Email Security: Crucial Defense Against AI-Powered Threats

No photo availableByStaff Writer
4 min read
74 per cent of data breaches (three out of four) involve a human element, with people being involved either via error, privilege misuse, use of stolen credentials or social engineering.
Email security

Email compromise still accounts for around 90 per cent of breaches that occur within businesses on a daily basis, something that, in most instances, can be blamed on user error. “New and evolving threats are landing in users’ mailboxes daily, particularly within the hybrid workforce context, often using phishing campaigns that rely on clever techniques and panic to get users to click on links and share credentials or sensitive information, such as banking details,” explained Gideon Viljoen, Pre-Sales Specialist: ICT Security, Datacentrix, a leading hybrid ICT systems integrator and managed services provider.

He added that “Verizon confirms in its Data Breach Investigations Report 2023 that “74 per cent of data breaches (three out of four) involve a human element, with people being involved either via error, privilege misuse, use of stolen credentials or social engineering.”

Social engineering is a lucrative tactic for cybercriminals, the report says, especially given the rise of those techniques being used to impersonate enterprise employees for financial gain, an attack known as Business Email Compromise (BEC). The median amount stolen in BECs, it reveals, has increased over the last few years to $50,000, based on Internet Crime Complaint Center (IC3) data, which might have contributed to pretexting incidents – a specific type of social engineering attack – nearly doubling this past year. With the growth of BEC, enterprises with distributed workforces face a challenge that takes on greater importance: creating and strictly enforcing human-centric security best practices.

Fighting Fire With Fire: User Training And Next-Gen Technology Essential

“With a rapidly evolving landscape, changing attack strategies and new compromise techniques being introduced daily, it is imperative that users are trained and kept up to date on the latest campaigns and techniques being used,” says Viljoen.

This is the most effective way of ensuring a more secure environment, with users acting as a ‘human firewall’ for organisations, and being able to spot, report and block compromise attempts. User awareness training then becomes an excellent proactive option to assist email gateway administrators and engineers in staying on top of campaigns and potential breaches.

In line with this is designing a collaborative workforce between machines and humans is the key to successfully stemming the attack on organisations. Done with the use of AI (artificial intelligence), it additionally provides a smarter, faster approach to protecting against email phishing and breaches.

“AI is being used increasingly to run phishing campaigns and information collection, doing the heavy lifting on behalf of threat actors. A good example of this is how the AI-powered chatbot ChatGPT has been used to help less-skilled cybercriminals write malware and launch cyberattacks. So, having technology in place to combat this is a necessity, and businesses cannot rely on a human alone to be able to administer and catch these threats.”

IBM’s recently launched Cost Of A Data Breach Report corroborates this statement, affirming that AI and automation have had the biggest impact on the speed of breach identification and containment for studied organisations. The report says that businesses making extensive use of both AI and automation experienced a data breach lifecycle 108 days shorter than those companies that had not deployed these technologies (214 days versus 322 days). According to the IBM report, the incident costs shouldered by those organisations that were using AI and automation were significantly lower; on average, nearly $1.8 million lower data breach costs than organisations that didn’t deploy these.

How To Protect Business Email

The best starting point for a business’s email security, according to Viljoen, is to invest in an email gateway solution. “In fact, Datacentrix’s recommendation is that organisations implement an email gateway solution as a first priority before looking at any other security product.”

With a variety of toolsets available on the market, finding the best fit for your organisation is key, Viljoen clarifies. “There are full enterprise solutions, as well as small-to-medium business email offerings available to provide a secure email environment. These solutions offer reactive, real-time and proactive response solutions to secure the gateway.”

Ensuring that the gateway is configured and maintained from the start is critical, with the requirement that a specialist, either an internal engineer or an expert managed services provider, enforces the policies and rules and maintains best practice standards.

“Once you have the right technology in place and capabilities are procured and enabled within the organisation, the next step is to see that the policies and rule sets are updated, checked and verified in a cost-effective way to ensure losses are minimised. Running best practice assessments on policies and rules on a frequent basis is also vital to ensure a secure gateway, he said.

Finally, he pointed out, it is critical to utilise tools, such as pen testing and auditing, to ensure that the environment is hardened and stringently tested at frequent intervals.

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co