The increasingly common use of artificial intelligence (AI) tools has boosted productivity, but has also been a source of potential security gaps. Ottawa-based cybersecurity firm Field Effect has launched a solution to increase transparency and guard against unsafe use of the technology.

Named AI Detection & Response (AIDR), it opens a window into how an organization’s members are using AI tools and assistants such as ChatGPT, Claude, Copilot and OpenClaw, and sounds the alarm if used for potential security breaches. Companies can create governance controls to manage the use of AI tools.

The product is meant to serve as “the thing in the middle that allows companies to experiment, adopt AI,” while “dramatically” reducing the risks in the adoption, Field Effect’s founder and CEO Matthew Holland said in an interview with TechNX.

Field Effect developed AIDR to address the perils arising from the swift pace of AI adoption, a phenomenon Holland said is “creating the largest cybersecurity crisis in history.”

From discussions he’s had with businesses, Holland has heard about people who cannot answer simple questions regarding AI, such as which tools are running in their network, who is using the technology, where AI is being used, and what those uses are.

“It really points to a big gap and a risk for companies . . . We really wanted to solve that problem,” Holland said.

AIDR an AI watchdog

More and more employees are experimenting with AI tools or automating their work with the technology, Holland said, but this creates vulnerabilities. An example he provided was employees uploading confidential customer data to an agentic AI.

AI tools have been abused for cyberattacks or to discover vulnerabilities in systems, Holland added, further outlining the perils of the technology.

AIDR can address such risks by providing visibility into how and which AI tools are being used in an organization. It can identify unauthorized AI tools and who is using them, understand which data sources or model context protocol servers they are connecting to, and have visibility into the prompts that are being typed into the agentic AI or which files are being uploaded.

Additionally, AIDR can be configured to permit certain AI tools within the organization, decide who gets to use the technology, and which data it can access, Holland said.

“It allows companies to define governance policies around what they’re doing with different applications,” he elaborated. “Anytime AI of any type steps out of line and tries to do something that does not align with those policies, it gets blocked and the business is alerted.”

“Overwhelmingly positive” response to AIDR

To balance privacy and security, Holland said AIDR is not vacuuming confidential data into Field Effect’s system. Field Effect, he continued, leaves the control of customer data to its customers.

Other than reinforcing cybersecurity, AIDR lets organizations optimize their token use, Holland said. The transparency into how tokens are being used by an individual can be examined against their efficiency, helping organizations control their spending on AI.

AIDR is available through Field Effect’s MDR, its cybersecurity platform. So far, Holland is seeing rapid adoption and an “overwhelmingly positive” response to the product announced in early June.

Those reactions include: “This is exactly what we were looking for,” and “This gives us a lot of confidence about the AI we’re adopting.”

The demand for AIDR that Field Effect is witnessing has led the company to plan the product as a separate offering from MDR, Holland said.

AI only bolsters cybersecurity’s case, Holland says

Split off from Holland’s first company Linchpin Labs in 2016, Field Effect is a managed detection and response cybersecurity firm focused on small-to-medium-sized businesses.

Field Effect’s clients include Ottawa accounting firm Welch LLP, Clearwater Seafoods in Nova Scotia, U.S. cybersecurity and compliance firm Sera Brynn, and the Town of St. Marys in Ontario.

Contrary to the fear that AI deeply threatens the fundamentals of cybersecurity companies like Field Effect, exemplified by cases like Anthropic’s Mythos 5 and Fable 5 taken offline due to their claimed adeptness at exploiting software flaws, Holland said AI is cybersecurity’s “biggest opportunity.” The rise of the technology has made the cybersecurity business more relevant than ever, he argues.