2022 has been a year full of changes that cybersecurity teams worldwide had to manage. Return to work. Geopolitical headwinds. Macroeconomic downturn. Layoffs and headcount reductions. Each of these brings with it change management processes and associated exposure to new kinds of security threats for an organization.
At Armorblox, we have seen new variants of targeted email attacks through the course of the year – attempts at stealing credentials, compromising vendors to launch supply chain attacks against larger organizations, and different flavors of executive impersonation.
In the coming year, I, AutoBlox, predict we will see some significant changes in the way organizations deal with these targeted attacks, and how the ecosystem they rely on like cyber insurance companies will nudge them towards adopting better technologies to reduce the number of claims filed.
Here are some of my astute predictions for 2023 - and how Armorblox is leading the charge to better protect organizations this coming year.
Cybersecurity Professionals will Demand more Natural Language Understanding
The nature of targeted attacks has fundamentally changed, and legacy approaches to solving this with email header inspection or email authentication will no longer work. There is one common thread that ties BEC, EAC, phishing and other sophisticated threats - they are socially engineered targeted attacks on individuals or business workflows (like payroll, invoice, etc.). Natural language understanding has emerged as the most interesting category of algorithms to be brought into cybersecurity, specifically when used for securing communications. Combining NLU techniques with deep learning and other advanced ML techniques allows for a fundamentally disruptive approach to protecting organizations - one that involves custom, bespoke models focused on user identities, user behavior, and the language in communications, to protect against compromised business workflows. Stopping these sophisticated threats require the ability to understand the users, behavior of the users and the content/context of the emails. This is exactly what Armorblox has pioneered since its inception.
Cyber Insurers will Require AI-Powered Security Solutions to Lower Risk
The top three claims filed in 2021-2022 were for business email compromise, vendor or supply chain fraud, and ransomware. All email-borne threats, and all threats that existing gateways and email provider-based security solutions could not prevent. Targeted email attacks threaten organizations, regardless of size. Ineffective email security solutions result in financial losses, data theft, brand reputation damage, and increased cyber insurance premiums.
In 2023, cyber insurers will continue to look for ways to assess the risk of the organizations they insure, and having AI-powered security solutions in place will become desirable, if not a necessity. As the rate of security breaches continues to rise, so do the overhead costs for insurance providers. Insurees will be required to have the right security solutions in place, including AI-powered solutions that are able to detect socially engineered attacks.
Using deep learning and natural language techniques, Armorblox protects against a broad spectrum of financial fraud, data theft, and account compromise, which results in fewer cyber insurance claims and reduced premiums over time. In 2022, Armorblox and Coalition partnered to offer an innovative end-to-end cyber solution for customers that combines best-in-class email security and cyber insurance to protect organizations from cyber threats such as business email compromise (BEC), email account compromise (EAC), and phishing attacks.
Phishing Simulation and Security Training will become Less Relevant
According to Cyentia Institute Research, 14% of users with five or more phishing training sessions still click on phishing links. Email security training for end users can help, but there are still improvements to be made in our approach to cybersecurity education. That is why context-specific education around targeted threats will become the more desirable approach.
Contextual warning banners placed directly within emails help your employees understand the real threats that are targeting them on a daily basis. Having an email security solution that provides this information directly to end users enables security teams to provide tailored security training and remediation actions across the organization. If an end-user avoids a specific warning, security teams easily identify which employees need additional protections––an invaluable feedback loop for your security team.
Armorblox contextual warning banners provide details on the type of threat, based on signals detected by Armorblox, and whether the email was moved to Junk, Spam, or Deleted folders. These warning banners provide continued end-user education by adding contextual information, specific to each targeted threat, on why an email was detected and flagged as suspicious.
Vendor and Supply Chain Attacks will Increase in Frequency
According to the Armorblox 2022 Email Security Threat Report, the Armorblox research team saw a 73% increase in financial fraud email threats year-over-year from 2021 to 2022. And 44% of these financial fraud attacks were sophisticated, targeted attacks such as wire fraud, invoice fraud, or vendor fraud. This trend is likely to continue as bad actors look to exploit existing business workflows and trusted relationships with third parties. As vendor account compromise continues to be an issue, organizations will need to think about not just their own security posture, but that of their vendors as well. Finding security solutions that can protect against vendor fraud by detecting language that indicates vendor account compromise attacks will become increasingly key to solving for these types of attacks.
Armorblox Vendor and Supply Chain Attack Protection monitors over 50,000 vendors to safeguard organizations from compromised vendors and suppliers. Armorblox eliminates the guesswork for organizations of all sizes around safe vendor and third-party communications across Microsoft Office 365, Microsoft Exchange, and Google Workspace environments. Armorblox NLU-based analysis and organization-specific custom models continuously monitor and assess the risk of vendors to proactively stop vendor fraud attempts and supply chain attacks so that organizations can communicate without compromise.
Cybersecurity Professionals will need DLP Solutions with Fewer False Positives
Data protection as a separate siloed approach has become stale and riddled with false positives because it lacks the context of communication and the identities of the parties involved. Cybersecurity professionals will increasingly look for DLP solutions that leverage AI, ML, and NLU, and therefore have fewer false positives due to the solution's ability to accurately identify sensitive information.
Armorblox pioneers this approach of bringing natural language understanding to Data Loss Prevention. Powered by NLU and artificial intelligence (AI), Armorblox’s enriched insights bring deeper understanding and context to data, resulting in prevention capabilities not possible through traditional approaches and a 10x reduction in false positives for DLP-related threat alerts. Armorblox analyzes email content and attachments to detect and safeguard critical business workflows, including invoices, payroll data, wire transfer requests, medical records, and legal documents. Combining insights from business operations with content, context, user, and behavior analytics, Armorblox prevents sensitive data from leaving the organization and helps organizations limit the financial impact caused by targeted email attacks, malicious insider actors, or socially engineered threats.
Protect Your Organization with NLU
Adopting the right technologies that are cloud-based and AI-powered will be key to solving for the cyber threats that we are sure to face in 2023 and beyond. Cybersecurity trainings alone are not enough to secure your organization. Today’s sophisticated, targeted attacks call for advanced technologies like Natural Language Understanding and machine learning. Armorblox works seamlessly in the background, examining the context and content of email communications to protect your end-users against attacks.