Business
Unauthorized AI Tools Threaten Business Security and Data Integrity
Businesses face significant risks as employees increasingly turn to unauthorized artificial intelligence (AI) tools, commonly referred to as shadow AI, to enhance productivity. While these AI applications can offer quick solutions, they may inadvertently expose companies to security breaches and data leaks.
More employees are utilizing AI solutions for everyday tasks, often without corporate approval. According to Kareem Sadek, a partner at KPMG in Canada specializing in technology risk, this trend arises from a lag in corporate adoption of new technology. As workers seek convenient and fast responses, they may resort to third-party AI assistants that lack oversight. This reliance on shadow AI poses a substantial threat, as it could lead to the accidental exposure of sensitive internal data.
The growing concern among Canadian businesses, both large and small, is underscored by Robert Falzon, head of engineering at Check Point Software Technologies Ltd.. He stated, “Companies are struggling to make sure that their intellectual property is maintained and they are not leaking sensitive information about their business practices and customers.”
Compounding the issue is the fact that many users are unaware that interactions with chatbots are often stored and used to enhance AI capabilities. This means that an employee might share confidential information, such as financial statements or proprietary research, with an unsanctioned chatbot, inadvertently making that data accessible to unauthorized individuals. Falzon warns, “There’s a chance that the AI might dig back into its resources and training and find that piece of information about your company.”
A report from IBM and the Ponemon Institute revealed that 20 percent of surveyed companies experienced data breaches linked to shadow AI, a figure that is seven percentage points higher than those that encountered breaches involving approved AI tools. The average cost of a data breach in Canada surged to $6.98 million between March 2024 and February 2025, a 10.4 percent increase from the previous year.
To address these vulnerabilities, there is an urgent need for businesses to establish governance frameworks around AI use. Sadek proposed the formation of an AI committee comprising members from various departments, including legal and marketing, to evaluate tools and implement appropriate guidelines. He emphasized that governance failures, rather than technology itself, lead to security breaches.
Implementing a zero-trust policy could also help mitigate risks. This approach involves not trusting devices or applications that are not explicitly approved by the company. Falzon noted that at Check Point, employees are restricted from inputting sensitive research and development data into chatbots, ensuring that risks are communicated and managed effectively.
Creating awareness among employees is crucial for reducing the use of unauthorized AI tools. Sadek suggested conducting hands-on training sessions to educate staff about the risks associated with shadow AI. “It significantly reduces the use or holds the users or employees accountable,” he explained.
Some organizations are responding by developing their own internal chatbots, which can enhance security and protect sensitive data. Sadek highlighted that these solutions can be designed to operate within established security frameworks, providing reassurance to companies concerned about data leaks.
Despite these precautions, internal tools are not foolproof. Researcher Ali Dehghantanha demonstrated this by successfully breaching a Fortune 500 company’s internal chatbot in less than an hour during a cybersecurity audit. He found that the chatbot had access to numerous internal documents and communications, indicating a significant security lapse.
As organizations increasingly rely on AI technology, it is essential to allocate budgets for both the implementation and security of these tools. Dehghantanha advised, “Always consider the total cost of ownership… One part of that cost is how to secure and protect it.”
With the inevitability of AI usage in workplaces, Falzon urged employers to furnish employees with effective tools while ensuring they do not inadvertently create greater risks. “They want to be sure that things like data leakage don’t occur and that they’re not creating a greater risk than the benefit that they offer,” he concluded.
This report highlights the critical balance businesses must strike between leveraging innovative technologies and safeguarding their sensitive information in an increasingly digital landscape.
DeKalb Library Hosts Third Annual Day of the Dead Celebration
MP Integrative Health Wins Global Award for Data-Driven Wellness
Dermatique Laser and Skin Marks 20 Years of Transformative Care
Bamboo Houses Thrive in 7.7 Magnitude Earthquake in Myanmar
Winter Jubilee Lights Up Downtown Abbotsford on November 22
Oswego School District 308 Enhances Security Measures for Safety
Klaviyo Stock Rated “Buy” as AI Innovations Propel Growth
Campbell River Crime Stoppers Recognized with International Award
Study Uncovers Brain’s Ability to Predict Motor Disruptions
Teladoc Health Adjusts 2025 Earnings Outlook After Q3 Results
Winnipeg Celebrates Culinary Creativity During Le Burger Week 2025
Montreal’s Groupe Marcelle Leads Canadian Cosmetic Industry Growth
Microsoft Confirms U.S. Law Overrules Canadian Data Sovereignty
Brandon University’s Failed $5 Million Project Sparks Oversight Review
Tech Innovator Amandipp Singh Transforms Hiring for Disabled
Red River College Launches New Programs to Address Industry Needs
Dragon Ball: Sparking! Zero Launching on Switch and Switch 2 This November
Discord Faces Serious Security Breach Affecting Millions
Google Pixel 10 Pro Fold Specs Unveiled Ahead of Launch
China’s Wukong Spacesuit Sets New Standard for AI in Space
-
Lifestyle2 months agoWinnipeg Celebrates Culinary Creativity During Le Burger Week 2025
-
Health3 months agoMontreal’s Groupe Marcelle Leads Canadian Cosmetic Industry Growth
-
Science2 months agoMicrosoft Confirms U.S. Law Overrules Canadian Data Sovereignty
-
Education2 months agoBrandon University’s Failed $5 Million Project Sparks Oversight Review
-
Science3 months agoTech Innovator Amandipp Singh Transforms Hiring for Disabled
-
Education2 months agoRed River College Launches New Programs to Address Industry Needs
-
Technology2 months agoDragon Ball: Sparking! Zero Launching on Switch and Switch 2 This November
-
Technology3 weeks agoDiscord Faces Serious Security Breach Affecting Millions
-
Technology3 months agoGoogle Pixel 10 Pro Fold Specs Unveiled Ahead of Launch
-
Science2 months agoChina’s Wukong Spacesuit Sets New Standard for AI in Space
-
Technology3 months agoWorld of Warcraft Players Buzz Over 19-Quest Bee Challenge
-
Education2 months agoAlberta Teachers’ Strike: Potential Impacts on Students and Families
-
Business2 months agoRocket Lab Reports Strong Q2 2025 Revenue Growth and Future Plans
-
Business2 months agoDawson City Residents Rally Around Buy Canadian Movement
-
Technology3 weeks agoHuawei MatePad 12X Redefines Tablet Experience for Professionals
-
Business2 months agoNew Estimates Reveal ChatGPT-5 Energy Use Could Soar
-
Technology3 months agoFuture Entertainment Launches DDoD with Gameplay Trailer Showcase
-
Science3 months agoXi Labs Innovates with New AI Operating System Set for 2025 Launch
-
Technology2 months agoInnovative 140W GaN Travel Adapter Combines Power and Convenience
-
Business2 months agoBNA Brewing to Open New Bowling Alley in Downtown Penticton
-
Technology2 months agoGlobal Launch of Ragnarok M: Classic Set for September 3, 2025
-
Technology3 months agoNew IDR01 Smart Ring Offers Advanced Sports Tracking for $169
-
Education2 months agoNew SĆIȺNEW̱ SṮEȽIṮḴEȽ Elementary Opens in Langford for 2025/2026 Year
-
Technology2 months agoArsanesia Unveils Smith’s Chronicles with Steam Page and Trailer