A new report highlights the challenges businesses face in balancing robust cybersecurity measures with fostering a productive work environment amid the rise of AI and hybrid work models.
In today’s fast-paced digital environment, enterprises face a balancing act between bolstering cybersecurity measures and fostering an atmosphere of productivity among employees. This challenge has only been exacerbated by the adoption of disruptive technologies such as artificial intelligence (AI), hybrid work models, and an array of unauthorised applications and devices. A recent report by 1Password, a leading provider of enterprise password management solutions, sheds light on the complexities of securing businesses in the age of AI, underscoring the concerns of security professionals and the attitudes of employees towards company security protocols.
1Password’s report, titled “Balancing act: Security and productivity in the age of AI”, draws from a survey of 1,500 North American workers, including 500 IT security professionals. The findings are telling: a staggering 79% of security professionals do not believe their company’s protections are sufficient to ward off the cyber threats that today’s enterprises face. This sentiment is further compounded by the fact that half of the security pros surveyed feel it is almost impossible to strike the right balance between ensuring robust security and maintaining employee productivity.
The advent of generative AI has introduced new dimensions to the existing tension between cybersecurity and productivity. While 92% of security professionals express concerns over the security implications of generative AI—ranging from the risk of employees inadvertently sharing sensitive data, to the potential for AI-enhanced phishing attacks—employees see a valuable tool that can significantly enhance their productivity. Indeed, 57% of employees reported that utilising generative AI tools at work has saved them time and made them more efficient, even though a smaller segment (22%) admitted to flouting company rules regarding the use of such technologies.
This rise in the use of unapproved applications and devices, often termed as ‘shadow IT’, adds another layer of risk. Approximately one-third of employees admit to using an average of five shadow IT tools, each representing a potential vulnerability. Furthermore, a significant portion of the workforce – 17% – never utilise their work-provided devices, opting instead for personal or public computers, a practice that further blurs the lines between security and productivity.
The challenge for IT and security teams is multifaceted. They are not only tasked with safeguarding the organisation in the face of accelerating technological advancements but also with doing so in a manner that does not impede the productivity of their workforce. The report highlights a stark reality: while 69% of security professionals acknowledge that their approach to security is at least partly reactive, the primary reason cited is the feeling of being pulled in too many conflicting directions. Moreover, traditional security measures, such as single sign-on (SSO) tools, are deemed insufficient by the majority of security experts, 69%, who argue that these tools do not comprehensively secure employee identities.
Jeff Shiner, CEO of 1Password, emphasises that the dichotomy between security and productivity is a false one. He advocates for a holistic approach where solutions not only keep employees secure but also support their preferred modes of working. “When you secure your people, you secure your business,” Shiner asserts, underscoring the importance of adaptable and comprehensive security strategies in today’s ever-evolving digital landscape.
As organisations navigate the complexities of modern cybersecurity, the insights from 1Password’s report serve as a critical reminder of the need for a balanced approach that considers both the security imperatives of the enterprise and the productivity needs of its workforce. The adoption of generative AI and other new technologies, while promising in terms of efficiency gains, also necessitates a reevaluation of security strategies to mitigate emerging threats and vulnerabilities.