Shadow puppets?

“Shadow” AI—or to put another way, unauthorised use of AI applications for your employer—is creating scary amounts of risk for organisations, according to a new survey.

Cloud computing providers Nutanix says an annual survey of global IT executives reveals 87% believe shadow IT is creating risk exposure for sensitive data and intellectual property.

“This highlights the need for closer collaboration between IT teams and business stakeholders to ensure AI deployments remain secure, compliant and aligned with organisational goals,” says Nutanix.

IT pros may have to start at the highest level, though. Board Agenda was at an event this week where it was revealed a survey from Diligent, the board portal providers, showed 66% of company directors had uploaded board papers into public and open GenAI models to have them summarised and analysed. That, of course, leaves all the company info floating around in the cloud unprotected. So, really, really secure… and, probably, maybe, education needs to start at the top.

A diverse view of diversity

It will be news to no one that the White House doesn’t like DEI programmes. It called a halt to policies run by federal agencies and their service providers as soon as Donald Trump changed the drapes in the Oval Office.
Ripples have spread out into corporate America, but it doesn’t necessarily mean companies are ending their commitments to diversity. No, some are becoming creative.

An article on the Harvard governance blog from legal eagles at Cleary Gottlieb Steen & Hamilton, says corporate diversity disclosures have “entered a new phase”. Companies “now define diversity more broadly to include diverse skills, background, experiences and viewpoints rather than focusing on protected-class metrics alone.” We see what you’re doing there.

Disclosures at home…

For those of you who missed it last week, the UK government has now published the final form of sustainability standards to be ushered into the cycle of UK corporate disclosures.

The standards are based on those already issued by the International Sustainability Standards Board which, in turn, are largely based on the Taskforce for Climate-related Financial Disclosures, a project headed by none other than Mark Carney, now Canada’s prime minister.

The UK’s standards are ready for voluntary use but there is a consultation under way until 20 March on whether they should be mandatory for some listed companies. Very surprised if that turned out to be a ‘no’. But you never know with the current government’s dislike of rule making.

…and abroad

Some interesting news about sustainability reporting in Europe: 75% of the companies no longer subject to the much-opined-over Corporate Sustainability Reporting Directive (CSRD) will continue to report according to the rules voluntarily.

According to a survey, involving Hamburg University and the Bertelsmann think tank (which, of course, we read in the original German), the bad news is that 59% of companies across the EU may, however, be “deprioritising” sustainability.

Avid followers of EU legal developments will be aware that last year Brussels hurried through a review of CSRD that drastically cut the volume of information required for sustainability reports and reduced the scope of the rules.

It is estimated that, before the review, CSRD would apply to about 50,000 companies; after the review was finalised in December, it is thought to be more like 10,000.

Business prof and sustainability geek Andreas Rasche writes on LinkedIn: “Continued voluntary reporting by companies that reported in the past appears plausible (e.g., given they have systems and routines).

“However, I expect the proportion of descoped firms that newly adopt voluntary reporting to be lower than indicated here.”