New SaaS Survey Reveals Generative AI as Top Threat to Security

Rapid transformation and digital innovation is now a main pillar of IT work, with the latest tectonic shift being spurred on by the increasing adoption of generative AI. While the conversations happening around AI focus on adoption and innovative use cases, the ramifications of this work will be felt soon.

Security is touted as the main concern, but mass adoption of AI will also have sweeping impacts on cloud and SaaS spending. Considering there are organizations that have yet to migrate to the cloud, we are seeing the beginning of a massive disparity in how organizations operate; while tech giants are full steam ahead on AI adoption, the majority of organizations will be more cautious in their approach. The amount of progress being made in this space is staggering considering the time frame. And while exciting, we are still only in the early stages of generative AI.

The latest forecast from Gartner ranks worldwide cloud spending at $597.3 billion by the end of this year and SaaS spending is expected to reach $200 billion. As organizations continue to rely heavily on their cloud infrastructure and services to fuel their business, IT professionals must balance innovation, productivity, and risk. How they are accomplishing this was the topic of our latest survey, with a focus on SaaS.

To better understand the current state of SaaS reliance, Snow Software surveyed 1,000 IT leaders from organizations with more than 500 employees in the US and UK. How is IT handling the relentless appetite for SaaS? What keeps them awake at night? The results are eye-opening. 

Security presents top challenge for SaaS management in 2023

When respondents were asked ‘what is most challenging about managing SaaS applications at your organization,’ the top concern is now managing the security of SaaS applications, with 46% of respondents stating it is the most challenging aspect. 

The second biggest challenge is identifying SaaS application configuration issues (41%), followed closely by controlling the total cost of SaaS application investment (39%). This is no surprise to anyone following the news around AI. SaaS applications have been a historic challenge for IT teams to manage since their widespread adoption, and AI implications will only make this work more challenging for risk mitigation and governance.

Last year, IT leaders were still swimming in unsanctioned SaaS use that first exploded during the pandemic as employees adjusted to remote work models. This was both a budgetary issue and a compliance risk. This year, organizations seem to have made headway on that front, as 61% of respondents said they have extensive data classification and security policies and tools in place to govern what data can be shared with any SaaS application. And yet, fears around security persist.

That security has taken over as the top concern while generative AI technologies stormed onto the scene earlier this year is no coincidence. When asked which types of applications are most concerning to IT from a security perspective, the top answer was generative AI applications such as ChatGPT (23%), followed by open-source applications (19%) and file-sharing applications (17%).

While 90% of respondents said they know how their SaaS vendors manage and secure their data, AI remains an unknown, as data privacy assurances aren’t yet in place for this early-stage technology. Fifty-seven percent of IT leaders said they would feel ‘alarmed’ if their SaaS vendor was using generative AI in their technology without their knowledge and would need full insight into how the technology is being used and the risks involved, although they would continue to use the application.

Not perfection but progress

Whether it’s about cost control or security, the job of managing SaaS weighs heavily on IT leaders. The good news is progress is being made.

If a SaaS issue comes up (like security, governance, cost, usability, etc.), 95% of IT leaders said they know who to call within their organization for help. While security is a big concern, nearly all respondents (96%) are confident in the security measures they have in place for SaaS. When it comes to budget, respondents are also very confident they can quickly and efficiently find savings/areas to optimize when needed (90%).

Over half of respondents (54%) indicated they would create a SaaS application buying training and require all employees who have purchasing power to take the course, if budget, resources and time were not a factor. Interestingly, 13% say they would do nothing because their organization doesn’t have any SaaS sprawl.

Though efforts are constantly being made to get a handle on the complexities of SaaS management, the rapid adoption of emerging technologies like generative AI will only compound these frustrations. For organizations without the right tools in place, SaaS applications will pose even greater risks to intellectual property, organizational health and overall governance. Having the right controls in place to find and act on unknown and shadow SaaS – including newcomers like ChatGPT – will be crucial for safeguarding against use, but also usage.

Reach out to us to improve your SaaS management practices and keep up with these SaaS management trends.