Organizations invest in AI tools to elevate email security

To counteract new and emerging threat methods enhanced by artificial intelligence, specialized email security vendors are leveraging a synergy of AI and human insights to enhance email security, according to IRONSCALES and Osterman Research.

Cybercriminals are already using AI in email attacks

The threat of email attacks generated by AI is growing year over year and is projected to increase exponentially. Over 74% of respondents have experienced an increase in the use of AI by cybercriminals in the past six months, and over 85% believe that AI will be used to circumvent their existing email security technologies.

77% of organizations now consider email security a top 3 priority for their organization—virtually all of the security leaders surveyed expect AI to be moderately or extremely important to their future email defenses.

Strengthening defenses with AI-enabled email security solutions

Nine out of ten organizations have implemented an AI-enabled email security solution beyond what their cloud email provider offers. The report emphasizes AI’s dual role in preserving and enhancing detection efficacy, noting that adoption of AI-enabled email security has proven essential for organizations, with 42% maintaining their previous detection standards and 35% experiencing an improvement beyond their earlier baseline.

The report reveals that AI safeguards against evolving threats and enhances existing security layers, positioning it as a vital tool in the modern cybersecurity landscape.

Organizations still rely on human insights for complementary protection

The synergy between AI and human insights is pivotal for comprehensive cybersecurity. While AI has transformed threat detection, human intuition remains invaluable. Organizations recognize this, evident in their top buying factors: the ease of reporting suspicious emails and presentation of results.

These factors highlight employees’ crucial role in enabling effective response. Moreover, organizations are blending AI with human feedback to train ML models. This approach allows AI to learn from human experiences, enhancing contextual understanding and refining threat detection.

“With AI-enabled email attacks on the rise, enterprise security teams are not merely evaluating their options, they are actively investing in security tools that can effectively respond and provide continuous protection against these novel threats,” said Eyal Benishti, CEO at IRONSCALES.

“And they are demanding their email security vendors to up their AI game. As these AI-enabled threats emerge and evolve so quickly, it’s imperative that AI-enabled defenses evolve even more rapidly. Static AI models, trained on yesterday’s intelligence, are simply no longer enough. What organizations need today is truly adaptive AI, capable of continuously learning from and adapting to end-user feedback and data. This is why, at IRONSCALES, we’re employing strategies like reinforcement learning from human feedback (RLFH) and applying it to email security, to ensure our users remain two steps ahead of the latest threats,” Benishti continued.

“The findings of this report should leave no doubt as to the scope and severity of today’s social engineering problem,” said Audian Paxson, Director of Technical Product Marketing at IRONSCALES.

“As cybercriminals increasingly utilize AI to enhance their attacks, organizations not adopting AI in their email security are experiencing a decline in detection efficacy. The continued reliance on legacy email security solutions, such as SEGs, places organizations at significant risk. This report drives home the need for organizations to re-examine their approach to email security, by incorporating AI-enabled solutions that work in concert with regular phishing simulation testing and security awareness training. Employees should be part of the solution, not a liability,” Paxson concluded.