Next DLP today revealed that nearly three-quarters (73%) of security professionals admit to using SaaS applications that had not been provided by their company’s IT team in the past year. This is despite the fact that they are acutely aware of the risks, with respondents naming data loss (65%), lack of visibility and control (62%), and data breaches (52%) as the top risks of using unauthorized tools. Adding to this, one in ten admitted they were certain their organization had suffered a data breach or data loss as a result.
A survey of more than 250 global security professionals, conducted at RSA Conference 2024 and Infosecurity Europe 2024, also revealed that despite having a laissez-faire attitude towards Shadow SaaS, security professionals have taken a more cautious approach to GenAI usage. Half of the respondents highlighted that AI use had been restricted to certain job functions and roles in their organization, while 16% had banned the technology completely. Adding to this, 46% of organizations have implemented tools and policies to control employees’ use of GenAI.
The research also provided a snapshot of how security professionals view their organization’s training and overall understanding of the risks of Shadow SaaS:
- 40% of security professionals do not think employees properly understand the data security risks associated with Shadow SaaS and AI.
- Yet, they are doing little to combat this risk. Only 37% of security professionals had developed clear policies and consequences for using these tools, with even less (28%) promoting approved alternatives to combat usage.
- Only half had received guidance and updated policies on Shadow SaaS and AI in the past six months, with one in five admitting to never receiving this.
- Additionally, nearly one-fifth of security professionals were unaware of whether their company had updated policies or provided training on these risks, indicating a need for further awareness and education.
For further insights into the survey results, please see the full results report linked here. Or, for more information about Shadow SaaS and AI, and the possible defenses, visit the Next DLP website.
Methodology
The survey of more than 250 global security professionals was conducted at RSA Conference 2024 and Infosecurity Europe 2024. Each respondent was asked the same ten questions surrounding Shadow SaaS and Shadow AI usage within their organization, the implied security risks, and the policies and security tools their company has in place.
Like this:
Like Loading...
Related
This entry was posted on July 9, 2024 at 3:02 pm and is filed under Commentary with tags NextDLP. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Security Pros Admit to Using Unauthorized SaaS and AI (Despite the Risk) – NextDLP
Next DLP today revealed that nearly three-quarters (73%) of security professionals admit to using SaaS applications that had not been provided by their company’s IT team in the past year. This is despite the fact that they are acutely aware of the risks, with respondents naming data loss (65%), lack of visibility and control (62%), and data breaches (52%) as the top risks of using unauthorized tools. Adding to this, one in ten admitted they were certain their organization had suffered a data breach or data loss as a result.
A survey of more than 250 global security professionals, conducted at RSA Conference 2024 and Infosecurity Europe 2024, also revealed that despite having a laissez-faire attitude towards Shadow SaaS, security professionals have taken a more cautious approach to GenAI usage. Half of the respondents highlighted that AI use had been restricted to certain job functions and roles in their organization, while 16% had banned the technology completely. Adding to this, 46% of organizations have implemented tools and policies to control employees’ use of GenAI.
The research also provided a snapshot of how security professionals view their organization’s training and overall understanding of the risks of Shadow SaaS:
For further insights into the survey results, please see the full results report linked here. Or, for more information about Shadow SaaS and AI, and the possible defenses, visit the Next DLP website.
Methodology
The survey of more than 250 global security professionals was conducted at RSA Conference 2024 and Infosecurity Europe 2024. Each respondent was asked the same ten questions surrounding Shadow SaaS and Shadow AI usage within their organization, the implied security risks, and the policies and security tools their company has in place.
Share this:
Like this:
Related
This entry was posted on July 9, 2024 at 3:02 pm and is filed under Commentary with tags NextDLP. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.