In cybersecurity, buzzwords come and go, often being replaced with new buzzwords while the market is still attempting to realize the benefits of the former. Today, every technology vendor is talking about Artificial Intelligence (AI). In reality, Machine Learning (the method to one day achieve AI) is still the predominant technical solution deployed within vendor any vendor technology in the security space –including email security.
There are fundamental differences between Machine Learning and Artificial Intelligence. And these facts are important to delineate when many use the terms interchangeably.
- Machine Learning: The use and development of computer systems that are able to learn and adapt without following explicit instructions, by using algorithms and statistical models to analyze and draw inferences from patterns of data.
- Artificial Intelligence: The theory and development of computer systems able to perform tasks that normally require human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages.
The email security market claims to have AI-driven technology. But, in fact, all vendors use a form of algorithms and statistical models, making them – technically – Machine Learning technologies. Many email security vendors are able to analyze individual user behavior, including typing patterns, characters, sentence structure, relationships between users or across the organization, training the technology to detect anomalous patterns. This is a required foundation to any email security system.
However, let’s take this commonly used set of pictures (yes, it’s a bit creepy), so we can apply this same framework into email security. As a human, there are distinct differences that we can decipher between the dog and the muffin. However, best-of-breed AI platforms in existence currently fail at identifying 1 or more of these images, which results in an accuracy rate of 72%. As stated in the June 2021 report by the Center for Security and Emerging Technology, “…we anticipate that machine learning will provide incremental advances to cyber defenders, but it is unlikely to fundamentally transform the industry barring additional breakthroughs.”
In email security, even with the best algorithms, there is a percentage of emails that Machine Learning technology cannot accurately detect. If an email security technology is unable to detect a potential threat to your organization, it represents risk to your users and your organization. In aggregate, between 1-3% of all emails that represent risk, bypass even the best detection-based, AI-driven systems. What do organizations do to mitigate the risk of these email-based risks?
To protect your users and your organization from false negatives (i.e. emails that bypass the detection-based technology and land in a user’s inbox), security professionals often rely on security awareness training. However, 16% of organizations only do security awareness training annually, while 30% only perform this training during on-boarding of employees. Even though this is important, there are additional technologies available in email security platforms to support users and protect organizations with a defense-in-depth approach.
User-facing security layers are those layers of protection that engage and educate users on specific risks as they interact with suspicious (i.e. potentially malicious) emails. These user-facing layers should include customizable banners, link protection and a client-side plug-in that provides real-time insight into anomalous characteristics to help users more effectively interact – or prevent interaction – with suspicious emails. And, when deployed together, these technologies reduce user engagement with suspicious emails by over 80%. This is a quantifiable difference.
To learn more about how to combat sophisticated phishing attacks by deploying a layered, defense-in-depth approach –
Try GreatHorn Risk-Free for 30 Days!