Know AI’s evolving role in cybersecurity for SMEs and balancing advanced threat detection with growing risks.
Chase, please tell us about your background and what brought you to your role as Principal Strategist at JumpCloud.
I’ve spent over a decade in the tech industry, in cloud computing and cybersecurity. Over that time, I’ve been able to indulge my passion for all things identity-related and JumpCloud has been a perfect fit. JumpCloud’s mission to simplify and secure IT management for businesses of all sizes— especially for the traditionally overlooked small and medium-sized enterprises (SMEs)—is unique, and I’d argue we’re uniquely good at it. My role is to help shape our product vision to ensure we’re meeting the evolving needs of our customers in an increasingly complex IT landscape.
How is AI currently impacting cybersecurity for small and medium-sized enterprises (SMEs)?
JumpCloud conducts a twice-yearly survey of IT admins (our most recent edition of the survey just came out in July), so we’ve been able to get a real-time pulse on how SMEs are adapting to AI.
The first time we asked about AI six months ago, there was a lot of excitement but also a lot of fear. What we’re seeing now is that while the optimism has faded a little, it’s still pretty strong. Most organizations – 67% – have plans to implement AI initiatives and about the same number of folks have actually developed an AI policy– a great first step toward a robust, intentional approach to AI in the workplace.
As to how AI is impacting cybersecurity for SMEs, it’s both positive and negative. On the positive side, AI-powered tools are enhancing threat detection and response capabilities, allowing SMEs to identify and mitigate potential security risks much more quickly and accurately than before. This is particularly beneficial for SMEs that lack the resources for large security teams. However, AI is also being used by bad actors in more sophisticated attacks. We’re seeing an increase in AI-generated phishing emails and adaptive malware that can evade traditional security measures. This duality around AI won’t be going away anytime soon, so SMEs need to embrace AI while developing protections against it.
Based on your recent survey, what best practices would you recommend for SMEs to enhance their cybersecurity in light of AI developments?
First and foremost, implementing strong identity and access management is crucial. This includes using multi-factor authentication (MFA) and adopting a least-privilege access model. We also found that employee training is more important than ever, given the increasing sophistication of AI-powered phishing attempts. SMEs are also responding by partnering with managed service providers (MSPs) to access expertise and capabilities that might otherwise be out of reach.
The survey highlights a growing reliance on Managed Service Providers (MSPs) for IT management. What implications does this have for cybersecurity?
The increasing reliance is an interesting one. Consider that 76% of SMEs rely on an MSP for at least some functions. SMEs report that better security, productivity, and cost-savings are all key benefits of using an MSP—but—there are also signs that SMEs are starting to expect more from their MSP partners. On one hand, MSPs give SMEs access to more advanced security tools and practices, which can significantly enhance an SME’s security posture. However, this also introduces some risk, as attackers could target MSPs to try to gain access to multiple client networks and we’ve seen examples of this with recent supply chain attacks. So SMEs are understandably a little wary: while 67% of SMEs plan to increase their MSP investment over the next 12 months, 39% are concerned about how MSPs handle security. It’s crucial for SMEs to maintain visibility and control over their IT landscape, even when working with an MSP.
What are the key security considerations that IT departments should keep in mind when working with MSPs?
Clear communication and defined responsibilities are critical. IT departments should ensure there’s a comprehensive understanding of which security tasks are handled by the MSP and which remain in-house. Conduct regular security audits of the MSP’s practices. Data handling and privacy should be clearly outlined in service agreements, with strict protocols for how the MSP accesses and manages sensitive information. It’s also important to have a well-defined incident response plan that outlines how security events will be handled and communicated between the MSP and the client.
IT departments should also maintain oversight and not completely abdicate their security responsibilities because they think their MSP will handle everything. Regularly reviewing logs, access patterns, and security reports from the MSP can help maintain this oversight.
With the increasing variety and number of devices employees use, how can IT teams effectively reduce their attack surface?
The proliferation of devices presents a significant challenge for IT teams. One effective strategy is to implement a robust device management policy that includes enforcing device encryption, regular updates, and the ability to remotely wipe lost or stolen devices. Another is adopting a zero-trust security model which treats all devices, whether company-owned or personal, as potentially compromised and requires authentication for all access attempts.
What SMEs can’t lose sight of is that workers want device flexibility—they want to work on the devices they’re most comfortable and productive with. IT teams need to support a mixed-device environment (Windows, Apple, Linux, Android, etc.)—and more importantly, have a system for securing diverse devices. For smaller IT teams at SMEs, a device management platform that can automate everything from onboarding to permissions to patching is key to avoiding a lot of headaches.
What steps should IT teams take to prepare for future challenges related to device proliferation?
IT teams should stay on top of emerging technologies and their potential security implications. This will help them proactively develop security policies that can accommodate new types of devices without compromising overall security.
Invest in scalable security solutions. And IT teams should focus on identity-centric security that enables device trust across every access transaction. With the increasing diversity of devices, it’s all about securing identities rather than endpoints.
In terms of AI, what changes should organizations, especially SMEs and MSPs, be making to balance its promise with practical realities?
SMEs need to approach AI adoption with a balanced perspective. It’s important to recognize AI’s potential without getting caught up in the hype. For SMEs this would mean starting small with targeted AI implementations in areas where they can see immediate value, like threat detection or log analysis. SMEs should also focus on AI education for IT staff and end users and implement guidelines for how the organization should properly use AI, particularly around data privacy.
How can SMEs leverage AI to improve their cybersecurity posture without compromising on data privacy and security?
By focusing on specific, high-impact areas. For instance, AI-powered threat detection tools can analyze network traffic and system logs to identify potential threats more quickly and accurately than human analysts alone. AI can also be effectively used in user and entity behavior analytics (UEBA) to identify anomalous behavior that might indicate a compromised account or insider threat. This can be done without compromising individual privacy by focusing on patterns rather than specific content.
AI can also make a real dent in phishing detection as AI algorithms can analyze email content and metadata to identify potential phishing attempts more accurately than traditional rule-based systems.
The key is to implement AI solutions that enhance security capabilities without requiring access to sensitive data, and by focusing on behavioral patterns and metadata rather than content.
Looking ahead, what trends do you foresee in the intersection of AI and cybersecurity, and how should SMEs and MSPs adapt to stay ahead?
There is an arms race on both sides to understand and implement AI. With attackers leveraging AI to create more complex and evasive malware, SME teams will need continued investment in AI-powered defense mechanisms.
AI has the potential to help SMEs significantly with their biggest challenges today: managing diverse IT environments, securing a variety of devices, and maintaining strong security practices with limited resources.
This highlights the need for maintaining a core focus around identity and access management practices and ensuring their teams have the skills to evolve their practices alongside AI (or finding an MSP partner who can).
Ultimately, the key to success will be striking the right balance between leveraging AI’s capabilities and maintaining human oversight and decision-making in critical security functions.
Chase Doelling
Principal Strategist at JumpCloud
Chase Doelling is the Principal Strategist at cloud directory platform provider JumpCloud, where he leads the team in creating partnerships that enhance and secure digital identities. He has been working in venture-backed startups across security, integration, and DevOps for the last decade.
