Abstract
Large Language Models (LLMs) such as ChatGPT, Gemini, and Claude are increasingly being integrated into organizational workflows to support communication, coding, knowledge retrieval, customer interaction, and decision-making. Existing Information Systems (IS) research has largely emphasized the productivity and innovation benefits of these technologies (Berente et al., 2021). However, less attention has been devoted to how organizational reliance on LLMs may unintentionally weaken cybersecurity resilience. Unlike traditional enterprise systems that primarily store or process information, LLMs actively participate in organizational cognition by generating recommendations, interpreting information, and influencing employee judgment and decision-making (Berente et al., 2021). As organizations increasingly rely on AI-generated outputs, employees may gradually delegate verification responsibilities to generative systems, reducing the critical scrutiny that traditionally served as an important safeguard against cyber threats. This form of cognitive delegation may weaken employees’ ability to detect suspicious information, recognize manipulation attempts, or critically evaluate potentially harmful outputs, thereby increasing organizational cyber vulnerability. Drawing on Sociotechnical Systems Theory and research on automation bias, this research examines how organizational reliance on LLM-generated outputs may reduce cybersecurity vigilance within AI-mediated work environments. We argue that cybersecurity vulnerability emerges not merely from technical flaws within LLM systems, but from shifts in organizational verification behavior as employees increasingly depend on AI-generated content during communication, coding, analysis, and decision-support activities. The study further argues that these effects depend on organizational conditions such as employee AI literacy, cybersecurity awareness culture, and the presence of human review mechanisms embedded within AI-enabled workflows. This argument aligns with broader IS research suggesting that increasing digital complexity can generate unintended organizational vulnerabilities and cyber risks (Benbya et al., 2020; Shama et al., 2025). This research contributes to IS and cybersecurity literature by shifting attention from the technical capabilities of LLMs to their unintended behavioral and organizational consequences. More broadly, the study reconceptualizes cybersecurity vulnerability in AI-enabled organizations as a sociotechnical problem rooted in the gradual erosion of human verification and cybersecurity vigilance.
Recommended Citation
Shama Guyo, Issack; Mills, Stefan A.; and Xiao, Nan, "When Intelligence Becomes Exposure: The Cybersecurity Implications of Organizational LLM" (2026). AMCIS 2026 TREOs. 176.
https://aisel.aisnet.org/treos_amcis2026/176