Companies are rapidly adopting artificial intelligence, but many lack awareness of where exactly it is deployed and what risks it brings. Experts at the CYBERSEC EXPO & FORUM 2026 debate argued that organizations should first strengthen cybersecurity, processes, and data management before implementing AI.
According to the report 'Cyberportret polskiego biznesu 2026′ prepared by ESET and DAGMA Bezpieczeństwo IT, only 27 percent of cybersecurity experts declare that their company has a formal policy for using artificial intelligence. Deepfakes, phishing, and automation of cyberattacks are among the fastest-growing threats related to AI.
– If the boss asks where we have AI, it’s a very aware boss. The first step should be an inventory of processes and systems using artificial intelligence – said Gabriela Bar, a legal advisor specializing in new technologies, founder of the Gabriela Bar Law&AI law firm. Prof. Dariusz Szostek, judge of the Constitutional Tribunal, director of the Center for Cyber Science at the University of Silesia, pointed out that the problem starts much earlier. – If the boss asks where AI is, I ask: where was the boss when money was being spent on AI? This is not a technology that appeared yesterday – he stated.
Cyber security first, then AI
Although the discussion revolved around artificial intelligence, participants repeatedly returned to security issues. – First the company’s cybersecurity, then AI. We have Himalayan problems related to the security of ordinary algorithms, supply chains, and IT systems – argued Prof. Szostek. Marcin Kowalski, leader of the artificial intelligence research team at the Institute of Optoelectronics of the Military University of Technology, warned that AI is becoming an increasingly effective tool used by cybercriminals. – We have better and better deepfakes, increasingly personalized phishing attacks, and more effective fraud attempts. Soon it will be very difficult to distinguish real content from generated one – he said.
Business needs must drive AI adoption
Experts unanimously emphasized that implementing artificial intelligence should stem from specific business needs. – Companies often want to use AI but do not know what for. First, one must diagnose processes, costs, and organizational problems, and only then choose tools – said Monika Karwacka, assistant professor, head of the Digital Humanities team at the University of Silesia in Katowice. Examples of successful implementations included classification of correspondence in banks and support for doctors in analyzing diagnostic tests.
The risk of implementing AI for its own sake
Participants also warned against adopting AI solely because it is trendy. – First, you need to know what artificial intelligence is needed for. Implementing AI for the sake of implementation makes no sense – summarized Prof. Dariusz Szostek. The debate made it clear that without a solid foundation in cybersecurity and a clear business strategy, AI investments can lead to more problems than benefits.
Źródło: WNP.PL, Fot. PTWP
