How Kyocera’s CISO tackles threat of cyber risk during AI adoption

Greg Griffith, Product Marketing Team Lead at Kyocera Document Solutions South Africa.

---

Andrew Smith, Chief Information Security Officer at Kyocera Document Solutions UK, explored how organisations can unlock the power of AI while managing cyber risk. And in the South African context, Greg Griffith, Product Marketing Team Lead, highlights how these risks are playing out locally, and what Kyocera is doing to help customers stay secure.

“Artificial intelligence brings with it a lot of opportunities, but also a new layer of cyber risk,” says Smith. “For every application in healthcare, education and workplace efficiency, reports of abuse by cyber criminals for phishing campaigns, automating attacks and ransomware have made mainstream news.”

Greg Griffith, Product Marketing Team Lead at Kyocera Document Solutions South Africa, adds that South Africa faces an even steeper challenge. AI-driven phishing and impersonation scams are increasing, but many local organisations aren’t yet equipped to respond. According to Cisco’s 2024 Cybersecurity Readiness Index, only 5% of South African companies are at a ‘mature’ level of cyber readiness, down from 19% the previous year.

“This drop suggests that while digital adoption is growing, our cyber defences aren't keeping pace. That’s why Kyocera’s secure-by-design principles, like device encryption, secure boot and AI-powered threat detection are critical in the local market. We’re not only helping customers secure their infrastructure, we’re helping them catch up and keep up.”

Smith elaborates on how these threats have evolved. "Ten years ago, a phishing e-mail might have included poor grammar or dodgy links,” he says. “Today, AI can be used to impersonate people almost perfectly, with deepfakes copying tone of voice, language and even style. The challenge is that traditional filters may no longer spot what’s malicious.”

“Security isn’t a single tool or product, it’s about layers,” Griffith explains. “Think of it like your home: a locked door, an alarm, a dog and a neighbour keeping watch. At Kyocera, we design devices with security embedded at every level in hardware, software and services. When it comes to early adoption, everyone wants to be the success story of early adoption – no one wants to end up as the relic of a failed trend. So, how do businesses adapt to the new world of AI and tackle the associated risks?

AI has been around for years, but now that it’s becoming mainstream, legal guidelines are finally taking shape. Regulations are evolving quickly, so it’s vital to check what applies to your industry – ideally with legal advice – before investing.

Once you’re clear on what’s allowed, ask where AI can genuinely add value. Could it save time on repetitive tasks or improve customer service? How will it impact data security?

Once you've identified where AI can bring value, the next step is finding a partner that can help you implement it securely and strategically. Don’t add AI for the sake of it. Be clear on the purpose and potential risks – otherwise, you could end up wasting time and money on a project that does more harm than good. This isn’t just about technical know-how, it’s about trust, vision and long-term support.

The partner must understand both the promise and the pitfalls of AI, and be a guide through adoption with care and clarity. From device-level security to document automation and intelligent workflows, Kyocera combines decades of experience in secure information management with a forward-thinking approach to digital transformation.

It is important to work closely to co-create solutions that are right for the environment, the risk profile and the business goals. That means practical advice, real-world experience and a commitment to evolving with you – not just selling to you.

Most cyber breaches start with human error – not bad intent, just a lack of understanding. That’s why educating employees is one of the most effective ways to reduce risk.

This includes safe use of AI tools. Free platforms like ChatGPT may seem harmless, but entering sensitive data can have unintended consequences. Staff should know never to share confidential information with AI tools, no matter how secure they claim to be.

Cyber hygiene should go beyond AI. It includes handling data carefully, spotting and reporting suspicious activity, having a clear response plan and backing up information regularly.

A culture of awareness, backed by training and good practices, is still your best defence against cyber crime. And if something goes wrong, a strong plan helps ensure attackers don’t get the final word.

If you’ve laid the right foundations, your AI tool should now be adding value. But this isn’t a ‘set and forget’ moment. AI must be reviewed regularly to check for risks, refine its impact and ensure it’s doing what it’s meant to do – securely and efficiently.

Ongoing reviews can help spot gaps before criminals do and make sure your investment continues to serve your business, not compromise it.

“AI is being integrated into business tools, often behind the scenes, and in South Africa, that means we have to be vigilant. With limited budgets and skill shortages, organisations need vendors and partners who are thinking ahead.

“Our mission is to help customers embrace digital transformation, without compromising on protection – earning their trust with their documents, data and workflows. Whether we’re deploying a cloud-based print service or an intelligent document capture solution, security is built into every step,” concludes Griffith.