The proliferation of AI data, evolving regulatory requirements and risk of large language model (LLM) model collapse will help to drive take up of zero trust approaches to data governance in the next two years, Gartner has claimed.
The analyst firm warned that as books, code repositories, research papers and other sources start to feature more AI-generated content, future LLMs that scrape these sources will effectively be trained on outputs from previous models.
That in turn could hasten a decline in model quality and accuracy, and an increase in hallucinations and bias. In response to the surge in unverified AI data, as many as half of global organizations will turn to zero trust data governance, predicted Gartner.
Regulators will also increase their scrutiny in this area, the analyst claimed.
“As AI-generated content becomes more prevalent, regulatory requirements for verifying ‘AI-free’ data are expected to intensify in certain regions,” said Gartner managing VP, Wan Fui Chan.
“In this evolving regulatory environment, all organizations will need the ability to identify and tag AI-generated data. Success will depend on having the right tools and a workforce skilled in information and knowledge management, as well as metadata management solutions that are essential for data cataloging.”
Read more on zero trust: NIST Publishes New Zero Trust Implementation Guidance.
This is where zero trust approaches to data governance could help.
Chan claimed that authentication and verification measures will soon become “essential to safeguard business and financial outcomes.”
Differentiating on Metadata Management
According to Gartner, global organizations can get ahead of any forthcoming regulation on data governance and carve out competitive advantage by focusing on ways to analyze, alert and automate decision making across data assets.
It suggested the following steps:
- Appoint a dedicated AI governance leader to work closely with data and analytics (D&A) teams on zero trust policies, AI risk management and compliance
- Form cross-functional teams from cybersecurity, data and analytics (D&A) and other parts of the business to carry out data risk assessments. These should help to identify business risks related to AI-generated data and determine which are addressed by existing policies and which will need new ones
- Use existing D&A governance policies and frameworks, and update security, metadata management and ethics-related policies to address new risks from AI-generated data
- Adopt active metadata practices which will alert in real time when data is stale or requires recertification. This will help organizations rapidly spot when business-critical systems might be exposed to inaccurate or biased data