Singapore – As security becomes a top concern in the digital first world, consumers worldwide have expressed significant concern over the information that companies collect from them, especially when it’s used for artificial intelligence.
This is according to the latest survey from AI-powered security firm Cohesity, noting a majority of respondents (73% in the UK, 81% in the US, and 82% in Australia) criticised companies for collecting too much of their personal or financial data.
According to the firm, 9 out of 10 consumers fear that AI will impact how companies keep customer data secure. With customer expectations for safeguarding sensitive information now increasing, many consumers are ready to switch providers over breaches or loss of trust.
In particular, a significant portion of respondents highlighted unmet expectations for organisations to exercise greater care in safeguarding consumers’ personal information once collected. This was identified by 73% of the respondents in the UK, 86% in the US, and 87% in Australia.
Respondents are also willing to change their preferred seller if they fall victim to a cyberattack and their data is compromised. More than 90% of users in those three countries specifically mentioned they would consider discontinuing business with a company if it fell victim to a cyberattack.
When it comes to the common consumer fears surrounding unregulated AI data collection, findings also found almost all consumers (87% in the UK, 92% in the US, and 93% in Australia) are concerned that AI will make securing and managing their data much more challenging.
Most even go a step further to classify AI as a risk to data protection and security (64% in the UK, 72% in the US, and 83% in Australia).
It was also noted that worsening these fears about AI’s implications for their data include consumers (70% in the UK, 81% in the US, and 83% in Australia) being severely concerned with the unrestricted or unpoliced use of AI with their data. These figures reveal a majority of the respondents demanding greater transparency and regulation.
Furthermore, private users (74% in the UK, 85% in the US, and 88% in Australia) want to be asked for permission before their personal or financial data is fed into AI models.
Meanwhile, the demand for increased transparency extends to the widespread practice of sharing data with third-party providers. More specifically, 79% of those surveyed in the UK, 87% in the US, and 90% in Australia want to know who their data is being shared with.
Most respondents (77% in the UK, 85% in the US, and 90% in Australia) also call for companies to vet third-party providers’ data security and management practices with access to customer data.
As expected, respondents have become highly critical of buying access back to their compromised data, essentially fuelling cybercriminals’ business model with fresh capital. In fact, over half of them (46% in the UK, 75% in the US, and 62% in Australia) had been personally impacted by a cyberattack.
More than half also expressed disagreement with the idea that companies should pay ransoms (56% in the UK, 52% in the US, and 58% in Australia), condemning the common practice of companies buying their way out of ransomware attacks.
Commenting about the report, James Blake, global cyber security strategist at Cohesity, said, “Consumers clearly understand that companies have a lot of catching up to do in the area of data governance and security. The hunger for AI is causing some businesses to skip threat modelling and due diligence on how their data will be exposed.”
He further continued, “Companies looking to use AI in-house must invest in the security and hygiene of their data to maintain cyber resilience in order to satisfy these consumers that are willing to vote with their purchases. Those looking to leverage the AI capabilities of suppliers must adopt a strong and proactive approach to third-party risk.”
“Consumer trust is quickly lost, and competitors are always just a click away, so ensuring AI strategies don’t introduce additional risk to customer data is crucial,” Blake added.
“Paying a ransom rarely results in the recovery of all data. It brings its own logistical challenges and potential criminal liability for paying sanctioned entities – not to mention rewarding criminals. It’s time for companies to really focus on aligning themselves with the best cyber resiliency vendors and end the cycle. This is where Cohesity can help,” he concluded.
