Most businesses have no board-approved policy for using AI in the workplace, survey finds

New regulations shifts cybersecurity accountability to senior managers and boards of directors

Sixty-eight per cent of businesses in Ireland have no board-approved policy for using artificial intelligence (AI) in the workplace, a new survey by the Institute of Directors Ireland has found
Sixty-eight per cent of businesses in Ireland have no board-approved policy for using artificial intelligence (AI) in the workplace, a new survey by the Institute of Directors Ireland has found

Some 68 per cent of businesses in Ireland have no board-approved policy for using artificial intelligence (AI) in the workplace, a new survey by the Institute of Directors Ireland has found.

The survey also found 43 per cent of businesses said they expected cybersecurity to be the biggest challenge over the next 12 months, with 63 per cent of companies discussing the topic regularly at board meetings.

Institute of Directors Ireland chief executive Caroline Spillane said it was important that companies implemented an artificial intelligence policy because it outlined the board’s view on artificial intelligence to the organisation.

The data shows that nearly 84 per cent of businesses do not understand new European Union regulations, known as the NIS2 directive, that are due to be introduced in Ireland shortly.

READ MORE

The National Cyber Security Centre has an online resource where organisations can determine if they fall within the scope of these new regulations, Ms Spillane said. The directive covers industries such as energy, banking, transport and digital infrastructure, among others.

AI expected to be positive influence on business, survey findsOpens in new window ]

The introduction of these new regulations shifts cybersecurity accountability from cybersecurity teams to senior managers and the board of directors. “In cases of severe noncompliance, the board and its directors are going to be held directly responsible,” said Ms Spillane.

Data from the survey showed 41 per cent of directors did not know they were personally liable if their organisation did not comply with the new cyber regulations.

While the majority of businesses asked – 89 per cent – have a security response plan if their organisation is hit with a cyber attack, only 70 per cent of respondents said all staff knew what to do if that happened to their business.

Ms Spillane said that it was the responsibility of company directors to make sure staff had “the necessary skill and knowledge to deal with risks to their organisation”.

Regarding the use of artificial intelligence, respondents were most concerned about the possibility of data being leaked – with 28 per cent highlighting concerns. However, more than a third of respondents said artificial intelligence could be used to improve efficiency in the workplace.

The survey findings were published in advance of the Institute of Directors’s Leading In Governance conference in the Aviva on Thursday.

  • Sign up for the Business Today newsletter and get the latest business news and commentary in your inbox every weekday morning
  • Opt in to Business push alerts and have the best news, analysis and comment delivered directly to your phone
  • Join The Irish Times on WhatsApp and stay up to date
  • Our Inside Business podcast is published weekly – Find the latest episode here