Artificial Intelligence & Machine Learning

Report: AI Outpacing Ability to Protect Against Threats

JumpCloud's Greg Keller Says CTOs Fear Data Leakage Through Public LLMs
Report: AI Outpacing Ability to Protect Against Threats
Greg Keller, CTO, JumpCloud

Advances in the availability of AI technologies, persistent security threats, and economic uneasiness dominated boardroom discussions in 2023. In its biannual SME IT Trends Report "State of IT in 2024: The Rise of AI, Economic Uncertainty, and Evolving Threats," JumpCloud detailed how all these trends will impact global small and medium enterprises in 2024.

See Also: Strengthening Your Incident Response: A Case Study of the TFCI

The report found an upward trend in IT budgets and funds being directed toward increasing headcount.

More than 1,200 IT professionals surveyed from across the U.S., U.K., and India widely consider AI positively in some regards - 79% said AI will be a net positive for their organization, and only one-fifth (19%) believe their organizations are moving too slowly with respect to AI initiatives. Globally, organizations are actively planning for AI adoption and only 13% of organizations do not currently have any plans to implement AI initiatives.

Despite IT teams' general positivity toward adopting AI, concerns about its negative impacts are prevalent. Fifty-six percent of IT professionals are more concerned about their organizations' security posture than they were six months ago.

Nearly six in ten IT professionals, or 62%, agree that AI is outpacing their organization’s ability to combat threats and nearly half (45%) said they were concerned about AI’s impact on their jobs.

The top three security threats identified in the report remain consistent with JumpCloud's findings in April 2023. Network attacks topped the list (40%, up from 38% in April 2023), followed by software vulnerability exploits (34%, up from 27% in April 2023), and ransomware (29%, down from 33% in April 2023).

There are "two sides of the coin" when it comes to AI adoption, said Greg Keller, CTO at JumpCloud. Employee productivity and technology stacks being embedded into SaaS solutions are "the new frontier," he said.

"Yet there are universal security concerns. There is fear of commingling or escaping of your data into public sectors. And there is a fear of using one's data on an AI platform. CTOs are concerned about their data leaking through public LLMs," Keller said.

AI's Impact on Identity Management

SME IT Trends survey also shows how quickly AI has impacted identity management and highlights that IT professionals have both hopes and fears in their response to it.

"We're at the tail end of understanding digital transformation. Now, we are beginning the first phase of the identity transformation. These companies have done an amazing amount of work to lift and shift their technology stacks from legacy into the cloud with one exception - overwhelmingly, it's the Microsoft Active Directory problem," Keller said. "That's still on-premises or self-managed. So they're looking at ways to modernize this. We are in the earliest phases of security shifting away from endpoint-based [security]. Now, it's about understanding access control through the identity, and this is the new frontier."

  • Globally, the number of organizations adopting biometrics is increasing. Two-thirds (66%) require the use of biometrics for employee authentication versus 55% in Q2 2023;
  • Passwords are still a big part of organizational security - 83% of organizations globally use password-only authentication for at least some IT resources;
  • Organizations are looking to make passwordless authentication more secure - 83% say they also require employees to use MFA to access all IT resources;
  • Managed service providers (MSPs) continue to be integral to SME IT operations, with a strong focus on providing expertise, user-friendly experiences, and cost-effective solutions. Nearly half (42%) of respondents rely on an MSP for total IT management, a 56% increase from Q2 2023.

Keller said that three-factor authentication will be "absolutely critical" in the "new world of security," including the password, the biometric and the device.

Increase in IT Budget

While there was greater introspection of budgets, IT budgets are increasing due to certain strategies. Overall, IT admins are more optimistic about IT spending than six months ago – 80% expect IT budgets to increase in 2024 versus 63.5% in Q2 2023.

"In our survey, we found that companies in India, the U.K., and the U.S. have upward of 10 independent solutions to manage identity and security access controls. We are witnessing a lot of strategy on consolidation of budgets. Companies are taking a hard look at the types of budgets and tooling that goes on to manage that," Keller said.

  • Admins need five or more tools to manage the employee life cycle, as reported by 37% respondents, and nearly 9% need more than 15 applications.
  • A large majority (75%) continue to prefer a single tool to do their job rather than several point solutions, roughly the same as the 77% in Q2 2023.

Keller said the influx of technology companies that are born in India are now "capitalizing their budgets on headcount growth trends."

"One of the main themes that we uncovered is tooling, the introspection on budget so that budgets can be constrained, and [how] these companies can leverage that for hiring," Keller said.

IT admins face a tall task today: securing employees and their work, wherever it happens, and enabling productivity and growth while managing rising threats, evolving global economic trends, and the growing impact of artificial intelligence.

AI has impacted identity management and highlights that IT professionals have both big hopes and big fears in their response to it.

These factors and others, accelerated by cloud innovation, have transformed the way organizations need to approach identity.

About the Author

Brian Pereira

Brian Pereira

Sr. Director - Editorial, ISMG

Pereira has nearly three decades of journalism experience. He is the former editor of CHIP, InformationWeek and CISO MAG. He has also written for The Times of India and The Indian Express.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.