In cybersecurity, every technological leap introduces a tradeoff between speed and safety. It brings a hidden cost of exposure. The rapid adoption of public large language models (LLMs) follows that same pattern. Just about every major technological company has introduced its own public AI agent, thrilling users with knowledge that is easy to access and an endless database of information to pull from. From major tech giants like Google’s Gemini, to social media models like Grok’s xAI, to the one that seemingly started it all – OpenAI’s ChatGPT – organizations from across industries have agreed that publicly accessible LLMs are the way the future is headed.
These LLMs aren’t just grabbing the attention of at-home users. Companies have experienced a significant rise in employees utilizing public LLMs for their organizational tasks. A study conducted by IBM revealed that 75% of employees use LLMs from outside of their company to assist with their day-to-day tasks. Employees often use these tools to automate repetitive tasks, generate content, analyze data, and support decision-making, all without official oversight or approval.
However, while public LLMs have received a lot of praise for the proverbial AI “gold rush,” these public AI tools have serious flaws. They are easily susceptible to adversarial attacks, and can be used to spread misinformation, as recent exploits of Google’s Gemini and Anthropic’s Claude evidence. IBM recently reported that the use of shadow AI leads to a higher percentage of personally identifiable information (65%) and intellectual property (40%) being compromised compared to the global average (53% and 33% respectively).
In comparison, private LLMs provide much greater control over where organizational information is going, and who has access to it, in addition to higher validity of data. However, executives are turning away from developing private AI tools. Studies from Gartner details that 30% of generative AI projects will be abandoned by organizations by the end of 2025, and 40% of agentic AI projects will be abandoned by 2027, citing poor data quality, inadequate risk controls, escalating costs or unclear business value.
This is a mistake, and one that could prove costly for organizations. Security teams cannot turn away from generative AI or agentic AI projects. Internal investment into AI model development is paramount to producing high-quality data that reflects positive organizational insights, while also preventing data leakages. Full reliance on public large language models puts an organization at risk, and undermines the data privacy of their clients and partners. Public LLMs like DeepSeek or ChatGPT are prone to data breaches, which expose sensitive company information. If that data were to fall into the hands of the highly advanced threat groups terrorizing the modern cyber landscape, organizations could suffer millions in losses, either through ransom payments, exposure of private information, or pullout from investors due to a loss in confidence in the organization.
Along with higher security risk, organizations that rely solely on public models are not getting the most out of their AI. While they do provide robust language capabilities, response accuracy for public LLMs declines for tasks requiring specific business context. The models lack access to proprietary, domain-specific, or up-to-date internal data essential for contextually reliable outputs. Fine-grained, private LLMs provide for much greater organizational control and increase the validity of return since the information and AI can be modeled specifically for the organization’s needs.
The time has come to make a change and take a stand. Organizations must invest resources into developing private LLMs that are tailored specifically to the information or tasks that need to be sorted, analyzed, or managed. While the immediate benefits of this investment are evident, such as organizational-specific information and higher accuracy of produced content, the long-term benefits are just as significant. Investment in private LLMs will see long-term positive returns as the AI is able to handle mundane tasks that human employees no longer must handle, allowing resources to be diverted towards more important organizational projects.
Additionally, organizations must take steps to restrict or eliminate access to public LLMs within the workplace. Public AI models have become a hot target for cyberattacks, whether from external actors or insider threats. Removing or limiting access provides a safeguard for organizations looking to tighten data privacy. This is especially essential for major corporations or government agencies that have access to the private information of thousands of individuals, where a breach of any amount of data could be disastrous for the company and individuals impacted.
Investment into private LLM agents cannot come independently of investing into protection for them. Though not nearly as exposed as information storages for public LLMs, threat actors with motivation and expertise can find their way into any organization and breach sensitive data deposits. Therefore, it’s crucial that companies implement security measures that stand as a firm line of defense against intruders. These measures should work proactively to identify any gaps in an organization’s defenses and notify security teams ahead of time. It’s crucial that these defenses are proactive, rather than reactive, in order to patch any vulnerabilities before adversarial attacks can exploit them.
There is no doubt that public LLM agents will continue to grow in size, ability, and popularity. For individuals looking for a platform that provides quick insights into a wide range of topics, public LLMs are a great resource. However, for organizations that are responsible for the security of massive pools of information, the risks are too great to ignore. Having sensitive company information being added into various public repositories is tempting fate, and practically guaranteeing the information falls into the wrong hands.
Data Governance Sprint
Learn techniques to launch or reinvigorate a data governance program – April 2026.
