by Binil Pillai, Doron Bar Shalom and Tal Goldstein*
The cybersecurity threat for small and medium-sized businesses (SMBs) is real: Ransomware attacks increased by almost 300%, with over 50% targeting small businesses, finds a Microsoft study from April 2022.
The economic cost of these attacks is high, with over 60% of SMBs being unable to operate after they’ve experienced a cyberattack. The lack of basic cybersecurity measures increases their risk of cyberattacks, and cyber criminals are drawn to these businesses as easy targets for low-risk, high-reward attacks.
SMBs face challenges in assimilating advanced security solutions in their business due to a lack of skilled staff in-house (more than 60% of SMBs lack these). Therefore, more SMBs rely on managed service providers (MSPs), which, until recently, were primarily focused on supplying IT infrastructure and cybersecurity services.
SMBs are keen to explore the possibilities that generative AI can bring for accelerating their growth beyond what could significantly add value from a cybersecurity perspective. As a branch of artificial intelligence, generative AI enables SMBs to leverage advanced technology to improve operations, enhance customer experiences, and gain a competitive edge in the market.
Increased cyber-risks of generative AI
Generative AI lowers the barriers to entry for threat actors without vast security knowledge and background to carry out a successful attack. These beginners will likely target SMBs as they seem less protected than their large enterprise counterparts. While generative AI offers significant opportunities for SMBs, it also introduces the following new security risks:
-AI-enhanced malware. Generative AI can generate malicious code for automated deployment. Currently, malicious actors have been doing this even without AI; however, with AI, they can do it at a scale that maximizes the impact.
-AI-infused phishing and social engineering. Generative AI can create convincing messages for phishing emails, social engineering attacks and deepfake videos targeting SMBs. Using generative AI, hackers can avoid human errors, and non-native speakers will be able to craft a phishing email with perfect spelling and grammar. Also, the scaling up such attacks with phishing as a service and automated phishing email attack per target pose challenges to the cybersecurity resiliency of SMBs, as traditional defences may struggle to detect and mitigate such novel threats.
-AI-powered fraud. Business Email Compromise (BEC) scams are a type of cyber fraud in which attackers impersonate a trusted individual or organization through email to deceive victims. With generative AI, attackers can create emails that closely mimic the style, tone and vocabulary of the impersonated person or organization, making them increasingly difficult to distinguish from genuine ones.
SMBs are more vulnerable to cyberattacks if they have not taken action to secure their identities, devices and business application, due to a shortage of skilled personnel. Generative AI could exacerbate these vulnerabilities – and as a result, we may see a significant increase in cyberattacks on SMBs in the coming years.
AI-reinforced security
But generative AI can also be crucial in SMB cybersecurity by providing advanced capabilities to detect, analyze and respond to potential threats. Putting aside the risks, generative AI offers an outstanding opportunity to change the balance between attackers and defenders, especially for SMBs that lack resources. By embracing the following benefits, SMBs can harness the power of generative AI to enhance cybersecurity resiliency:
-Anomaly detection. Generative AI can be used as a tool to discover patterns and behaviours of normal network traffic and user activities or system operations within IT infrastructure.
-Rapid monitoring. Generative AI can help a security analyst doing the work to reason over the massive data stores and detect and respond faster.
-Automated response. Generative AI can trigger computerized responses, such as isolating affected systems and blocking suspicious IP addresses. It can also guide the user on taking the right action, using the right tools, and setting up those types of automation, regardless of which technology the customer has implemented.
-Vulnerability assessment and patch management. By simulating potential attack scenarios, generative AI can help prioritize vulnerabilities based on their business impact and recommend effective patch management strategies.
-Faster learning. Generative AI can enhance education and quicker understanding of the people they do have working in IT and security. Generative AI is not doing all the work for them; it is enhancing what they can do with the tool.
A multistakeholder approach to generative AI
The following stakeholders collectively contribute to the growth, innovation and responsible use of generative AI in the SMB landscape:
-Big technology companies. Generative AI is one of the latest influential topics recently, especially with the arrival of platforms such as ChatGPT and Microsoft Security Copilot. Most generative AI products have the potential to enable security with a reactive capability rather than offensive; however, the field’s impact on cybersecurity is likely to be much bigger than what we see today. Big tech companies like Microsoft, Google, and IBM can make significant advancements in the field of generative AI by developing tools and platforms for both research and practical applications.
-Managed Service Provider (MSP). MSPs can enhance their support for customers by leveraging cybersecurity-based AI products. This is especially important as MSPs also face a shortage of skilled personnel in cybersecurity. By utilizing the augmentation and recommendations provided by these AI products, MSPs can customize solutions for each customer using their business data. This approach enables them to provide more effective support and tailored solutions that meet each customer’s unique needs.
-Governments and regulatory bodies. Governments and regulatory bodies worldwide have a crucial role in formulating policies and guidelines embedded into the broader cybersecurity framework. They address ethics, bias and accountability concerns in AI systems. Their involvement helps set a standard for the successful adoption of AI technology.
There are many cyber challenges for SMBs. However, recent developments in generative AI provide a unique opportunity to enhance cybersecurity resiliency.
Development and successful assimilation of advanced generative AI cybersecurity products and services require a holistic and collaborative approach by different stakeholders to impact the fight against cybercrime significantly. The World Economic Forum Partnership against Cybercrime is committed to promoting this necessary collaboration.
*WW SMB Security Leader, Microsoft and Strategic Innovation Principal Program Manager, Microsoft Security Office of the CTO and Head of Strategy, World Economic Forum
**first published in: Weforum.org
By: N. Peter Kramer
