AI, Cybersecurity and privacy: how to protect sensitive data in the age of Generative Artificial Intelligence

The rapid adoption of Generative Artificial Intelligence (Gen AI) in companies is redefining processes, enabling innovations and driving automation. According to a recent study by Bloomberg Intelligence, the growth rate of AI in the next decade should be 42% a year 4 nearly doubling its reach. However, the success of these solutions depends on careful management of the data that feeds these models. This is where cybersecurity comes in, a vital element for protecting privacy and information integrity.

Generative AI goes beyond traditional artificial intelligence models, which only classify or predict behaviors, because it creates new content such as texts, images and codes. This innovation capacity opens new possibilities in several sectors, but requires a careful approach to the use and security of data and this is recognized by people who use technology on a daily basis. According to the research of the Developer Survey 2024 of Stack OverFlow, one of the main challenges (31.5%) of working with AI is not having right policies to mitigate security risks.   

In this sense, the Technical Product Manager John Batista, responsible for the Zup StackSpot AI platform, explains that to mitigate these risks, companies must implement strict security measures, given that cybercrime is increasingly sophisticated and by 2025 can cost 10.5 trillion dollars, according to Cyber Security Almanac. 

“ Ensuring that AI models operate securely and ethically requires a multi-faceted approach that combines robust encryption, effective data governance, strict privacy practices, and strict access controls during model training.If we make a cutout for companies that create technology, having a security-trained AI-driven software development assistant can support the team to ensure that code follows safe coding best practices.This, for example, is a predictive vulnerability identification mechanism. Increasingly, the way is to think of a joint strategy that considers innovation, security, and data protection as an essential tripod for the application of this type of technology.

Regarding the legislation, Henrique Flores, co-founder of Contractor and leader of the development of CK Reader, IA of the startup, explains that while we await legislation to better regulate the use of Generative AI, it is up to technology professionals to ensure the application of good encryption practices, data anonymization and governance policies of t.i. that can ensure the balance of the commercial interests of the parties, transparency in algorithm training mechanisms and ethical use in the manipulation of data”. 

While recognizing that innovating with emerging technologies, such as Generative Artificial Intelligence, is a unique opportunity for transformation, Giovanna Rossi, CPO of Rethink, technology consultancy, design and strategy, reinforces that it cannot be denied that it is accompanied by significant risks, such as the exposure of sensitive information and the possibility of sophisticated cyber attacks. “As responsible for the area of digital products, I see how fundamental it is for leadership to prioritize a strategic approach in the use of AI to mitigate such risks. We have a responsibility to shape this technology in an ethical and safe way, ensuring that its impact is positive and sustainable for all”, says the executive. 

Brazil has a high volume of data circulating on the internet and an accelerated digitization process. Regarding brand protection, Diego Daminelli, CEO of BrandMonitor, a pioneer and expert in combating unfair competition in the digital environment, warns that the Brazilian security infrastructure is still moving slowly, making the country one of the biggest targets of cyberattacks in the world, with a greater sophistication of attacks by criminals. “Safety culture is still a topic little valued by several companies, which do not use AI but outdated technologies, which can leave them vulnerable to attacks and are not able to monitor the digital presence of the brand in its entire range.

The expert gives the example of phishing, grande problema para segmentos como o varejo e prestação de serviços. “Os anúncios são veiculados em plataformas digitais utilizando toda a identidade de uma marca e prometendo descontos impraticáveis. Esse anúncio leva a uma pagina que imita o layout oficial da empresa, mas com um endereço diferente. Nessa página são oferecidos produtos ou serviços com um preço extremamente baixo, induzindo o cliente a compra”, finaliza