A recent report on artificial intelligence security has focused its analysis on advanced users, leaving the rest of the workforce aside. This limited view ignores that AI is being massively implemented in companies without adequate preparation for everyone. Outsourcing responsibility to a few while exposing data from the entire organization is a dangerous contradiction that demands a legal solution.
Mandatory training and audits for the entire organization 🛡️
The solution lies in legally mandating that any AI implementation includes mandatory training and security audits for the entire workforce, not just for experts. An HR employee using an AI assistant to filter resumes must understand the biases and privacy risks, just like a technician training models. Without this foundation, security is a patch over a data leak. The law must cover all levels.
The AI wizard and the rest of the flock 🎩
The current strategy is reminiscent of a magician teaching his signature trick to a single assistant while the audience handles explosives without a manual. Trusting the IT department to control an AI used by a thousand employees is like placing a security guard at the door of a bank with the doors wide open. The joke is that the report considers this an acceptable risk. All that's missing is a sign saying no fingers allowed next to the server.