Brian Sims
Editor
Brian Sims
Editor
DESPITE NEARLY three-quarters (ie 73%) of European organisations reporting that their members of staff use Artificial Intelligence (AI) at work, only 30% provide limited training to employees in tech-related positions, while 40% offer no training at all. That’s according to new research conducted by ISACA.
Issues around AI are not limited to the absence of training in the workplace. Policy on how AI should and shouldn’t be used is also lacking, with only 17% of organisations having a formal and comprehensive AI policy in place.
Aside from lack of training and policies, business and IT professionals are reporting a gap in education around AI. When asked how familiar respondents are with AI, almost three-quarters (74%) were only somewhat familiar or not very familiar at all.
Concerns focused on the use of AI don’t stop there. When asked about generative AI being exploited by bad actors, 61% of respondents were extremely or very worried that this might happen. When comparing data from last year’s survey, the sentiments expressed have not improved.
‘Weaponising’ AI
Chris Dimitriadis, chief global strategy officer at ISACA, explained: “AI is going to continue to come to the fore, in turn helping to shape the way in which the IT and cyber security industries transform and innovate.”
Dimitriadis continued: “AI is being used in two ways. Bad actors are ‘weaponising’ it to develop more sophisticated cyber attacks. In response, it’s being used by cyber professionals to better detect and respond to those threats. If businesses are to realise the benefits of using AI, they need to have the right skills in place in order to be able to identify new threat models, risks and control procedures.”
Upskilling and training
Upskilling and training are in high demand, with 34% of respondents believing they will need to increase their skills and knowledge of AI in the next six months, while just over a quarter (ie 27%) suggest they will need to do so in the next seven months to a year in order to retain their role or otherwise advance their career. In total, an overwhelming 86% of respondents feel that this training will be necessary within the next two years.
Dimitriadis concluded: “As cyber criminals use AI to carry out increasingly sophisticated and targeted attacks, it’s more important than ever for cyber professionals to have formal training and clear company policies on AI in place and that can be followed. Businesses can upskill their teams and keep pace with the evolving threat posed by the rise of AI, protecting their reputation and strengthening customer trust.”
*ISACA is the global professional association that exists to assist individuals and organisations alike in their pursuit of digital trust in a bid to understand the usage, risk and impact of AI
*For more information on how ISACA is addressing the knowledge gap, and to access ISACA resources on AI, visit the website at www.isaca.org/ai