Generative AI and Microsoft CoPilot

In 2023, OpenAI’s GPT platform has become a highly discussed technology. With its vast capacity to learn from large amounts of data, businesses must be cautious of ChatGPT’s potential to leak sensitive information, resulting in data loss and reputational harm.

The primary goal of this assessment is to mitigate the risk of staff members uploading confidential information to the ChatGPT platform. By conducting a business impact assessment, you can identify potential risks and develop effective solutions to address them.

What will you get as part of the assessment?

As part of the assessment, you will get a comprehensive report that includes:

• Scope of data to be protected: We will identify what data should be protected, including user information, intellectual property, sensitive information, and any other data that could potentially harm the organisation’s reputation if it were compromised.
• Risk identification: We will conduct a risk assessment to identify potential risks to your data security through insights into your security appliances and governance standards.
• Solution recommendations: We will provide recommendations for solutions to mitigate the identified risks, such as implementing Microsoft Endpoint data loss prevention (DLP), customising web filter indicators, developing incident response plans, and conducting regular security assessments.

What technologies could you use?

One method could be to block services that use AI models today while more controlled methods become available in the future. Quorum Cyber can provide the technologies to monitor uploads to ChatGPT’s website, OpenAI.com, or even provide blocking or warning notifications as needed. We can also help you customise a web filter that’s part of our Extended Detection and Response (XDR) managed service and warn of potential risks. To scale across both cyber security and data risk, we use machine learning algorithms to identify patterns in the data that indicate a potential risk.

What will you get after the engagement?

After the engagement, you will receive a comprehensive report that includes our findings, recommendations, and a detailed plan for implementing the solutions. You will also have a better understanding of the risks to your data security and the steps you can take to protect it. With the recommended solutions in place, you can ensure the security of your data and protect your reputation.