GenAI is a once-in-a-lifetime opportunity for CISOs to be the lead in exponentially transforming the productivity, growth and revenue of their organization. That’s a lot to take in, especially for a role that is traditionally seen throughout the enterprise as focused on security, compliance and risk mitigation.
Yet no leadership role is more prepared for addressing the challenges and the incredible opportunities that GenAI creates. For the CISO that envisions themselves as an enabler of unprecedented growth, this is your moment.
Hype vs. reality
Before we dive in (and in case you are still “on the shelf” about GenAI), let’s look at the hype vs. reality.
GenAI is already pervasive and has done so in record time. The launch of ChatGPT’s app in November 2022 broke all records for downloads hitting 100 million within two months. In June of 2023, ChatGPT had more than 1.6 billion visits. More importantly, it has spawned thousands of applications for everything from coding to creating visual art. Why? Because it is a powerful tool for increasing productivity for individuals and across the enterprise.
How powerful? McKinsey highlights 63 GenAI use cases spanning 16 business functions that could deliver a total value of 2.6 trillion dollars to 4.4 trillion dollars in economic benefits annually when applied across industries.
With eye-popping numbers like these, It should be no surprise it has captured the attention of CEOs everywhere. A recent Accenture “Pulse of Change” survey highlighted that 97 percent of CEOs (out of over 2,300 respondents) believe GenAI will be transformative and a game-changer for their company and industry. Forty-four percent are already making big investments.
And IT leaders agree according to Salesforce’s Annual State of IT report:
- 86 percent of IT leaders expect GenAI to soon play a prominent role in their organizations.
- 57 percent believe GenAI is a “game changer.”
- 67 percent of IT leaders surveyed said they have prioritized GenAI for their business within the next 18 months.
- 33 percent said it was a top priority.
And yet, almost every GenAI program is a nascent program
Since almost everything around GenAI has happened within the last year, most organizations do not yet have a unified strategy and approach to understanding the existing productivity impacts of GenAI. Business leaders are also still learning how to unlock near and long-term opportunities across the organization utilizing these tools and for good reasons.
While CISOs clearly understand the transformative upsides of GenAI, the headwinds for implementation and adoption are real and daunting. Nearly two in three IT Pros (65 percent) in the Salesforce survey said they can’t justify implementing GenAI yet because:
- GenAI will introduce new security threats to their data (71 percent).
- Their employees lack the skills to use it successfully (66 percent).
- GenAI can’t yet integrate with their business’s tech stack (60 percent).
- Their organization lacks a unified data strategy (59 percent).
Furthermore, a recent Heidrick & Struggles survey of CISOs shows nearly half cite artificial intelligence and machine learning as the most significant organizational risk.
While CEOs want to implement GenAI pronto and sustain a competitive advantage, CISOs must ensure it is all done responsibly, securely and in compliance with regulatory best practices.
That doesn’t mean that the CISO doesn’t want to increase company productivity and growth. Security, compliance and risk reduction are part of the job description. That said, they still have a shared pain with the C-suite which is how to accelerate and extract the benefits of GenAI throughout their organization.
This is where the CISO can lead.
So where is the value added beyond security and compliance? Here are a few ideas:
Uncovering areas of opportunity & innovation
By bringing visibility into all sanctioned and unsanctioned GenAI activity across the enterprise, CISOs can benchmark areas of productivity and innovation alongside risky behaviors. They can also uncover areas where GenAI isn’t being applied that could have a positive impact. You can’t manage what can’t be seen and measured. Visibility creates a positive first step and a big win for the enterprise.
Creating a foundational, unified, long-term GenAI framework for success
Since every aspect of the organization will likely leverage GenAI, the CISO can lead the charge in creating a unified strategy for data use, governance, education and data security.
De-commoditize employee education on prompts/data usage
If everyone has the same GenAI tools, the only true differentiator is how well they are used. Visibility provides the opportunity to monitor and measure how GenAI is being leveraged throughout the organization and can highlight areas for improvement. The CISO can create real, significant reporting for Human Resources (HR) and other department leaders on where to enhance training to get the most out of their GenAI applications.
Secure newly created IP in real-time
By its nature, GenAI can create new intellectual property every time it's used.
How you manage and secure that new intellectual property (IP) is critical for the CISO to enable.
Analytics and insights to measure progress and evolve
Creating real-time, ongoing reporting and analytics will help each department and the organization continuously measure success, uncover areas of opportunity and evolve the program to meet and exceed its productivity and growth goals.
Certainly, security and compliance are a priority at every stage. Still, with GenAI we are at a moment in time for the CISO to take the lead on what may be their organization’s most important goal - to out-compete their category, enhance productivity and aggressively grow revenue.
