CyberRisk Alliance (CRA) has released its latest report for December 2024, focusing on the evolving landscape of email security. With email attacks becoming more sophisticated, organizations are increasingly looking to artificial intelligence (AI) as a potential game-changer for their email security strategies.
Key Findings from the Cybersecurity Buyer’s Intelligence Report (CBIR) include:
– AI-Driven Email Security Solutions: AI-based email security tools are gaining momentum. 50% of organizations surveyed plan to integrate AI and automation into their email security systems in the near future.
– Rising Threat of AI-Enhanced Phishing: More than half (55%) of cybersecurity decision-makers express significant concern that AI-generated phishing emails are becoming harder to detect.
– Business Email Compromise (BEC) on the Rise: More than 70% of organizations surveyed reported receiving at least one business email compromise attempt every day, while 6% reported blocking over 250 suspicious emails daily.
– Employee Awareness Gaps: Despite phishing training efforts, a significant number of employees and executives are still falling for fraudulent emails. Only 23% of those surveyed said they were “very confident” about their organization’s ability to secure its email.
– AI’s Potential to Combat Threats: While AI is seen as a double-edged sword, with the potential for both attackers and defenders to leverage it, 55% of respondents believe AI could play a vital role in enhancing email security.
– Spending on Email Security Set to Rise: Over half of organizations (58%) expect to increase their email security spending by up to 5% in 2025 in order to safeguard sensitive information.
“The rise of AI-driven threats requires a parallel rise in defensive capabilities,” said Bill Brenner, Senior Vice President of Content Strategy at CyberRisk Alliance. “While AI holds significant promise in automating and enhancing email security, the increasing sophistication of AI-powered phishing attempts signals that organizations must be proactive in addressing this evolving risk. Training, tools, and AI must work together to provide a robust defense.”
As AI tools continue to be integrated into email security systems, organizations are prioritizing the need to balance technological advancements with employee training to better recognize and mitigate sophisticated email threats, accordig to CRA. The combination of AI-driven solutions and a well-prepared workforce is expected to be critical in tackling the growing complexity of email-based cyberattacks.