NOVEMBER 20258GOVERNMENT CIO OUTLOOKGETTING STARTED WITH GENERATIVE AI IN THE PUBLIC SECTORhere has been a lot of hype surrounding generative AI and the potential to improve and streamline functions in public sector operations and services. Public sector organizations have been using different forms of artificial intelligence for years with image recognition, cyber-security tools, license plate readers, predictive analytics, and other functions embedded into SaaS solutions. Generative AI and large language models have evolved from previous generations of artificial intelligence to offer new opportunities to improve efficiencies, synthesize data, speed research, and replace or streamline mundane tasks.Getting started with emerging technologies like generative AI can be a challenge, especially when technology staff and operational users have limited exposure and training to draw from. Generative AI has the potential for significant efficiency increases but organizations need to be mindful of the risks if they want to be successful.RisksThe emergence of ChatGPT and other generative AI solutions has resulted in lessons learned for many organizations. Some did not realize that whatever they input into the prompt became part of the data used by the learning model. Organizations need to be aware of the risks of sharing sensitive data, PII, proprietary content, and data privacy. There are also questions about copyright infringement, inaccurate data, or algorithmic bias that can create liabilities if not managed properly. Even if the appropriate development and guardrails are put into place there are additional risks if a user blindly accepts the output of the model without first validating its accuracy. Generative AI is also creating new cyber security risks both from adversaries using it to streamline attacks and the potential increase in vulnerabilities as new solutions are implemented. PolicyThe best starting point is to develop a comprehensive policy to govern the procurement, operation, security, standards, and maintenance of a generative AI system. The policy development for AI is in the early stages for most organizations but early examples include resources from NIST, various federal agencies, state and local governments, the Gov AI Coalition, academic institutions, and commercial entities to draw from. Some organizations are integrating AI polices into existing IT governance, procurement, security, and privacy polices while others are opting to create a separate policy for AI. There are many considerations including privacy, workforce impact, legal liability, contract language, algorithm design, roles and responsibilities, prohibited use cases, public records, and other areas that will need to be vetted by various TJonathan BehnkeIN MYOPINIONByJonathan Behnke, Chief Information Officer, City of San Diego
< Page 7 | Page 9 >