Remote work and GenAI: spanners in the cybersecurity engine?

A hand held up to a screen with the index finger showing a digital fingerprint | Remote work and GenAI

Remote work and GenAI are here to stay. But what does this mean for enterprise cybersecurity?

We all know about the rapid changes brought on by the COVID-19 pandemic. But undoubtedly, the strong response from enterprise tech firms became paramount to making nearly every industry’s overnight transition to remote working productive and successful.

Pre-pandemic, approximately eight percent of workers did their work exclusively remotely, with that number rising to 39 percent in 2022 and projected at 24 percent this year, according to Gallup. But with the rise of hybrid and remote work, cybersecurity has had a harder time catching up with issues such as accessing sensitive data through unsafe Wi-Fi networks, using personal devices for work, weak passwords and unencrypted file sharing all becoming more common in the workplace. 

Reportedly the damage related to cybercrime is projected to reach $10tn annually by 2025, according to data from Cybersecurity Ventures. So does the workforce care about cybersecurity? Maybe, but perhaps not as much as they should care.  

Echoing these challenges brought by the proliferation of remote work, Sarah Armstrong-Smith, chief security advisor at Microsoft for EMEA, says that the pandemic changed everything: “We saw a mass acceleration with cloud adoption and the use of collaboration tools. We saw lots of companies investing in smart technologies. We’re now seeing companies invest in AI and so cybercriminals are going to keep evolving their tactics too, utilizing the latest technologies to bypass security measures.”

As outlined in Microsoft’s latest Cyber Signals report, identity is the new battleground and the number of attacks in this space continues to rise. Here, Microsoft has detected and blocked more than 25.6 billion attempts to hijack enterprise customer accounts by brute-forcing stolen passwords. In addition, the tech giant has blocked over 35.7 billion email threats in a single year thanks to ongoing scanning for malicious content.

For this reason, Armstrong-Smith says that the new world of hybrid work requires even more heightened attention to cybersecurity.

We can’t forget the human impact on cyber

Sarah Armstrong-Smith, MicrosoftWhy wouldn’t they attack you? Often, victims are merely unlucky, not specifically targeted – Sarah Armstrong-Smith, Microsoft

While no particular sector is immune to cyberattacks, Armstrong-Smith says most people naturally have the mindset of “I’m only a small business or a charity. I do nice things. Why would someone attack me?” But this does not diminish the associated risks, the Microsoft chief warns.

“The answer is, why wouldn’t they attack you?” she says. “That’s the reality. Cybercriminals understand the value that can be extracted from a business if they’re able to access its systems and data… Often, victims are merely unlucky, not specifically targeted.

“Organizations need to shift towards human-centric security, by training employees against the evolving tactics of cyberattacks that increasingly focus on social engineering and manipulation,” she tells ERP Today.

Digital working has affected sectors differently

However, as bad actors are threatening the security of organizations, some sectors are becoming savvier than others, with financial service organizations and higher-risk firms being a little ahead of the game and well aware of cybersecurity, implementations and applications, according to Hitesh Bansal, country head UKI and senior partner of cybersecurity and risk services at Wipro

Data from Statista has shown that over 2022, manufacturing was the industry with the highest share of cyberattacks among the leading industries worldwide (24.8 percent), with finance and insurance following with around 19 percent. Professional, business and consumer services ranked third with a share of 14.6 percent.

Hitesh Bansal, WiproOverall cybersecurity maturity, it’s definitely gone up. The threats have become more sophisticated – Hitesh Bansal, Wipro 

With the past three years affecting the retail sector greatly amid the pandemic restrictions, Bansal believes that this industry in particular suddenly had to move to online experiences for clients and embrace the digital way of doing things. However, this greater exposure to cyber risk opened Pandora’s box for some of Wipro’s clients because they were novices in this environment.

As such, he explains that this has definitely built-up the appetite for greater security in some of those sectors: “I think if you look at the overall cybersecurity maturity, it’s definitely gone up. It’s also due to the fact that the attacks – or let’s say the threats – have become more sophisticated.”

How AI benefits both “good” and “bad actors”

The expanding cybersecurity threats are making it ever so crucial for workers to be trained and extra aware of the dangers, especially with AI thrown into the mix.

Sunil Potti, Google CloudGenAI can democratize our own talent on the good side, and talent on the bad side – Sunil Potti, Google Cloud 

As we see more sophisticated technologies encompassing generative AI, tech experts warn that these capabilities can also work to the benefit of bad actors, granting the opportunity for malware to grow as it is generated on demand for attackers with malicious intent. 

Warning about this increasing practice, Sunil Potti, general manager and vice president of cloud security at Google Cloud, said during a recent AI and cybersecurity roundtable attended by ERP Today, that the work of bad actors prior to GenAI was limited because they needed to be experts at what they did. However, “just like GenAI can democratize our own talent on the good side, it can democratize talent on the bad side,” he says, while adding, “the big trend that we have to keep in mind is that suddenly the pyramid of all people that could be attacking could be accelerated by 10x or 100x.”

Paolo Dal Cin, AccentureGenAI can detect well-known attacks based on anomaly detection, unknown patterns or anomalies – Paolo Dal Cin, Accenture 

While agreeing that GenAI can be used to harm business security, Paolo Dal Cin, global lead of Accenture security, said during the virtual roundtable that this doesn’t need to cancel out the benefits of AI since the issue can be approached from a strategic perspective.

GenAI can instead be used to “detect well-known attacks, and, maybe very soon, so-called ‘zero-day attacks’ – attacks that are not yet well known, based on anomaly detection, unknown patterns or anomalies much more quickly”.

While reaching the point of an incident is the culmination of the attack, Dal Cin says that as an added element, AI could be used strategically and assist prior to an attack actually taking place – by “doing malware analysis and sharing all the information we have collected from our environment with a generative AI engine, in order to have a very comprehensive view and understand better what kind of bad actors are attacking us and with what techniques”.

But with the rise of technology innovations, while it may be essential to encourage caution and reduce company risk, it’s equally important not to instill fear, Armstrong-Smith warns, as this poses the threat of “hindering productivity or stopping innovation… Instead, employees should feel empowered to recognize potential threats and take necessary precautions.”

Weighing in on the future of cybersecurity as innovations like AI become commonplace, Potti says that some mistakes are to be expected: “My meta concern with the internet or mobile is that we’re going to screw things up sometime soon…It’s just inevitable. But that shouldn’t take away our ambition and our aspiration to change the world with some groundbreaking technology like GenAI.

“The greater good that we could do with it over the next 20 years far surpasses whatever mere problems. So, I think as long as people keep that in context, it will be alright.”

What does the future of cybersecurity look like?

With remote and hybrid work now piercing a hole in some of the established ways organizations protect themselves, Google Cloud’s Potti tells ERP Today that this fresh task can benefit from a new approach – for instance, seeing the home-based locale of remote working as an edge extension.

 “Just like we have the edge of the data center, then we have an enterprise edge. In the post-COVID world, we are just expanding to say, ‘Hey, is there a way to create a zone called edge on your professional laptop, but through your network, through your Wi-Fi and everything else?’ At least the enterprise portion of it is still managed as a virtual agent,” Potti explains.

At the same time, he says this strategy can be coupled with zero trust browser-based capabilities to create that secure zone whenever you are at home, meaning data leakage is kept at bay.

Going back to artificial intelligence, Microsoft has revealed its AI-powered Security Copilot, currently in preview, with the tool leaning into GenAI capabilities to help detect hidden patterns, harden defenses and respond to incidents faster.

By harnessing “trillions of signals” with machine learning, Microsoft is also invested in a deeper understanding – where the attacks are coming from and the tactics they are using, as its threat intelligence offering actively shares what it learns with the wider industry to boost collective knowledge and fight against cyberattacks. 

In the firm’s effort to help more businesses unsure of their cybersecurity needs stay safe and protected, Armstrong-Smith says: “We need to instill the mindset of cybersecurity as a business enabler – it is crucial to link effective cybersecurity with the overall success and longevity of the business, no matter what is on the horizon.”

What this means for cybersecurity vendors themselves is a reallocation of resources, according to Wipro’s Bansal, who explains that with the advancement of AI, we will see “less emphasis on labor-intensive cybersecurity. It will be more technology-led and more analytics-led, but the decision-making will be assisted. 

“So instead of me grappling with ten screens and trying to figure out what to do, I would have intelligence and simple questions as an analyst assisted by AI to answer and protect my same assets in a very different way.

“Because that’s exactly how bad actors are performing things right now, they use AI and a lot of information on the dark web to attack, probably we’d be using the same but to protect.”

But while all big players in the cybersecurity community are scrambling to anticipate the unforeseeable threats emerging on the horizon, Bansal says this work is an ever-evolving process. 

“That’s something which keeps us on our toes…I think it will never reach a point where we can passively hang our boots and say ‘Yeah, we are okay with cybersecurity, now forget about us’. That’s not gonna happen.”