Published: 09 January 2024
生成式人工智能(GenAI)未来将如何塑造众多业务流程?ChatGPT和大语言模型(LLM)给出了一些早期迹象。安全和风险管理领导者,特别是首席信息安全官(CISO)及其团队,需要确保企业机构构建和使用GenAI的安全性,并把握好GenAI对网络安全的影响。
安全和风险管理市场中,过于乐观的生成式人工智能(GenAI)公告迅速增加,有望推动安全团队大大提高生产率和准确度,但也可能会造成浪费、引发失望。
大语言模型(LLM)等GenAI应用用于商业实验,或不经管理、由员工随意使用,会给个人隐私、敏感数据和企业机构知识产权(IP)带来新的攻击面和风险。
很多企业机构急于利用现有知识产权开发自有GenAI应用,这对AI应用安全提出了新要求。
攻击者会利用GenAI,创建看起来更真实的内容和网络钓鱼诱饵,并大规模假冒他人作恶。攻击者利用GenAI成功实施更为复杂攻击的概率,仍存在不确定性,解决这一问题需要制定更灵活的网络安全路线图。
为应对GenAI对企业机构安全项目的各种影响,首席信息安全官(CISO)及其团队应:
启动“生成式网络安全AI”实验,从安全运营中心(SOC)和应用安全聊天助手开始入手。
与积极关注GenAI的部门(例如法务、合规和业务线)合作,制定用户守则、安排培训和指导。这有助于最大限度地减少未经许可的GenAI使用,并降低隐私和版权被侵犯的风险。
在利用LLM和GenAI开发新的官方应用或使用新的第三方应用时,积极采用AI信任、风险和安全管理(AI TRiSM)框架。
优化针对不可预测威胁暴露情况的评估方法,并衡量控制措施效果的变化,因为恶意行为者是否以及如何运用GenAI是难以预测的。
Clients can log in to view the entire document.
Analysts:
Gartner research, which includes in-depth proprietary studies, peer and industry best practices, trend analysis and quantitative modeling, enables us to offer innovative approaches that can help you drive stronger, more sustainable business performance.
Our independence as a research firm enables our experts to provide unbiased advice you can trust.
Not only is Gartner research unbiased, it also contains key take-aways and recommendations for impactful next steps.
Our research practices and procedures distill large volumes of data into clear, precise recommendations.
We provide actionable, objective insight to help organizations make smarter, faster decisions to stay ahead of disruption and accelerate growth.
We offer one-on-one guidance tailored to your mission-critical priorities.
We work with you to select the best-fit providers and tools, so you avoid the costly repercussions of a poor decision.
Connect directly with peers to discuss common issues and initiatives and accelerate, validate and solidify your strategy.
Gartner clients can log in to access the full library.
Attend a Conference
Experience Information Technology conferences
With exclusive insights from Gartner experts on the latest trends, sessions curated for your role and unmatched peer networking, Gartner conferences help you accelerate your priorities.
Gartner CIO & IT Executive Conference
São Paulo, Brasil
© 2026 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner's prior written permission. It consists of the opinions of Gartner's business and technology insights organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner business and technology insights may address legal and financial issues, Gartner does not provide legal or investment advice and its insights should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its insights are produced independently by its business and technology insights organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity. Gartner publications and other content may not be used as input into or for the training or development of generative artificial intelligence, machine learning, algorithms, software or related technologies.
