Samsung employees have leaked sensitive company information to ChatGPT on at least three separate occasions, according to The Economist Korea. All three leaks happened weeks after the tech company decided to lift a ban on the chatbot.
Research suggests this could be a widespread problem. After analyzing ChatGPT usage for 1.6 million workers across different industries, cybersecurity firm Cyberhaven found that 3.1% of employees have put confidential company data into the chatbot since it launched publicly. The risk, according to Cybersecurity Dive, is that ChatGPT could incorporate leaked company information into its learning model and make it accessible to other users.
There are a few different ways organizations can respond to this problem. Some companies, such as Verizon and JPMorgan Chase, have reportedly blocked employees’ access to ChatGPT. That’s the wrong approach, says George Westerman, a senior lecturer at MIT Sloan who researches digital transformation. “If you block it in-house, it’ll just be used out of the house, and then you won't have any idea what's happening there.”
But Westerman cautions that it’s still too early for companies to develop a long-term generative AI policy. Organizations need time to understand the opportunities and challenges presented by this new technology. “That could be a while. Certainly it's not in the next couple weeks or months.”
In the meantime, companies should create short-term guidelines that say, “Here are the dangers that can happen. Here's acceptable, not acceptable,” says Westerman. In a Gartner survey, roughly half of HR leaders said that they are still finalizing guidelines for ChatGPT, according to Bloomberg.
Here are some important considerations to keep in mind while you’re crafting those guidelines:
What is your biggest challenge?
We can help, with Charter Pro research, reporting, and advisory support.
- Access to on-demand advisory from Charter team & experts
- Data-driven research and insights
- Actionable journalism, toolkits, playbooks
- Private roundtable sessions