Hyderabad: Reflecting the rise of artificial intelligence at workplaces, a survey report said more than 10% of enterprise employees access at least one generative artificial intelligence (AI) application every month, compared to just 2% a year ago.
Also, users fell for phishing scams three times more frequently than users who downloaded Trojans. Cloud apps and shopping sites were among the top targets throughout the year, while banking portals, social media, and government targets also saw a notable increase.
The findings, published as part of Netskope’s annual Cloud & Threat Report, underscore the rapid growth in generative AI app adoption in the enterprise and also the emerging security risks that come as a result.
In 2023, ChatGPT was the most popular generative AI application, accounting for 7% of enterprise usage. Netskope expects the total number of users accessing AI apps in the enterprise to continue rising moderately next year, there is an emerging population of power users who are steadily growing their use of generative AI apps. The top 25% of users can increase generative AI activity significantly in 2024 as this group finds new ways to integrate the technology into their daily lives.
“With growing AI app usage, employees are more likely to expose sensitive data like credentials, personal information, or intellectual property,” said Ray Canzanese, threat research director, at Netskope Threat Labs.
“For safe enablement of AI apps, organisations must implement reasonable controls and advanced data security capabilities while focusing on how employees can use AI productively.”
The number of cloud apps the enterprise accessed increased by an average of 19% per year, with users jumping from 14 to 20 different apps in two years. Half of all enterprise users interact with between 11 and 33 cloud apps each month, with the top 1% using more than 96 apps per month. Interactions with these cloud apps are increasing at an even faster rate, from just over 1,000 activities per month two years ago to nearly 2,000 activities per month now. Most enterprise users generate between 600 and 5,000 activities per month. The top 1% of users generate more than 50,000 activities per month.
The most common way attackers gained initial access in 2023 was through social engineering like phishing to steal credentials and Trojans to trick victims into downloading and installing malware. Netskope found that the top criminal adversary groups throughout 2023 were based in Russia, and the top geopolitical threat groups were based in China (targeted primarily at victims in Asia, especially Singapore), a release said.
