How Companies Toe the Line Between Innovation and Security For 2024
by Anthony Spiteri, Regional CTO APJ, Veeam
Technology has always been driven by innovation and has accelerated rapidly in the last year, especially when it comes to generative AI, intelligent applications and quantum computing. As we stand on the edge of an increasingly interconnected world, it is important for businesses to stay ahead of trends and be vigilant to challenges.
The Cloud and As-a-Service
For a long time, the cloud has been hailed as the solution for companies looking to reduce IT costs, allowing technology leaders to do away with expensive legacy infrastructure. However, this trend has seen a notable shift as organisations seek to reclaim control by migrating applications from public clouds back to their private infrastructures. With businesses needing various data requirements, ranging from shifting workloads to ensuring on-premises data protection, the demand for solutions offering data flexibility has increased.
While solutions provided by hyperscale cloud providers have always provided cost-effective alternatives, cloud storage costs can quickly add up for organisations not built as digital-first enterprises. Customers are now exploring viable alternatives, particularly via edge computing, to regain control over their workloads.
Amid economic uncertainty, as-a-service models are also predicted to grow, with the shift from capital to operational expenditure reflecting a broader business strategy that focuses on services that provide flexibility and scalability.
Challenges in 2024
Cybersecurity threats remain at the forefront of challenges in 2024. According to the Sophos State of Ransomware 2023 Report, Singapore has the highest rate of ransomware attacks, with 84% of surveyed organizations indicating they fell prey to this type of attack, up from 65% in the previous year. It is a stark reminder of the persistent and evolving nature of cyberattacks, affecting not only companies but also the public at large.
As our world becomes increasingly interconnected, larger and more significant attacks are imminent, emphasising the need for heightened vigilance. To combat this, collaboration between security and infrastructure teams is important to fill the security gap. In our recent Ransomware Trends Report, we found that a majority of organisations in the Asia Pacific & Japan (APJ) region have a risk management program that drives their security roadmap or strategy. That said, only 19% believe their program is working well, with the rest seeking to improve their situation and some do not even have an established program yet.
Beyond the realm of cybersecurity, the adoption of AI and ML technologies, fueled by ongoing hype has brought about concerns about data privacy. Policymakers are responding with increased regulations and controls to ensure responsible AI usage. The unsettling instances of deep fakes, such as the unauthorised use of a celebrity’s likeness in scams, underscore the risks associated with these AI-generated creations.
Tech giant Meta is one company that has capitalised on deepfakes through its “AI experiences,” paying celebrities to use their voice and likeness to create AI bots. The creation of Billie Jenner, the AI alter ego of supermodel Kendall Jenner has led to concerns about the ethical implications and potential for misuse.
Fostering Cyber Resilience
In order to stay ahead of the ever-evolving threats, a comprehensive approach is needed. For businesses, employees are their strongest weapon against attacks. Actively engaging employees in maintaining a secure environment is not merely a best practice but essential. Regular training and upskilling programs can help employees stay current with evolving threats and allow them to recognise phishing emails, flag suspicious links and foster a continuous cycle of education and awareness.
Complementing this approach with AI has become a powerful tool in the battle against cyber threats, particularly ransomware. Beyond its current applications in the backup market, gen AI can be leveraged for data analysis and ransomware detection, picking up small trends or activity that might point to something malicious.
The government has also recognised the threat that cyberattacks pose and we have seen campaigns to push for companies to adopt a holistic cybersecurity strategy, encompassing prevention, backup, and recovery as the base of defence. Initiatives like the launch of the Singapore Cyber Leadership and Alumni Programme, a structured program tailored for participants at various stages of their cybersecurity journey, exemplify the government’s commitment to a robust cybersecurity posture. As organisations navigate the complex cybersecurity landscape, these multifaceted strategies, informed by employee awareness, AI integration, and comprehensive cybersecurity frameworks, are instrumental in fortifying defences and ensuring resilience against the relentless tide of cyber threats.
Conclusion
The importance of education and preparation cannot be overstated. Consistent training, strategy testing, and validation of backup measures are not just checkboxes on a security checklist but are integral components of a robust cybersecurity strategy. Even with these measures in place, organisations must acknowledge the unpredictable nature of cyberattacks, emphasising the need for continuous refinement and adaptation.
The ransom dilemma is a reminder for organisations to avoid situations where paying ransom becomes the only perceived option, and leaders should recognise that it cannot guarantee data recovery.