The Rise of Generative AI: More Enterprise Employees Embracing AI Apps
Enterprises are witnessing a significant surge in the adoption of generative artificial intelligence (AI) applications amongst employees. According to research by cybersecurity firm Netskope, over 10% of enterprise employees now access at least one generative AI app every month, a substantial increase from just 2% last year. The findings, published in Netskope’s annual Cloud & Threat Report, highlight the rapid growth in the use of generative AI apps and the potential security risks associated with it.
In 2023, ChatGPT emerged as the most popular generative AI application, accounting for 7% of enterprise usage. While the overall number of users accessing AI apps is expected to continue rising moderately in the coming year, there is also a growing population of power users who are steadily increasing their usage of generative AI apps. This group of users is likely to significantly enhance their generative AI activity in 2024, as they explore new ways to integrate this technology into their daily workflows.
However, this increased usage of AI apps raises concerns about the exposure of sensitive data, including credentials, personal information, and intellectual property. Ray Canzanese, Threat Research Director at Netskope Threat Labs, emphasizes the importance of implementing reasonable controls and advanced data security capabilities to enable the safe use of AI apps by employees. Organizations must strike a balance between productive use and effective data protection.
Cloud App Adoption Soars: Enterprise Users Experiment with New Apps
The adoption of cloud applications has witnessed a continuous upward trend throughout the year, with enterprise users actively exploring and increasing their usage of both popular and new apps. Netskope’s research found that, on average, enterprise users increased their access to cloud apps by 19% each year. In just two years, the number of different apps accessed by users jumped from 14 to 20.
Notably, half of all enterprise users interact with a range of 11 to 33 cloud apps each month, with the top 1% utilizing over 96 apps. The frequency of interactions with these cloud apps has also increased significantly, from slightly above 1,000 activities per month two years ago to nearly 2,000 per month in the present day. While most enterprise users generate between 600 and 5,000 activities per month, the top 1% generates over 50,000 activities monthly.
This trend underlines the increasing reliance on cloud apps within organizations for a wide array of activities. Consequently, it highlights the importance of effective management and monitoring of cloud app usage, as well as the need for ongoing security measures to protect sensitive data and maintain the integrity of enterprise networks.
Social Engineering Attacks: The Top Cyber Threat in 2023
According to Netskope’s research, social engineering emerged as the most common method used by attackers to gain initial access to enterprise systems in 2023. Social engineering offers adversaries an easier pathway into systems that actively patch known security vulnerabilities or impose limitations on remote access. Phishing was the most widespread social engineering attack, with attackers using fake emails and websites to deceive users into providing their credentials. Trojans, which trick victims into downloading and installing malware, also featured prominently in the attacks.
In 2023, phishing scams were three times more successful than Trojan downloads, with an average of 29 out of every 10,000 enterprise users falling victim to phishing attacks each month. Cloud apps and shopping sites were prime targets throughout the year, while an increase in phishing attacks was also observed in banking portals, social media platforms, and government agencies.
Additionally, the research revealed that, on average, users downloaded 11 trojans per month per 10,000 users. This statistic indicates that a typical organization of that size would have potentially seen 132 trojans downloaded onto their network by users over the course of a year.
Threat Actors and Activity: Criminal and Geopolitical Groups at Forefront
The majority of adversary activity observed targeting Netskope customers in 2023 was motivated by criminal intentions. Geopolitical adversaries were most active, particularly against users based in Asia and Latin America. Russian-based groups emerged as the top criminal adversaries, while Chinese-based groups primarily targeted victims in Asia, especially Singapore.
Adversary groups heavily relied on the use of Cobalt Strike, a popular penetration testing tool, to maintain persistence within compromised systems and deploy various malicious software, including ransomware, infostealers, and wipers. Netskope’s Threat Labs detailed the top 5 adversaries seen during 2023, providing insights into their specific campaigns and activities witnessed firsthand.
As the report highlights, it is essential for organizations to remain vigilant and prepare for adversaries exploiting the growing adoption of cloud apps, especially through social engineering techniques. Understanding the tactics employed by threat actors and implementing adequate security measures can help organizations mitigate risks effectively.
Key Takeaways for Organizations: Fighting Cloud Security Risks in 2024
Netskope puts forth several key recommendations for organizations to address the emerging trends and combat cloud security risks in the coming year:
- Organizations should limit access to apps that serve legitimate business purposes and establish a review and approval process for new apps. Implementing continuous monitoring processes can help identify any misuse or compromise of apps promptly.
- The safe enablement and adoption of AI apps must be a priority for organizations. Identifying permissible apps and deploying appropriate controls will empower users to leverage AI technology to its fullest potential while mitigating associated risks.
- Continuing investments in reducing the risk of social engineering attacks is crucial. This includes comprehensive security awareness training for employees and leveraging anti-phishing technology to detect and prevent phishing attempts.
- Regularly updating security practices and staying aware of new threats and attack vectors is crucial for maintaining robust cloud security defenses. Implementing preventive measures, such as implementing multi-factor authentication, can help organizations bolster their overall security posture.
By following these recommendations, organizations can enhance their cloud security practices and stay ahead of evolving threats in 2024. Maintaining a proactive approach to cybersecurity is essential to safeguard sensitive data and ensure the resilience of enterprise networks.
Analyst comment
Positive news: The Rise of Generative AI: More Enterprise Employees Embracing AI Apps
Short analysis: The increasing adoption of generative AI apps by enterprise employees indicates a growing interest in integrating this technology into daily workflows. While potential security risks exist, the market for generative AI apps is expected to continue rising moderately, with power users significantly enhancing their activity in 2024.
Positive news: Cloud App Adoption Soars: Enterprise Users Experiment with New Apps
Short analysis: The continuous increase in cloud application adoption by enterprise users highlights the reliance on these apps for various activities. Effective management and monitoring, along with ongoing security measures, are crucial to protect sensitive data and maintain network integrity.
Negative news: Social Engineering Attacks: The Top Cyber Threat in 2023
Short analysis: Social engineering, particularly phishing, emerged as the most common method for attackers to gain access to enterprise systems. Organizations need to prioritize security awareness training and anti-phishing technology to mitigate these risks.
Negative news: Threat Actors and Activity: Criminal and Geopolitical Groups at Forefront
Short analysis: Criminal and geopolitical adversaries were active in targeting organizations, with Russian-based groups and Chinese-based groups being prominent. Organizations should remain vigilant and implement security measures to combat growing threats, especially through cloud app exploitation and social engineering techniques.
Neutral news: Key Takeaways for Organizations: Fighting Cloud Security Risks in 2024
Short analysis: The report provides key recommendations for organizations to address emerging trends and combat cloud security risks, such as limiting access to legitimate apps, prioritizing the safe adoption of AI apps, investing in anti-phishing measures, and regularly updating security practices. Following these recommendations will enhance cloud security practices and mitigate evolving threats in 2024.
