The integration of Generative Artificial Intelligence in the field of commerce is revolutionizing established practices but brings a multitude of security risks. The enthusiasm for this innovative technology is accompanied by increased *vigilance* regarding the growing threats. Recent reports warn that the adoption of these tools exposes businesses to concerning data breaches.
Sensitive data, particularly the source code of companies, is compromised, raising questions about security management. The reckless use of these applications by employees intensifies this threat, leading to alarming regulatory violations. The necessity for rigorous and proactive governance is becoming inevitable in this constantly evolving landscape.
The Adoption of Generative Artificial Intelligence in Commerce
The retail sector is marked by significant adoption of generational Artificial Intelligence, with 95% of companies now integrating these applications. This massive adoption represents a spectacular increase compared to the previous year when only 73% of organizations had made the leap. This phenomenon reveals the urgency felt by retailers to avoid falling behind in the market.
The Dangers of Artificial Intelligence
Despite undeniable benefits, the incorporation of these tools exposes businesses to a multitude of risks. The integration of AI increases the attack surface for cybercrime, creating a high potential for leaks of sensitive data. Recent studies conducted by Netskope illustrate this alarming reality by showing policy violations reaching new heights in the sector.
Transition to a More Controlled Approach
The report highlights a shift in mindset within the sector, moving from chaotic adoption to more serious and corporate management. The use of personal accounts for generative AI has dropped dramatically, from 74% to just 36%. Meanwhile, the use of company-approved AI tools has more than doubled, reaching 52% of organizations.
The Popularity of AI Tools
ChatGPT remains the undisputed champion of adoption, used by 81% of companies. However, Google Gemini and Microsoft Copilot have quickly established themselves at 60% and 56%, respectively. The recent decline in ChatGPT’s popularity, coupled with the rise of Microsoft 365 Copilot, suggests a shift in business preferences towards more efficient integrations.
Increased Security Risks
Security-related challenges are exacerbated by the handling of large amounts of sensitive data within these tools. Data policy violations reveal that 47% of issues stem from companies’ source code, followed by regulated data, such as confidential information, at 39%.
Regulations and Bans on Risky Applications
In light of these security challenges, an increasing number of retailers are choosing to ban certain applications deemed too risky. ZeroGPT frequently appears on blacklists due to concerns over user content retention and data redirection to third-party sites.
Enterprise AI Platforms
The growing caution is leading retail companies to turn to more serious enterprise AI platforms offered by major cloud service providers. These solutions allow for greater control, facilitating private hosting of models and development of custom tools. OpenAI via Azure and Amazon Bedrock share the top spot, being used by 16% of enterprises.
Risks of Improper Integration
Despite these solutions, risk persists. Poor configuration could expose a company’s strategic systems to attacks. One study suggests that 63% of organizations connect their infrastructure directly to OpenAI’s APIs, integrating AI deeply into their backend systems and automated workflows.
Malware and Cloud Security Practices
Attacks are growing by exploiting trusted names. Platforms such as Microsoft OneDrive are proving to be common vectors for malware, affecting 11% of retailers each month, while GitHub is involved in 9.7% of attacks. These vulnerabilities are often amplified by the use of personal applications at work.
Data Protection Policies
The uncontrolled use of personal applications contributes to increased data breaches. Social media platforms such as Facebook and LinkedIn are integral to the modern workplace, used by 96% and 94% of companies, respectively. The exposure of regulated data when uploading to unapproved applications accounts for 76% of breaches.
The Urgency of Strict Management
The findings from the Netskope study should prompt industry leaders to act without delay. Complete visibility of all web traffic, the restriction of high-risk applications, and the implementation of strict data protection policies become necessary to avoid potential and disastrous breaches.
Frequently Asked Questions about Generative Artificial Intelligence in Commerce: The Security Costs Hindering Adoption
What are the main security risks associated with the adoption of Generative Artificial Intelligence in the retail sector?
The main risks include exposure of sensitive data such as company source code, as well as vulnerability to cyberattacks due to the large attack surface created by these tools.
How can retail companies protect their data when using Generative Artificial Intelligence?
Companies should implement strict data protection policies, prohibit the use of unapproved applications, and invest in recognized AI platforms that offer greater control over data.
Which Generative Artificial Intelligence applications are most commonly used in the retail sector?
ChatGPT is the most used platform, followed by Google Gemini and Microsoft Copilot tools, which are also popular among companies in the sector.
Why has AI management in companies become so crucial in the retail sector?
With the increasing use of AI, companies need to monitor and control the use of these technologies to avoid data breaches that can have severe legal and financial consequences.
What measures are companies taking to avoid the “shadow AI” phenomenon?
Companies are adopting organization-approved AI tools, thus reducing the use of personal applications and ensuring better compliance with data security.
How does the integration of AI APIs into internal systems of companies represent an additional risk?
The direct integration of AI APIs into internal systems increases complexity and the likelihood of data leaks, especially if a misconfiguration occurs.
What types of data are most often compromised when a company uses Generative Artificial Intelligence?
The most commonly compromised data includes the company’s source code and regulated data, such as confidential customer information.
What role does employee awareness play in mitigating the risks associated with AI in companies?
Employee awareness is essential, as it helps reduce risks related to the use of unapproved services that can lead to significant data breaches.
What best practices should security leaders follow when adopting AI solutions?
They must ensure complete visibility over all web traffic, block high-risk applications, and implement strict data protection policies to control the information that may be shared.
