43% of enterprises say their AI and Machine Learning (ML) initiatives matter “more than we thought,” with one in four saying AI and ML should have been their top priority sooner.
50% of enterprises plan to spend more on AI and ML this year, with 20% saying they will be significantly increasing their budgets.
56% of all enterprises rank governance, security and auditability issues as their highest-priority concerns today.
In just over a third of enterprises surveyed (38%), data scientists spend more than 50% of their time on model deployment.
Enterprises accelerated their adoption of AI and machine learning in 2020, concentrating on those initiatives that deliver revenue growth and cost reduction. Consistent with many other surveys of enterprises’ AI and machine learning accelerating projects last year, Algorithmia’s third annual survey, 2021 Enterprise Trends in Machine Learning finds enterprises expanding into a wider range of applications starting with process automation and customer experience. Based on interviews with 403 business leaders and practitioners who have insights into their company’s machine learning efforts, the study represents a random sampling of industries across a spectrum of machine learning maturity levels. Algorithmia chose to limit the survey to only those from enterprises with $100M or more in revenue. Please see page 34 of the study for additional details regarding the methodology.
Key insights from the research include the following:
76% of enterprises prioritize AI and machine learning (ML) over other IT initiatives in 2021. Six in ten (64%) say AI and ML initiatives’ priorities have increased relative to other IT priorities in the last twelve months. Algorithmia’s survey from last summer found that enterprises began doubling down on AI & ML spending last year. The pandemic created a new sense of urgency regarding getting AI and ML projects completed, a key point made by CIOs across the financial services and tech sectors last year during interviews for comparable research studies.
83% of enterprises have increased their budgets for AI and machine learning year-over-year from 2019 to 2020. 20% of enterprises increased their budget by over 50% between 2019 and 2020. According to MMC Ventures’ The State of AI Divergence Study, one in ten enterprises now uses ten or more AI applications with chatbots, process optimization and fraud analysis leading all categories. A recent Salesforce Research report, Enterprise Technology Trends, found that 83% of IT leaders say AI & ML is transforming customer engagement and 69% say it is transforming their business. The following compares year-over-year AI and ML budget changes between FY 2018 – 2019 and FY 2019 – 20.
Improving customer experiences to drive greater revenue growth and automating processes to reduce costs are the two most popular use cases or application areas for AI and ML in enterprises today. It’s noteworthy that seven of the top 20 use cases are customer-centric, nearly half of all use cases tracked in Algorithmia’s survey. 46% of enterprises are using AI & ML to combat fraud, which will most likely grow given the growth and severity of breaches, including the SolarWinds cyberattack. Capgemini’s recent study of AI adoption in cybersecurity found network, data and endpoint security are the three leading use cases of AI in cybersecurity today, with each predicted to get more funding in 2021, according to CISOs interviewed for the report.
AI and ML business cases that provide greater customer revenue growth, reduced costs and greater financial visibility have the highest priority of being funded inside any enterprise today. The combination of improving customer experiences, automating processes (to reduce costs) and generating financial insights (for greater financial visibility) is the ideal combination for getting a proof of concept started for an AI or ML project. The proliferation of AI and ML use cases shown in the graphic below is attributable to how each contributes to enterprises achieving a tangible, positive ROI by combining them to solve specific business problems.
According to Burning Glass Technologies, the two tech job skills paying the highest salary premiums today and in 2021 are IT Automation ($24,969) and AI & Machine Learning ($14,175).
The average salary premiums for the most in-demand tech skills range from $4,204 to nearly $25,000.
Startups valued at $1 billion or more are 33% more likely to prioritize one or several top ten tech job skills in their new hire plans versus their legacy Fortune 100-based competitors or colleagues.
These and many other fascinating insights are from Skills of Mass Disruption: Pinpointing the 10 Most Disruptive Skills in Tech, Burning Glass Technologies’ latest research study published earlier this month. Their latest study provides pragmatic, useful insights for tech professionals interested in furthering their careers and earning potential. Burning Glass Technologies is a leading job market analytics provider that delivers job market analytics that empowers employers, workers and educators to make data-driven decisions.
Using AI To Find The Most Valuable Job Skills
Using artificial intelligence-based technologies they’ve developed, Burning Glass Technologies analyzed over 17,000 unique skills demanded across their database of over one billion historical job listings. The study aggregates then define disruptive skill clusters as those skill groups projected to grow the fastest, are most undersupplied and provide the highest value. For additional details regarding their methodology, please see page 8 of the report.
The research study is noteworthy because it explains how essential acquiring skills is to translating new technologies’ benefits into business value. They’ve also taken their analysis a step further, providing technical professionals with additional insights they need to plan their personal development and careers.
Key takeaways from their analysis include the following:
IT Automation expertise can earn technical professionals a $24,969 salary premium, the most lucrative of all tech job skills to have in 2021. Burning Glass Technologies defines IT Automation as the skills related to automating and orchestrating digital processes and workflows. Six of the ten job skills are marketable enough to drive technical professionals’ salaries above $10,000 a year. At an average salary uplift of $8,851, proactive security (cybersecurity) job skills’ market value seems low. Future surveys in 2021 will most likely reflect the impact of the SolarWinds breach on demand for this skill set. The following graphic compares the average salary premium by tech job skill area.
Software Dev. Methodologies (DevOps) expertise is the most marketable going into 2021, with 634,600 open positions available in North America based on Burning Glass Technologies’ analysis. Employers initiated 1,714,483 job postings requesting at least one disruptive skill area between December 2019 and November 2020. With each skill predicted to grow at least 17%, technical professionals have several lucrative options for their personal and professional development plans. The following graphic compares job openings by skill areas for the time frame of the study:
Quantum Computing, Connected Technologies, Fintech and AI & Machine Learning expertise are predicted to be the fastest-growing tech job skills in 2021 and beyond. Demand for technical professionals skilled in building and optimizing quantum computers and their applications will be in high demand for the next five years based on the study’s findings. Connected Technologies refers to skills related to the Internet of Things and connected physical tools and the telecommunications infrastructure needed to enable them. Fintech skills are related to technologies, including blockchain and others, that make financial transactions more efficient and secure. The following graphic compares the top ten tech job skills predicted to grow the fastest in 2021.
AI & Machine Learning, Cloud Technologies, Parallel Computing and Proactive Security (Cybersecurity) are the most distributed across industries, translating into more diverse job opportunities for technical professionals with these skills. Professional Services leads all industries in demand for nine of the ten tech job skills, except Parallel Computing, the most in-demand skill in Manufacturing. Factors contributing to Professional Services leading all industries in demand for technical job skills include the following factors. First, their business models need to continue pivoting fast to stabilize during the pandemic. Second, better risk and compliance controls of remote operations are urgently needed. Third, better visibility into services costs across all systems to ensure financial reporting accuracy is a must-have, according to the CFOs I spoke with regarding the survey results. The following graphic compares demand for tech skills by industry sector.
Demand for AI and Machine Learning skills is growing at a 71% compound annual growth rate through 2025, with 197,810 open positions today. Technical professionals with job skills in this area see salary premiums of $14,175. Top positions include Data Scientist, Software Developer, Network Engineer, Network Architect, Data Engineer and Senior Data Scientist.
Positions requiring IT Automation job skills are predicted to grow 59% over the next five years and have 282,380 positions open today. Besides being the most lucrative job skillset to have, IT Automation job skills lead to positions including Software Developer, DevOps Engineer, Senior Software Developer, Systems Engineer and Java Developer or Engineer.
According to BDS Analytics, the Covid-19 pandemic drove retail sales up 35% above industry forecasts, accelerated by cannabis businesses being declared “essential” for medical purposes in virtually every U.S. legal market.
Fueled by strong consumer demand, annual legal (medical and adult-use) sales are projected to grow at a compound annual growth rate (CAGR) of 21%, to reach more than $41 billion by 2025 (from $13.2 billion in 2019), according to New Frontier Data.
BDS Analytics predicts that the U.S. Cannabis Industry will generate $20.8 billion in direct spending in 2021 and $39.6 billion in total economic contribution after factoring its indirect economic effects.
Bottom Line: With an average yield per acre of $1.1 million, legal cannabis agriculture dwarfs all other crops in revenue potential while also providing the resources needed to fund AI-based monitoring to improve yields and security.
Cannabis’ value per acre dwarfs all other crops being produced in North America today, prompting every commercial grower to consider how they can improve yields further while securing their crops on a 24/7, virtual basis. Recent studies by the USDA, The Rand Corporation, and the Marijuana Cultivators of Oregon find that at an average price of $1,948 per pound at Colorado prices, an acre of marijuana can yield more than $1.1 million per acre. The studies compared the most widely grown crops in the U.S., including corn, soybeans, oats, and wheat, which all yield less than $1,000 per harvested acre. The following graphic from New Frontier Data illustrates how profitable an acre of marijuana is to cultivate than other crops.
Using AI to Protect & Grow a Cash Crop
AI and machine learning-based techniques based on real-time monitoring data are an integral part of today’s innovation in cannabis farm management. Supervised machine learning algorithms capable of identifying patterns and sequences in imagery from thermal, infrared, and night vision cameras in real-time can help identify diseases affecting plants early. Identifying and alerting farm staff of a breach or break-in by an animal or person is possible using AI-based smart monitoring systems.
The more advanced a smart monitoring system is in its use of machine learning and real-time monitoring integration, the more effective it is in spotting anomalous activity. Over time, the best AI-based remote monitoring and surveillance systems “learn” or begin to identify recurring patterns in data. Cannabis farms rely on AI and machine learning to identify which techniques for improving yield rates by specific fertilizer treatment produce the most flowers and overall yield per acre.
The following are ten ways AI is being used for improving cannabis yields and security:
Monitoring real-time video feeds of remote cannabis fields using machine learning-based surveillance systems can identify a breach by an animal or human then send an alert immediately. Given how valuable a single acre of cannabis is to a farm, knowing in real-time if there’s been an attempted breach or break-in can save thousands of dollars in potential crop damage and theft. Federated cannabis farms with multiple remote locations are starting to use AI and machine learning-based remote monitoring to secure their operations. Machine-learning based video surveillance systems can be programmed or trained over time to identify employees versus unknown people and easily spot animals attempting to break into a field. The following image from Twenty20 Solutions illustrates how machine learning is used for identifying activity at a remote location:
Reducing the dependence on onsite security guards alone and gaining a 24/7, 365-day monitoring view of each grow and farm site. Instead of relying only on onsite security teams to monitor video feeds in real-time, cannabis growers turn to AI and machine learning-based surveillance to isolate the most anomalous or unexpected events given the pattern of previous activity on a site. Reducing the cost and insurance liability of having security teams on site is one of the most significant benefits of relying on a cloud-based remote monitoring system that can interpret and provide alerts based on real-time data.
AI-based surveillance monitoring systems can prepare activity reports in minutes for state and federal auditors, saving farmers and administrative staff thousands of hours a year getting the data together for audit teams. Using machine learning and advanced video analytics, growers and their staff can prepare for state and federal audit reports in minutes instead of the many hours needed in the past.
Helping to keep licensed cannabis growers in compliance by providing a 24/7, 90 day or longer video history of all activities at their farms keeps them in compliance with state regulatory requirements. Included in several states’ requirements are the specific requirements for video footage access, video archiving, access requirements, how cameras are placed, and how quickly video footage can be accessed. State regulatory agencies are initiating audits of licensed cannabis growing facilities in 2021. All states require video footage to be archived, yet 72% of cannabis operators fail to comply with security and surveillance requirements, according to a recent study by the Brightfield Group:
California regulations require that all video recordings from surveillance be saved 90 days or longer.
Washington requires all video recordings to be archived for a minimum of 45 days.
Oregon requires licensed cannabis growers to retain 24/7 video for 90 days with a minimum of 1.3mp per camera at 10fps. The exterior is 5fps.
Cannabis farms often experiment with new fertilizers and plant treatments on a pilot acre to see if they achieve the expected results, and machine learning-based analysis of video stream data helps track results. Agricultural improvements in cannabis farming continue to accelerate as medical and leisure demand continues to grow exponentially. For example, a cannabis grower will often begin planting in the May/June timeframe to achieve a density of up to 4,000 plants per acre. Taking the real-time data stream infrared and thermal cameras of the acre will quickly tell growers how effective their new fertilizer and plan treatments are. Using the data from their monitoring system, the growers will expand the treatment to their entire farm, often over 40 to 50 acres in size.
Monitoring every access point to a facility with video surveillance 24/7 combined with sound recording can prove invaluable in stopping a break-in before it happens. Every entrance to a cannabis farm needs to be considered a primary threat vector if the farm will stay safe. Advanced remote monitoring and surveillance systems can provide video analytics that correlates sound, video, and status of infrared and thermal cameras, which together can help identify potential break-ins. And with real-time alerts, farm staff can take action immediately even if they aren’t onsite.
A few of the largest cannabis growing companies are experimenting with advanced video analytics combining infrared and thermal camera technologies to monitor insects and rodents’ impact on yield rates. Real-time video feeds are being digitally analyzed using advanced video analytics techniques by the largest cannabis farms today to find out how effective pesticides, insect, and rodent deterrents are at protecting their cannabis crops.
When a surveillance system is cloud-based, it is possible to access any farm or cannabis sites’ real-time video feeds, history of alerts, and advanced video analytics from any browser-based device at any time. Remote monitoring systems that are cloud-based often provide much greater flexibility in viewing, analyzing, and sharing monitoring data than their on-premise system counterparts. Any device with a browser can access the platform’s reporting features and know what is going on at a remote farm or cannabis production facility.
AI-based remote monitoring systems can also identify potential safety hazards to workers and reduce workplace injuries and potential liability litigation. Using advanced pattern matching supported by supervised machine learning algorithms, cannabis growers can identify when workers in high-risk roles are at risk of getting hurt while on the job. All cannabis facilities in the U.S. continue to have the requirement of everyone wearing a face shield and masks for the site to stay in compliance with CDC guidelines. Remote monitoring systems can tell immediately which work teams need coaching to remain in compliance.
Define access privileges across a farm facility by the level of access every employee needs to do their job, which is especially useful for new hires. New hires often start in the field and don’t need access to the front offices or the accounting department, for example. One of the most challenging aspects of running a cannabis business is cash management. Using an AI-based surveillance and monitoring system integrated into the local security system and intelligent locks, employees are provided the level of access they need on the first day to be productive.
Bottom Line: Cyberattacks enter a new era of lethal impact when threat actors are sophisticated enough to compromise SolarWind’s software supply chain with infected binary code while mimicking legitimate protocol traffic to avoid detection.
To gain greater insights into the SolarWinds breach, its implications on cybersecurity strategy in the future and what steps enterprises need to take today, I contacted Andy Smith, Cybersecurity Evangelist and an industry expert with Centrify. He explained the attack’s specifics, referencing the Cybersecurity and Infrastructure Security Agency’s (CISA) Alert AA20-352A, which details how sophisticated the attack is, citing the sobering fact that it is unknown if all attack vectors are identified. Active since at least March 2020, the advanced persistent threat (APT) has been identified by FireEye, SolarWinds, Microsoft and several other cybersecurity firms.
SolarWinds’ Security Advisory lists 18 known products that have been affected by the attack, including their Application Centric Monitor (ACM), Server Configuration Monitor (SCM) and Network Performance Monitor (NPM). Earlier this month, SolarWinds says the malicious code may have been delivered to nearly 18,000 customers.
Insights Into The SolarWinds Hack
Interested in dissecting the hack from a cybersecurity standpoint, I spent some time investigating the SolarWinds hack with Andy, a leading authority on Identity and Access Management (IAM), particularly around securing and managing privileged access credentials. The following is my interview with Andy:
Louis: There have been large-scale breaches before; why is this particular cybersecurity attack getting so much attention? Why is it so enormous?
Andy: What’s interesting about this particular attack is a couple of things. It follows a very traditional cyber-attack kill chain as many attacks, but the start of this one is impressive. Usually, there’s a vulnerability that allows threat actors to get into the network. What’s unique about this is the initial vulnerability is in vendor software, so it’s often now being referred to as a supply chain hack because the vulnerability was embedded as code.
The exposure to federal agencies and the attackers’ focus going after emails is especially troubling. It appears like it’s a nation/state-related incident that always heightens the exposure and is another reason it’s so large in scale. Some tools that FireEye uses for Red Team evaluation of people’s networks got exposed, so now those tools are in the hands of threat actors to do nefarious activities with them.
That’s one aspect of this hack that makes it remarkable, as sophisticated tools from FireEye are in nefarious actors’ hands. That’s one reason it’s enormous: you just gave something that was being used for good to threat actors intent on gathering as much intelligence across a supply chain of customers as they can.
Louis: How are the cyber-attack methods used in the SolarWinds hack particularly unique?
Andy: It follows a very common cyber-attack kill chain we’ve seen at Centrify for years. We ran the Anatomy of a Hack webinar earlier this year and it always starts with that initial vulnerability and getting in. What’s unique was this case is that the initial vulnerability wasn’t just, “Hey, I phished somebody’s password and logged in.” It was a vulnerability in the software build process for SolarWinds. So that’s a bit unique about how that initial vulnerability was there.
Still, once the attackers are in, the breach starts to look very traditional in the sense that they settle in, sit there for a while, scan the network, move laterally in that environment and hunt for privileged access.
All those things happened precisely by the people who investigated and then you find the data you’re going after. In some cases, it’s been software, as is the case with FireEye, or email servers, as is the case with government agencies. Attackers are patient and they wait to extract the data and then cover their tracks.
Louis: You and many others are an advocate of a layered approach to security. What is that and how would it have helped in the SolarWinds case?
Andy: For me, the biggest takeaway of this hack is that a layered approach to security is the way to go in the future in light of this hack’s sophistication. There’s no silver bullet to stop a hack this sophisticated, though. No one strategy or approach could have prevented it.
When you investigate this attack, it is pretty sophisticated and has multiple vectors to it and one has to assume there will be certain threat vectors compromised. That initial vulnerability will be there and you need those layers of security to prevent it, so you need to look at preventive controls, predictive controls and detective controls. All those need to be combined into a single, unified strategy.
For every organization looking at this hack and considering how future attacks of this sophistication will impact them, it’s a good idea to use this event as a way to get your board and executives thinking about a more resilient, hardened multilayer approach and not relying on a single solution to protect you. I see organizations using this opportunity to evaluate how a layered approach will work for their projects when it might not have been feasible to fund in the past.
It’s an extreme attack that shows how vulnerable the exposures are out there. It’s a good time to shore up your defenses. The Federal Information Processing Standard 200, or FIPS 200, the standard offers excellent guidance, including discussing the different types of layers and controls available today. Minimum Security Requirements for Federal Information and Information Systems defines the minimum security controls for federal information systems and the processes by which risk-based selection of security controls occurs.
If you dig into the National Institute of Standards and Technology (NIST) Special Publication 800-53, that gets a little deeper into the particular cyber controls you have in place. There is guidance available. You’re not out there on your own about what the layers should be and you can evaluate yourself against these standards.
Louis: What are some layers specific to privileged access management? Are there any particular PAM best practices that enterprises should be thinking about right now?
Andy: Absolutely and I’ll start with Privileged Access Management (PAM), which is one of the core layers. Investigations into this hack found specific evidence where they got in and created new accounts with elevated privileges to access data. It’s all over this.
We typically state the Forrester stat that 80% of hacks involve compromised privileged access. This SolarWinds example is no exception: that’s what happened.
Additional points to keep in mind include the following:
Before our interview, we talked about how vulnerable passwords are and how using the company’s name, followed by 123, is not a good idea – that ties into going pro with preventive controls rather than just relying on a password. That’s a perfect example of what not to do. Organizations can design preventive privileged access controls and detective controls and both are typically provided in Privileged Access Management solutions. Best practices call for multiple preventive controls – strong passwords, multi-factor authentication, password rotation, maybe use a federated credential and have privileged users log in as themselves for better auditing and accountability.
Rethink enterprise cybersecurity from a preventive control perspective that includes least privileged access. Simplistic preventive controls aren’t enough, as the sophistication of this hack shows. Preventive controls need to be strengthened with least privilege. The account creation process needs to provide as little privilege as possible to the server level. Workflows to request additional access need to be used to provide resources for a predefined period. If these types of controls had been in place, malicious code disguised in executable files and dynamic linked libraries would not have traveled as far down the supply chain.
Lastly, even if threat actors get through or you don’t have enough of those layers in place, you want detective controls. PAM solutions should have audit capabilities that watch what privileged users do. In the financial markets, there are things like the “four-eye principle,” where people are watching what other people are doing and so you can watch a privileged session in real-time and verify what users are doing. Of course, all that’s audited in the recording. You can send that information off to a SIEM to be correlated with other data to look for compromise indicators. Recent articles I’ve read pointed out the attackers were in the FireEye network for months before being detected. FireEye detected that they had been attacked thanks to detective controls.
Louis: The SolarWinds attack seems to have rejuvenated the case for Zero Trust. How can companies adopt a Zero Trust mindset and take stock of their security layers today?
Andy: Definitely and I see organizations accelerate their Zero Trust initiatives today. Organizations can get started on their Zero Trust frameworks by reviewing the FIPS and NIST publications. Review the layers of your security stack with a Zero Trust mindset. Don’t configure your network to trust someone just because they gained access. That’s how these attackers got in, laying in the network for plenty of time. Zero Trust says, “Don’t trust that authenticated network access. That could still be a compromised credential or a threat actor,” and this is a perfect example of that. This is why Zero Trust is critical: just because they’re on your network doesn’t mean they’re trustworthy.
The concept of least privilege, of authenticating at each step, introduces segmentation. When I give access, it’s just to that machine or that service that I need access to and not broad access across the network a network segment. That’s how you prevent that lateral movement. A Zero Trust mindset that Zero Trust philosophy of security is critical in this case.
Louis: What do you think will happen from the perspective of micro-segmentation and how does this hack change the balance of security relative to ongoing operations of a business?
Andy: I think it’s another evidence of our current breach culture and brings forth more awareness. More and more, events like this will make cybersecurity a higher priority in an organization – one essential to excel at to keep a business operating. So from that perspective, it is a business enabler.
If you do it right, you can start to do things like moving to the cloud and start to do things that make you more agile. The more we can think of security as a business enabler instead of a business blocker, the better we are. Taking the lessons learned from this hack and using them to create a more resilient, hardened organization is a start.
80% of hacks involve the use of compromised privileged credentials and this one is no exception. An important layer of control is Privileged Access Management (PAM) solutions such as Centrify, which typically involve predictive, preventive and detective controls.
In the end, it is security layers and vigilance that make the difference in minimizing the impact of a breach. NIST’s guidance can be constructive in cybersecurity planning, which can also be informed by Zero Trust’s principles. Remember, it’s not a question of if you will be hacked. It’s a matter of when and what you can do to limit the impact through layers.