nerdexam
Isaca

AAISM · Question #161

Employees are regularly using open-source generative AI without guidance. What should be the CISO's GREATEST concern?

The correct answer is B. Data leakage. AAISM emphasizes that the primary and most severe risk of uncontrolled generative AI usage is data leakage, including: - confidential data - regulated personal data - intellectual property While hallucinations (A) are harmful, they do not cause direct data loss. Lack of monitorin

AI Security Risk Management

Question

Employees are regularly using open-source generative AI without guidance. What should be the CISO's GREATEST concern?

Options

  • AModel hallucinations
  • BData leakage
  • CLack of monitoring
  • DPolicy violations

How the community answered

(35 responses)
  • A
    20% (7)
  • B
    60% (21)
  • C
    14% (5)
  • D
    6% (2)

Explanation

AAISM emphasizes that the primary and most severe risk of uncontrolled generative AI usage is data leakage, including: - confidential data - regulated personal data - intellectual property While hallucinations (A) are harmful, they do not cause direct data loss. Lack of monitoring (C) is a secondary risk. Policy violations (D) occur because of lack of controls but do not outweigh the impact of leaked sensitive data.

Topics

#Generative AI risks#Data leakage#Employee AI usage#Risk prioritization

Community Discussion

No community discussion yet for this question.

Full AAISM Practice