Cofense Cybersecurity and AI Insights
by Hannah Long
The Evolution of Email Threats
We have seen the email threat landscape evolve vastly, with levels of sophistication, targeting and volume bypassing secure email gateways (SEG’s), increasing by 105% in 2023 alone, reaching eye watering levels. As discussed in our blog, The dark side of AI: 6 ways AI could elevate email threats of the future | e92plus, combine these factors and it poses a great challenge for security teams to be able to manage and effectively protect an organisation now and in the future.
Our latest Annual Phishing Report shows how progressively difficult to identify and deceptive campaigns are becoming. We’ve seen vishing campaigns increase, impersonating trusted entities through voice calls or automated phone messages to manipulate victims into providing confidential information. So too have we seen brand impersonation and highly targeted spear-phishing campaigns increase, both leveraging personal information and taking advantage of the perceived trust they emulate.
All of these tactics are very efficient at bypassing secure email gateway (SEG) technology; they are often delivered without attachments or obvious links making it difficult for traditional file and text-based detection software to pick up on these forms of phishing. Additionally, because users interact with these tactics via non-traditional methods like personal smartphones and traditional telephones, these types of phishing take users outside the protections of their corporate environment and its security protocols. The adoption of conversational and social engineering tactics further aid in threats going undetected, manipulating recipients into disclosing information directly to the ‘trusted’ entity.
The Role of Technology in Mitigating Email Threats
Advancements in email security technology have contributed hugely to an organisations ability to bolster defences against email threats, if deployed correctly. From machine learning and AI-powered email quarantining tools to robust encryption protocols, these solutions play a pivotal role in fortifying email security.
Machine learning technology has advanced a security teams ability to better identify new threats within environments. When Indicators of Compromise (IOC) are confirmed in a threat campaign, by ingesting them into machine learning technology it can enable proactive and automated hunting of those indicators elsewhere. This could be across an individual environment, or ingested wider and shared across global networks. Technology such as this, for example our Cofense PDR, can enable threats to be automatically removed within as little as 8 minutes. This far surpasses the average manual processing time of 304 days, and shows the value that this technology can add to not only security team resources, but also reducing the risk of a breach.
However, and this is a big however, these tools’ ability to detect threats are only as good as the data they are fed with. So how do AI and machine learning security technology maintain accurate and relevant against an ever-evolving threat landscape? Through the power of human vigilance.
The Human Factor: Irreplaceable in Email Security
While technological solutions provide essential layers of defence, the human element remains indispensable in identifying and thwarting new email threats whilst providing a vital intelligence feed for these technologies to learn from. Humans possess the perceptual and cognitive abilities to detect signs of phishing attempts, such as irregularities in email content, suspicious sender addresses, and requests for sensitive information. Moreover, human intuition and contextual understanding often enable individuals to discern fraudulent emails from legitimate ones, even in the face of highly deceptive and sometime very simple tactics.
In organisations where we have run tests on security programs utilising machine learning, we have always found threats still being reported by their human layer of defence. Most threats that we observe being reported, are in fact very unsophisticated yet they still bypass deployed technology, and mainly because of this simplicity. Automated technologies simply cannot ever be 100% effective against email threats, but humans provide the information source and crucial cognitive layer to identifying emerging threats.
The Power of Human Vigilance
In an era dominated by technological advancements, the human factor still stands as the linchpin of effective email security. As a result, the human layer to your security program should be well equipped to defend your organisation effectively.
Training and empowering individuals to recognise and report email threats are paramount in establishing a resilient defence posture. You should ensure to educate employees on how to spot red flags, verifying the authenticity of requests, practicing secure email habits, and enforcing a zero-trust email reporting culture will help build a strong front-line defence against email-based attacks.
Embracing a Holistic Defence Strategy
Automated threat detection technology won’t enable domination of email threats of today or in the future, but adopting a holistic approach that integrates advanced technological safeguards with a culture of heightened awareness and proactive defence will. By amalgamating robust email security solutions with ongoing education and training initiatives, organisations and individuals can cultivate a collective resilience against evolving email threats.
As the technological arms race between cybercriminals and defenders persists, it becomes increasingly evident that the human element will forever remain an indispensable component of email security. By recognising the symbiotic relationship between technology and human vigilance, we can forge a formidable defence against the ever-evolving landscape of email threats.
Remember, in the battle against email threats, the human element is not just a defence, it is your front line.
For further insights and strategies to help deliver effective email security, please contact us at www.cofense.com