A guide to evaluating AI vendors: Key questions to mitigate security risks

Abstract

The proliferation of Generative AI (GenAI) marketing claims has thrust businesses into high-stakes decisions amid evolving societal attitudes towards emerging technologies. Exercising caution is paramount, however, given the prevalence of forward-looking assertions by nascent artificial intelligence (AI) vendors regarding future capabilities. This paper advocates for a pragmatic approach, underscoring the significance of tackling immediate safety concerns while manoeuvring through the realm of AI solutions. With insights gleaned from over five decades of AI evolution, the paper highlights the cyclical nature of AI’s allure and underscores the importance of drawing lessons from past cycles. It champions a methodical assessment of risks associated with adopting generative AI solutions, stressing the imperatives of transparency and accountability. A pivotal suggestion is to demand tailored AI solutions from vendors, ensuring that AI frameworks prioritise the welfare of data proprietors. The paper cautions against vendors putting their own interests before those of their clientele, urging readers to pose probing inquiries before committing to AI deployments. Ultimately, the paper endeavours to arm readers with the acumen and tools necessary to navigate the intricacies of AI vendor relationships. By furnishing actionable guidance on recognising and mitigating AI vendor risks, it endeavours to embolden businesses to innovate judiciously in the ever-evolving AI landscape.