New IRONSCALES and Osterman Research Report Shows Adaptive AI Essential to Counter Rapid AI Adoption in BEC and Socially Engineered Email Attacks
August 2023 by IRONSCALES
IRONSCALES released findings of an upcoming research report focusing on the integral role of Artificial Intelligence (AI) in enhancing email security. The report, "The Role of AI in Email Security," was conducted by renowned research firm, Osterman Research, and surveyed 148 security leaders from organizations with more than 1,000 employees. The research sheds light on the evolving landscape of advanced email threats due to an increase in AI-based attacks. The report notes a growing trend of complementing traditional defenses with solutions from specialized email security vendors to counter new and emerging threat methods enhanced by artificial intelligence.
Key findings include:
Cybercriminals Are Already Using AI in Email Attacks
The threat of email attacks generated by AI is growing year over year and is projected to increase exponentially. Over 74% of respondents have already experienced an increase in the use of AI by cybercriminals in the past six months, and over 85% believe that AI will be used to circumvent their existing email security technologies.
Email Security Is a Top Priority
77% of organizations now consider email security a top 3 priority for their organization—virtually all of the security leaders surveyed expect AI to be moderately or extremely important to their future email defenses.
Organizations Are Strengthening Defenses with New AI-Enabled Tools
Nine out of ten organizations have implemented an AI-enabled email security solution beyond what is offered by their cloud email provider. The report emphasizes the dual role of AI in both preserving and enhancing detection efficacy, noting that adoption of AI-enabled email security has proven essential for organizations, with 42% maintaining their previous detection standards and 35% experiencing an improvement beyond their earlier baseline. The report reveals that AI not only safeguards against evolving threats but also enhances existing security layers, positioning it as a vital tool in the modern cybersecurity landscape.
Along with AI, Organizations Continue to Look to Human Insights as a Complementary Enabler for Protection
The synergy between AI and human insights is pivotal for comprehensive cybersecurity. While AI has transformed threat detection, human intuition remains invaluable. Organizations recognize this, evident in their top buying factors: the ease of reporting suspicious emails and presentation of results. These factors highlight employees’ crucial role in enabling effective response. Moreover, organizations are blending AI with human feedback to train ML models. This approach allows AI to learn from human experiences, enhancing contextual understanding and refining threat detection.
"With AI-enabled email attacks on the rise, enterprise security teams are not merely evaluating their options, they are actively investing in security tools that can effectively respond and provide continuous protection against these novel threats," said Eyal Benishti, CEO at IRONSCALES. "And they are demanding their email security vendors to up their AI game. As these AI-enabled threats emerge and evolve so quickly, it’s imperative that AI-enabled defenses evolve even more rapidly. Static AI models, trained on yesterday’s intelligence, are simply no longer enough. What organizations need today is truly adaptive AI, capable of continuously learning from and adapting to end-user feedback and data. This is why, at IRONSCALES, we’re employing strategies like reinforcement learning from human feedback (RLFH) and applying it to email security, to ensure our users remain two steps ahead of the latest threats."
"The findings of this report should leave no doubt as to the scope and severity of today’s social engineering problem," said Audian Paxson, Director of Technical Product Marketing at IRONSCALES. "As cybercriminals increasingly utilize AI to enhance their attacks, organizations not adopting AI in their email security are experiencing a decline in detection efficacy. The continued reliance on legacy email security solutions, such as SEGs, places organizations at significant risk. This report drives home the need for organizations to re-examine their approach to email security, by incorporating AI-enabled solutions that work in concert with regular phishing simulation testing and security awareness training. Employees should be part of the solution, not a liability."
IRONSCALES is the only email security solution that integrates adaptive AI and human insights to effectively combat advanced phishing attacks like AI-generated BEC attacks, account takeover (ATO), and VIP impersonation. IRONSCALES is powerful email security that unites AI and human insights to protect better, simplify operations, and empower organizations.