In a recent analysis by Snow Software, the unease of IT experts concerning generative artificial intelligence (AI) in Software as a Service (SaaS) platforms was examined. Despite the concerns, a staggering 96% of those surveyed revealed that they remain either ‘confident or very confident’ in their organization’s SaaS security protocols.

Generative AI applications emerged as a significant cause for concern in the domain of SaaS security, with 23% of participants identifying it as their top security worry. The survey further explored the possible reaction of IT professionals if they discovered a SaaS provider utilizing generative AI without prior disclosure. A majority, 57%, conveyed they’d be quite unsettled and would actively seek further clarification from the provider.

A breakdown of security concerns highlighted generative AI applications as the primary issue for 23% of IT experts. This was closely followed by concerns about open-source applications at 19% and file-sharing platforms at 17%. In scenarios where SaaS providers might secretly employ generative AI, over half (57%) of those surveyed would be distressed. Meanwhile, a smaller 36% didn’t see it as a matter of concern, whereas 7% were categorical about discontinuing the services.

Data protection and user privacy emerged as another prominent concern, raised by 40% of the participants. Interestingly, 61% of them also noted their organizations already have robust data governance and security instruments to supervise data interactions with SaaS platforms. In the realm of responsibility for purchasing and overseeing SaaS applications, 65% believed IT asset management (ITAM) or software asset management (SAM) teams were at the helm. Other stakeholders included CIOs or IT leadership (58%), security teams (28%), and procurement or vendor management groups (20%).

In a geographical breakdown, U.S. participants were more inclined to believe ITAM/SAM teams played a pivotal role in addressing SaaS-related concerns, with 43% expressing this view, in contrast to the 34% from the U.K. On the flip side, U.K. participants saw the CIO or senior IT leadership as more accountable, with 40% holding this perspective.