The AI Future: Three Tips For SMBs

Uploaded on 2024-04-11 in TECHNOLOGY-Key Areas-Artificial Intelligence, TECHNOLOGY--Resilience, FREE TO VIEW

The coming twelve months may be the most consequential ever in cybersecurity for SMBs. The advent of widespread GenAI tools will empower both legitimate users as well as criminals to do more, faster, and more creatively.

Larger organisations are likely to have their AI principles, sandbox implementations, and be forging ahead with use cases. But for SMBs, there’s a massive need to become proficient in using the best tools, processes, and training to ensure they don’t fall victim to the scale and sophistication of AI-powered fraudsters and thieves.

And that’s leaving aside the worries about falling behind if they don’t adopt AI-driven business processes as fast as competitors.

No matter the type of business, AI and automation will disrupt it. Every organisation has some digital footprint that could be tweaked with automation, or a digital presence to be defended from cybercriminals and incidents. As the government suggests, the risks of data poisoning, hijacking outputs, stealing or corrupting data, money, or processing time, are realistic. But smaller firms face a bigger challenge in coming to grips with and preparing for both the potential risks and rewards of the AI-driven future.

Prepare For The Upsides

Firstly, note that AI will be just like any other technology in having both positive and negative effects that are hard to predict. As a relic of AI’s foretelling in science fiction, the concept has been around for decades, likely contributing to both highly positive and negative expectations.

But AI is already bringing many upsides. Businesses needn’t only focus on the generative AI popularised by ChatGPT and Midjourney, which became the standard bearers for the GenAI explosion into popular culture. AI is also present in other forms, within more constrained business software, quietly supporting tasks like error-correcting, pattern spotting, and forecasting. It’s using the power of data analysis to provide answers to questions, sometimes questions that haven’t been asked, or that teams might not even be able to phrase.

SMBs without a plan to incorporate tools that make use of AI, in any form, should think about what they would do if competitors became an arbitrary percentage more efficient, faster, or more customer focussed by their own adoption.

That’s the reality now, as AI-driven business software finds incremental ways to improve the power of their teams.

Success comes most immediately from finding limited use cases where there’s a proven need for a helping hand. HR may need help sifting through applicant submissions. The tech team may need help managing, triaging, and prioritising infrastructure and SaaS alerts. The sales and marketing teams may be crying out for a helper to organise meetings, transcribe calls, and send leads down the pipeline without requiring laborious typing.

Prepare For The Downsides

Cybersecurity has evolved with the changing nature of malicious threats. AI is helping cybercriminals, too. Small businesses should be alert as much as multi-nationals. This year the news broke that an employee transferred $26m to scammers. They thought it was all signed off by their CFO because they had been on a video call with deepfakes of their colleagues. Today, that is a tactic being employed against large firms. Just as with every trick, once it has been refined, less advanced criminals will be employing it against smaller targets as part of cybercrime-as-a-service attacks.

Strong data security, device, and endpoint security, and more than minimum compliance standards must be employed by every business.

For smaller businesses, knowing staff and customers will become key. Digital identity and access management, liveness detection, and trust management are essential to understand and implement.

There is good news about the bad news. By staying up to date with evolving technology and security trends, and ensuring the business SaaS solutions are current, SMBs should be able to source enterprise-level security. But they must proactively explore the risks and topics involved and train and challenge staff in the correct procedures - and what to do with even the smallest of red flags.

Find expert support and listen to best practices on every aspect of the AI future: technology, people management, training, and right-sized business processes.

A deepfake of the boss might be utterly convincing, but if it’s already been discussed that they never request sensitive data, or money movements, except over a certain app, or without confirming via two methods, staff will stick to safe behaviour.

Prepare For A People-centric Future

It might seem strange to focus on people, but that’s exactly what AI will allow SMBs to do. The right AI use cases will abstract pain points away from customer-facing teams and empower business service roles. This matters more the smaller the business, where every success counts for more than at larger organisations with more hands.

The employee experience will define who will want to work for you. The personalised experience offered to customers will set the business apart. The right creative solution will appeal to the new prospect, unhappy with their current provider. All that rests on empowered people, able to offer the best of themselves because their toil has been removed with automation extending reach and speeding activity. They can give the best of themselves to human tasks, being creative, empathetic, and strategic.

The Future Is Now

SMBs can see the near future more clearly than we could at the dawn of the personal PC age, the mobile age, or the cloud age. The AI age has been well forecast.

The challenge for SMBs now is to: 

  • Grasp the nettle and ensure that their risk and security profiles are well understood and managed before deepfakes, fraud, and novel attacks find them.
  • Grow familiarity and success with defined use cases, building expertise in the business.
  • Make sure the technical is in service to the personal, using AI for defined business purposes, improving every stakeholder experience, and defining what great outcomes look like.

John Mutuski Is Chief Information Security Officer at Pipedrive

Image: CreativaImages

You Might Also Read:

Understanding The Threats & Opportunities Posed By ArtificiaI Intelligence:   

DIRECTORY OF SUPPLIERS - AI Security & Governance:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Mitigating The Growing Insider Risk
City Of Leicester Council Attacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Nimbusec

Nimbusec

Nimbusec scans your website around the clock and informs immediately if it has been hacked or manipulated

Ilex International

Ilex International

Ilex International is a European software vendor which specialises in Identity & Access Management solutions.

Second Nature Security (2NS)

Second Nature Security (2NS)

2NS provide vulnerability assessment, penetration testing, security audit, application and network security and secure software development processes.

BlueID

BlueID

BlueID is an IDaaS technology product which enables your objects to securely connect and interact with your users’ smart phones and smart watches.

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

The Computer Crime and Intellectual Property Section (CCIPS) is responsible for implementing the Department's national strategies in combating computer and intellectual property crimes worldwide.

Taoglas

Taoglas

Taoglas Next Gen IoT Edge software provides a pay as you go platform for customers to connect, manage and maintain their edge devices in an efficient and secure way.

C2SEC

C2SEC

C2Sec provides an innovative analytics platform that assesses and quantifies cyber risks in financial terms based on combining patented big data, AI, and cybersecurity technologies.

eXate

eXate

eXate provides pioneering technology that empowers organisations to protect, control and manage their sensitive data centrally, providing a complete data privacy solution.

CloudSphere

CloudSphere

CloudSphere’s flagship Cloud Governance Platform enables enterprises and cloud service providers to simplify and optimize cloud migration, management, and governance.

Grayshift

Grayshift

Grayshift is the leading provider of mobile device digital forensics, specializing in lawful access and extraction.

Nitrokey

Nitrokey

Nitrokey is the world-leading company in open source security hardware. Nitrokey develops IT security hardware for data encryption, key management and user authentication.

Dig Security

Dig Security

Dig Security offers the first data detection and response (DDR) solution, providing real-time visibility, control and protection of your data assets across any cloud.

Womble Bond Dickinson

Womble Bond Dickinson

Womble Bond Dickinson is a transatlantic law firm, providing high-quality legal experience and outstanding personal service from key locations across the United Kingdom and United States.

Exium

Exium

At Exium we’ve integrated networking and security in a cloud-delivered Zero Trust platform powered by 5G and open source.

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions is an Enterprise Cyber Security Platforms company offering Cyber Security & Technical Education and Compliance & Penetration Testing Services.

Tidelift

Tidelift

Tidelift provides the tools, data, and strategies that help organizations assess risk and improve the health, security, and resilience of the open source used in their applications.