI in workplaces, despite the risks being broad and interconnected, according to a new report from Riskonnect.
In a survey among over 300 risk and compliance professionals worldwide, Riskonnect found that 93% of organizations are already acknowledging the risks associated with using generative AI in the workplace.
According to the respondents, the top generative AI concerns include:
Jim Wetekamp, CEO of Riskonnect, said the rise of generative AI shows how quickly the risk landscape evolves.
"We've officially entered a new generation of risk," Wetekamp said in a statement.
Despite these risks, however, only nine per cent of the respondents said they are prepared to manage the threat.
Another 63% of the respondents said they haven't simulated a worst-case scenario, with only five per cent feeling prepared to assess, manage, and recover from an unpredictable risk event.
And while employees are included among the top concerns of employers surrounding generative AI, only 17% of risk and compliance leaders have formally trained or briefed employees on the risks of using the rapidly developing technology.
"Generative AI is taking off at lightning speed and ushering in a new wave of business risks. Our research shows that most companies have been slow to respond, which creates vulnerabilities across the enterprise," Wetekamp said.
Despite this slow pace, however, organizations are starting to give more attention to risk management amid the growing threat of technology.
More than half (52%) of organizations now have a chief risk officer, according to the report, while 82% are increasing or retaining the headcount for teams dealing with risk management.
Nearly a third (28%) of organizations are also increasing their budgets for risk management technology, the report found.
Wetekamp described the development as "meaningful and positive changes" to how organizations approach risks.
"Today's risk leaders recognise that the threat landscape doesn't sit still. They are planning for worst-case scenarios, prioritising enterprise-wide visibility, and investing in tools to combat the full and interconnected spectrum of risk," he said.