How companies toe the line between innovation and security

Technology is a powerful tool in driving innovation, notably with last year’s surge in generative AI and the development of intelligent applications.

In this increasingly interconnected world, it remains important for businesses to stay ahead of these evolving trends and be vigilant to challenges, as innovation plays a key role in shaping the technology sector.

Flexibility becomes key for the cloud and as-a-service models

In recent years the cloud has been widely recognised as the best solution for companies looking to reduce IT costs, allowing technology leaders to do away with expensive legacy infrastructure. Recently, there’s been a notable shift back to private infrastructure, as organisations have begun regaining control by migrating certain applications away from public clouds. While the cloud continues to play an important role for businesses, flexibility has become a key consideration with more demanding a tailored response to their data requirements, whether that be shifting workloads or ensuring on-premises data protection.

The balance between public cloud and on-premises optimisation continues to be scrutinised. While solutions provided by hyperscale cloud providers have always provided cost-effective alternatives, cloud storage costs can quickly add up for organisations not built as a digital-first enterprise. Having made the move to the cloud, customers are now exploring alternatives that might make more sense financially, computationally, or in terms of data sovereignty — particularly via edge computing — to regain control over their workloads. To be able to act on these alternatives quickly and cost effectively, data flexibility is again a necessary requirement.

Amid economic uncertainty, there has been a notable increase in as-a-service models, with the shift from capital to operational expenditure reflecting a broader business strategy that focuses on services that provide flexibility and scalability.

Security becomes an AI-fuelled challenge

Cyberthreats continue to be a primary challenge. According to the Sophos State of Ransomware 2023 Report, Singapore has the highest rate of ransomware attacks, with 84% of surveyed organisations indicating they fell prey to this type of attack, up from 65% in the previous year. It is a stark reminder of the persistent and evolving nature of cyberattacks, affecting not only companies but also the public at large.

With our world becoming increasingly interconnected, we are observing a trend towards larger and more significant attacks, coupled with the fact that most businesses are not adequately prepared. In our recent Ransomware Trends Report, we found that a majority of organisations in the Asia-Pacific and Japan region have a risk management program that drives their security roadmap or strategy. That said, only 19% believe their program is working well, with the rest seeking to improve their situation and some do not even have an established program yet.

The adoption of AI and machine learning technologies, fuelled by ongoing hype, has further heightened concerns about security and data privacy. Policy makers are responding with increased regulations and controls to ensure responsible AI usage. The unsettling instances of deepfakes, such as the unauthorised use of a celebrity’s likeness in scams, underscore the risks associated with these AI-generated creations as they increase the effectiveness of phishing attacks and thus entry paths to ransomware.

The way forward continues to be unclear as companies remain divided on what is ethically acceptable. Tech giant Meta, for example, capitalised on deepfakes through its “AI experiences,” paying celebrities to use their voice and likeness to create AI bots. The creation of Billie Jenner, the AI-alter ego of supermodel Kendall Jenner, has led to concerns about the ethical implications and potential for misuse.

Fostering cyber resilience  

To stay ahead of ever-evolving threats, a comprehensive approach is needed. For businesses, employees still remain their strongest weapon against attacks. Actively engaging employees in maintaining a secure environment is not merely a best practice but essential. Regular training and upskilling programs can help employees stay current with evolving threats and allow them to recognise phishing emails, flag suspicious links, and foster a continuous cycle in education and awareness.

Complementing this approach with AI has become a powerful tool in the battle against cyberthreats, particularly for ransomware. Beyond its current applications in the data protection market, generative AI can be leveraged for data analysis and ransomware detection, picking up trends or activity that can point to malicious activity that would otherwise go unnoticed.

Beyond the efforts of individual businesses, however, governments and industry groups have an important role to play. Initiatives like the launch of the Singapore Cyber Leadership and Alumni Programme, a structured program tailored for participants at various stages of their cybersecurity journey, exemplify the government’s commitment to a robust cybersecurity posture.

As organisations navigate the complex cybersecurity landscape, these multifaceted strategies, informed by employee awareness, AI integration, and comprehensive cybersecurity frameworks, are instrumental in fortifying defences and ensuring resilience against the relentless tide of cyberthreats.

Finding a balance moving forward

With these observations, the tech landscape commands a nuanced strategy. Innovation requires businesses to flexibly navigate change and the cloud’s evolution urges a re-evaluation of public and private infrastructure to emphasise tailored flexibility.

However, the shadow of cyberthreats still looms. Larger and more sophisticated attacks render AI integration and employee cybersecurity education imperative. Collaborative efforts underscore the need for multifaceted strategies.

In this landscape, success hinges on adeptly balancing innovation, flexibility, and security – this equilibrium serves as the compass guiding them through the unpredictable terrain of the tech future.