Business
Unauthorized AI Tools Threaten Business Security and Data Integrity
Businesses face significant risks as employees increasingly turn to unauthorized artificial intelligence (AI) tools, commonly referred to as shadow AI, to enhance productivity. While these AI applications can offer quick solutions, they may inadvertently expose companies to security breaches and data leaks.
More employees are utilizing AI solutions for everyday tasks, often without corporate approval. According to Kareem Sadek, a partner at KPMG in Canada specializing in technology risk, this trend arises from a lag in corporate adoption of new technology. As workers seek convenient and fast responses, they may resort to third-party AI assistants that lack oversight. This reliance on shadow AI poses a substantial threat, as it could lead to the accidental exposure of sensitive internal data.
The growing concern among Canadian businesses, both large and small, is underscored by Robert Falzon, head of engineering at Check Point Software Technologies Ltd.. He stated, “Companies are struggling to make sure that their intellectual property is maintained and they are not leaking sensitive information about their business practices and customers.”
Compounding the issue is the fact that many users are unaware that interactions with chatbots are often stored and used to enhance AI capabilities. This means that an employee might share confidential information, such as financial statements or proprietary research, with an unsanctioned chatbot, inadvertently making that data accessible to unauthorized individuals. Falzon warns, “There’s a chance that the AI might dig back into its resources and training and find that piece of information about your company.”
A report from IBM and the Ponemon Institute revealed that 20 percent of surveyed companies experienced data breaches linked to shadow AI, a figure that is seven percentage points higher than those that encountered breaches involving approved AI tools. The average cost of a data breach in Canada surged to $6.98 million between March 2024 and February 2025, a 10.4 percent increase from the previous year.
To address these vulnerabilities, there is an urgent need for businesses to establish governance frameworks around AI use. Sadek proposed the formation of an AI committee comprising members from various departments, including legal and marketing, to evaluate tools and implement appropriate guidelines. He emphasized that governance failures, rather than technology itself, lead to security breaches.
Implementing a zero-trust policy could also help mitigate risks. This approach involves not trusting devices or applications that are not explicitly approved by the company. Falzon noted that at Check Point, employees are restricted from inputting sensitive research and development data into chatbots, ensuring that risks are communicated and managed effectively.
Creating awareness among employees is crucial for reducing the use of unauthorized AI tools. Sadek suggested conducting hands-on training sessions to educate staff about the risks associated with shadow AI. “It significantly reduces the use or holds the users or employees accountable,” he explained.
Some organizations are responding by developing their own internal chatbots, which can enhance security and protect sensitive data. Sadek highlighted that these solutions can be designed to operate within established security frameworks, providing reassurance to companies concerned about data leaks.
Despite these precautions, internal tools are not foolproof. Researcher Ali Dehghantanha demonstrated this by successfully breaching a Fortune 500 company’s internal chatbot in less than an hour during a cybersecurity audit. He found that the chatbot had access to numerous internal documents and communications, indicating a significant security lapse.
As organizations increasingly rely on AI technology, it is essential to allocate budgets for both the implementation and security of these tools. Dehghantanha advised, “Always consider the total cost of ownership… One part of that cost is how to secure and protect it.”
With the inevitability of AI usage in workplaces, Falzon urged employers to furnish employees with effective tools while ensuring they do not inadvertently create greater risks. “They want to be sure that things like data leakage don’t occur and that they’re not creating a greater risk than the benefit that they offer,” he concluded.
This report highlights the critical balance businesses must strike between leveraging innovative technologies and safeguarding their sensitive information in an increasingly digital landscape.
19 Kashechewan Residents Test Positive for Cryptosporidium
Starlink Cuts Prices and Offers Free Hardware to Canadians
Winnipeg Braces for Deep Freeze with Hope for February Thaw
Gwynne Valley Rural Academy Seeks Career Presenters for Students
Micron Technology Expands AI Focus Amid Record Margins and Risks
Sasso Jewelry Celebrates 30 Years of Engagement Moments in LaSalle
New Gamma Knife Device Revolutionizes Brain Surgery in Winnipeg
Microsoft Partners with Bristol Myers to Enhance Lung Cancer Detection
Chicago Celebrates Jonathan Toews with 4-Minute Ovation on Jets Return
Delta School District Enhances Literacy with New Strategies
Brandon University’s Failed $5 Million Project Sparks Oversight Review
Microsoft Confirms U.S. Law Overrules Canadian Data Sovereignty
Winnipeg Celebrates Culinary Creativity During Le Burger Week 2025
Montreal’s Groupe Marcelle Leads Canadian Cosmetic Industry Growth
Tech Innovator Amandipp Singh Transforms Hiring for Disabled
Dragon Ball: Sparking! Zero Launching on Switch and Switch 2 This November
New SĆIȺNEW̱ SṮEȽIṮḴEȽ Elementary Opens in Langford for 2025/2026 Year
Red River College Launches New Programs to Address Industry Needs
Rocket Lab Reports Strong Q2 2025 Revenue Growth and Future Plans
Google Pixel 10 Pro Fold Specs Unveiled Ahead of Launch
-
Education4 months agoBrandon University’s Failed $5 Million Project Sparks Oversight Review
-
Science5 months agoMicrosoft Confirms U.S. Law Overrules Canadian Data Sovereignty
-
Lifestyle5 months agoWinnipeg Celebrates Culinary Creativity During Le Burger Week 2025
-
Health5 months agoMontreal’s Groupe Marcelle Leads Canadian Cosmetic Industry Growth
-
Science5 months agoTech Innovator Amandipp Singh Transforms Hiring for Disabled
-
Technology5 months agoDragon Ball: Sparking! Zero Launching on Switch and Switch 2 This November
-
Education5 months agoNew SĆIȺNEW̱ SṮEȽIṮḴEȽ Elementary Opens in Langford for 2025/2026 Year
-
Education5 months agoRed River College Launches New Programs to Address Industry Needs
-
Business4 months agoRocket Lab Reports Strong Q2 2025 Revenue Growth and Future Plans
-
Technology5 months agoGoogle Pixel 10 Pro Fold Specs Unveiled Ahead of Launch
-
Top Stories1 month agoCanadiens Eye Elias Pettersson: What It Would Cost to Acquire Him
-
Business2 months agoEngineAI Unveils T800 Humanoid Robot, Setting New Industry Standards
-
Technology3 months agoDiscord Faces Serious Security Breach Affecting Millions
-
Education5 months agoAlberta Teachers’ Strike: Potential Impacts on Students and Families
-
Business5 months agoBNA Brewing to Open New Bowling Alley in Downtown Penticton
-
Science5 months agoChina’s Wukong Spacesuit Sets New Standard for AI in Space
-
Lifestyle3 months agoCanadian Author Secures Funding to Write Book Without Financial Strain
-
Business5 months agoNew Estimates Reveal ChatGPT-5 Energy Use Could Soar
-
Business3 months agoHydro-Québec Espionage Trial Exposes Internal Oversight Failures
-
Business5 months agoDawson City Residents Rally Around Buy Canadian Movement
-
Technology5 months agoFuture Entertainment Launches DDoD with Gameplay Trailer Showcase
-
Top Stories3 months agoPatrik Laine Struggles to Make Impact for Canadiens Early Season
-
Top Stories4 months agoBlue Jays Shift José Berríos to Bullpen Ahead of Playoffs
-
Technology5 months agoWorld of Warcraft Players Buzz Over 19-Quest Bee Challenge