Written by Anthony Green, CTO, Foxtech Technologies
With ChatGPT and other AI tools embedded in our daily workflows, the biggest cyber risk in your firm might not be a hacker; it is more likely a well-intended employee.
If you’re using the free version of an AI tool, like ChatGPT, anything you enter is almost certainly being used to train future versions of that product. That means a seemingly innocuous request like “Summarise this spreadsheet of client complaints” could result in confidential data becoming part of a public model. It’s a new frontier of risk, and most firms aren’t prepared.
Your employees are already using AI tools like ChatGPT and Google Gemini. Here’s what that means for your firm’s security—and what you should be doing to protect it.
The Problem: A False Sense of Security Around AI
AI tools are marketed as private assistants, but most free-to-use models aren’t designed with enterprise-grade privacy in mind. When staff use public LLMs to analyse sensitive client data or internal documents, that data can be absorbed into the tool’s broader training set – and resurface unpredictably in the future.
Here are some real-world examples of how LLMs create security risks and liabilities in a work context:
- Confidential data leaks: An HR assistant uploads a grievance spreadsheet into Microsoft CoPilot, only to discover they were using the consumer version. That data is now part of the public learning model.
- AI-generated hallucinations: A Utah lawyer used ChatGPT to draft a court submission, only to discover the cases it cited were entirely fictional. The result? Sanctions, fines, and a damaged reputation.
- Biased outcomes: An AI tool trained on historical recruitment data eliminates all female applicants for an IT role, exposing the firm to legal action under GDPR for discriminatory practices.
The tools are powerful – but not neutral. Without proper safeguards, they magnify human error, not eliminate it.
About Hampshire Chamber of Commerce
Hampshire Chamber of Commerce is the independent voice of local business across the county and one of the largest regional business networks in the UK. With a strategic vision to ‘unlock Hampshire’s potential’, Hampshire Chamber brings together the combined influence, strength and expertise of the county’s three former major chambers. It works with over 2,000 individual firms spanning all sectors and sizes of business. Member services include training, advice, international trade documentation, events, networking opportunities and lobbying to policymakers on issues affecting business. Hampshire Chamber’s business network is designed to help any employer to grow and thrive irrespective of their stage on the enterprise journey.

