Generative AI: A Double-Edged Sword for Risk Management

Within the past few weeks, AWS has launched new tools that ease and speed generative AI application development, and Auto-GPT made “autonomous” generative AI broadly available. These developments add to and underscore the new, more sophisticated risks to enterprise data quality and security generative AI is already enabling. However, as new announcements from Alphabet’s Google demonstrate, generative AI is also bringing new abilities to risk management efforts.

Generative AI for Criminals: Real, Growing and Evolving

Multiple software and cybersecurity professionals have publicly warned about the potential benefits to hackers and thieves offered by generative AI. Threats range from more effective, authentic-seeming phishing emails to better malware. Some observers argue generative AI isn’t yet very good at these things. However, the amazing pace of evolution and adoption shows no signs of slowing. And every leading enterprise software provider already offers generative AI solutions or product enhancements. As a result, those responsible for protecting enterprise data should expect to have to deal with new risks and threats to that data frequently, rapidly, and indefinitely.

Google’s Cloud Security AI Workbench: Generative AI for Good

Google’s newly announced Cloud Security AI Workbench uses generative AI technologies not to threaten enterprises but to improve their data and cybersecurity protections. The new offering combines Google’s Mandiant cyber-intelligence unit, its Chronicle security operations (SecOps) platform, and its Vertex AI infrastructure with Sec-PaLM, a security-focused AI model. 

Via natural language interactions with humans, the Workbench can analyze suspect code and provide breach alerts. It can also share information based on the vast amount of data Google has generated while protecting its systems and its Google Cloud customers. In addition, data collected by Mandiant about other widely used software products supplements the data leveraged by the Cloud Security AI Workbench.

Google has also made the offering extensible and announced global business consultancy Accenture PLC as its first Cloud Security AI Workbench partner. Accenture and future partners can add significant volumes of relevant data to that used to train the Sec-PaLM model. This will extend the abilities of the Workbench to provide practical actions and guidance to enterprises seeking greater protection of their data and systems.

The same evolutionary forces accelerating the growth of generative AI should benefit the Google Cloud Security AI Workbench and similar follow-on offerings from others. Enterprise risk managers should prepare now to evaluate and compare such offerings, choose those best suited to their business needs, and implement, integrate, and manage them effectively. This will be an interdisciplinary effort involving decision-makers in IT, operations, and other functional areas.

What to Do Now

Know where you are now. Before your enterprise can evaluate risk management solutions powered by generative AI, you need to know about your most significant current risks. Therefore, a thorough assessment must include all current generative AI deployments and requests and prioritize risks based on their threat to critical data and operations.

Focus on your critical data. Your assessments, choices, solutions, and policies must treat data protection as your primary goal. You must ensure current and future actions and solutions maximize the protection of critical enterprise data and personal private information. This is essential to maintain compliance with multiple regulations and privacy protection laws.

Automate everything. The pace of generative AI and other low-code/no-code technologies is accelerating the appearance of new risks and threats. Manual risk assessment and mitigation efforts cannot keep up. You and your colleagues must automate as many of these as possible. 

Keep informed and prepared to pivot. Generative AI and other low-code/no-code technologies are evolving and gaining adoption at breakneck speeds. You and your colleagues must do all you can to keep abreast of developments and new offerings to ensure your protections remain adequate. You must also be prepared to quickly bolster or replace any that are rendered ineffective by future events. You may find automated online news alerts focused on generative AI or low-code/no-code valuable here. 

How Incisive Can Help

At Incisive Software, we’re committed to helping organizations build a strong foundation for success based on accurate and trustworthy data. However, the growing reliance on citizen-developed applications, low-code/no-code and open-source tools, and complex spreadsheets, data errors, and mismanagement risks have become more significant than ever. 

We’re dedicated to providing innovative solutions that empower organizations to reduce their exposure to these risks, improve data quality and enable confident decision-making. Combining automation, modern technologies, and proven practices, our solutions bring greater accuracy, control, and insight to managing an organization’s most complex, critical, and sensitive data resources. 
For more information, a live demo, or a free trial, visit, email [email protected], or call (US) 408-660-3090.


Mitgate Risk. Accelerate Innovation.
Grow Opportunities. With Incisive Software.