Artificial Intelligence & Machine Learning , Black Hat , Business Email Compromise (BEC)

The Dual Role of AI in Email Security

Abnormal Security CISO Mike Britton on Defending Against Evolving Email Threats
Mike Britton, CISO, Abnormal Security

Business email compromise continues to be a significant threat and is one of the most financially damaging online crimes. Attackers continue to innovate and grow in sophistication, which means defenders need to leverage new technology, said Mike Britton, CISO of Abnormal Security.

See Also: Safeguarding Election Integrity in the Digital Age

Attackers are leveraging modern technologies including generative AI to launch more effective BEC campaigns. Traditional email defenses that rely on identifying unknown bad actors are no longer sufficient against these attacks.

ChatGPT and generative AI serve as a dual-edged tool, wielded by both attackers and defenders. "On one hand, an attacker can spin up 10,000 unique emails to attack 10,000 people using ChatGPT and generative AI," Britton said. "And also they can leverage generative AI to create 10,000 unique messages, 10,000 unique subject lines, and further make it more complicated to catch all of those attacks at once."

In contrast, defenders can leverage generative AI to streamline the analysis of suspicious emails, helping cybersecurity professionals quickly determine their legitimacy. Automating this process with AI allows security teams to allocate their resources more effectively to tackle other complex challenges.

In this video interview with Information Security Media Group at Black Hat USA 2023, Britton also discussed:

  • Deceptive messaging-based schemes that use social engineering tactics;
  • Abnormal Security's efforts to advance its solutions and extend its behavioral data science techniques;
  • Adapting defense methods to different communication platforms.

At Abnormal Security, Britton leads information security and privacy programs. Previously, he spent six years as the CSO and chief privacy officer for Alliance Data. He has 25 years of information security, privacy, compliance and IT experience in a variety of Fortune 500 global companies.

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.