Security leaders are highly concerned about generative AI’s potential to create more sophisticated email attacks—yet, many are unprepared to effectively protect against it

Abnormal Security, the leading AI-native email security platform, today announced the launch of a new report, “The State of Email Security in an AI-Powered World.” The report reveals security leaders’ greatest concerns about the growing threat of generative AI in the enterprise—particularly via the email vector—and how they are preparing to adapt their defenses in response.

Based on a survey of 300 senior cybersecurity stakeholders from organizations of all sizes across multiple industries, the research found that nearly all security leaders (98%) are concerned about the cybersecurity risks posed by ChatGPT, Google Bard, WormGPT, and similar tools.

Their leading worry is the increased sophistication of email attacks that generative AI will make possible—particularly, the fact that generative AI will help attackers craft highly specific and personalized email attacks based on publicly available information. Not only are security leaders feeling nervous about these threats, many are already experiencing them. Four-fifths (80.3%) of respondents confirmed that their organizations have either already received AI-generated email attacks or strongly suspect that this is the case.

“Generative AI tools like ChatGPT have taken the world by storm, bringing efficiencies to individuals and businesses like we’ve never seen before. But, like everyone else, cybercriminals are also taking advantage of this technology,” said Evan Reiser, Abnormal CEO and co-founder. “Threat actors can use these tools to scale email attacks in volume and sophistication, eliminating the telltale signs of an attack like typos and grammatical errors, while applying personalized context, tone, and language to make them even more deceptive. As generative AI lowers the barrier to entry for launching advanced attacks, we are entering a new and increasingly dangerous era of cybercrime, where organizations will need to rely on good AI to fight bad AI.”

Despite widespread concern, the vast majority of security leaders are not adequately prepared to protect against AI-generated email attacks. The majority of respondents are still relying on their cloud email providers or legacy tools for email security, with over half (53%) of respondents still using secure email gateways to protect their email environments. Unfortunately, this approach does not seem to be working, as nearly half of respondents (46%) lack confidence in traditional solutions to detect and block AI-generated attacks.

The research highlights an opportunity for an alternative approach with AI-driven security as the next frontier of email protection, as 92% of survey participants see the value in using AI to defend against AI-generated email threats. Additionally, more than 94% of survey participants say that AI will have a major impact on their cybersecurity strategy over the next two years.

“The good news is that cybersecurity leaders recognize the need for a modernized approach to email security—one that puts AI at the center,” continued Reiser. “With generative AI making it possible to create never-before-seen attacks at scale, it’s no longer enough to look for known indicators of compromise. There is a huge opportunity for security leaders to tap into the power of AI to effectively stop advanced attacks targeting their organizations—regardless of whether they were generated by AI or created by humans.”

You can download the full report, The State of Email Security in an AI-Powered World, here.

About Abnormal Security

Abnormal Security provides the leading behavioral AI-based email security platform that leverages machine learning to stop sophisticated inbound email attacks and dangerous email platform attacks that evade traditional solutions. The anomaly detection engine leverages identity and context to analyze the risk of every cloud email event, preventing inbound email attacks, detecting compromised accounts, and remediating emails and messages in milliseconds—all while providing visibility into configuration drifts across your environment. You can deploy Abnormal in minutes with an API integration for Microsoft 365 or Google Workspace and experience the full value of the platform instantly, with additional protection available for Slack, Teams, and Zoom. More information is available at abnormalsecurity.com.

View source version on businesswire.com: https://www.businesswire.com/news/home/20231024348798/en/