As the global pandemic forced companies to move from high-rise buildings to working from home, they’ve turned to SaaS tools to keep their operations running. SaaS companies have always focused on allowing work to happen anywhere with an internet connection, and the COVID-19 breakout has allowed modern software companies to thrive.
However, cybercrime continues to cast its shadow over remote working. According to Cybersecurity Ventures, cybercrime damages by 2021 will cost the world $6 trillion annually, up from $3 trillion in 2015.
While attackers have been targeting SaaS solutions for a while, not much attention has been paid to how the techniques, tools, and procedures differ in SaaS attacks from traditional cyberattacks.
Traditionally, SaaS consumers have used the integrated SaaS security controls provided in each solution, relied on the maturity of the SaaS provider, or turned to a third-party SaaS security solution.
However, more SaaS providers are implementing artificial intelligence (AI) that has been trained to look for irregularities across systems and user activities. These anomalies can be the result of attacker activities that secretly move across an organization’s network or have infiltrated a cloud SaaS environment. Anomaly detection is one of the areas in which AI is extremely valuable in cybersecurity defenses for an organization. It can also be used to examine previous attacks in other environments and organizations and compare parallel characteristics to prevent similar attacks.
Recently, Darktrace — an AI cybersecurity company for threat detection and response across cloud, email, industrial, and the network — caught two threats using AI. The first was an Office365 business email compromise and the second was at Box.com.
"Using machine learning to detect anomalies in behavior offers crucial hope for defenders as SaaS applications define this new era of work," Max Heinemeyer the Director of Threat Hunting at Darktrace shared in a blog post.
Darktrace has observed a significant increase in attacks against SaaS platforms, including file storage, collaborative work, and email solutions.
The takeaway is that AI can play a crucial role in bolstering cybersecurity defenses. While SaaS has proven to be a challenging environment for traditional defense methodologies, cloud SaaS AI-powered cybersecurity tools offer a new level of protection, one that could save trillions of dollars.