Cyber security is a tough challenge, and it's getting harder to keep up with the latest threats. AI-powered tools leveraging machine learning can help detect phishing attacks by analyzing huge amounts of data in seconds rather than hours. These new email security solutions have proven to be up to 10 times as fast and significantly more accurate than legacy signature-based systems, as the older systems require constant updates from vendors due to changes within their code base. The new AI/ML-driven solutions also solve the problem of downtime for maintenance, as those changes are handled from within the platform automatically with zero impact on the tool’s performance or end-user experience.

But even the best AI/ML tools still miss attacks. So, does that mean that AI/ML tools are overpromising and underachieving? If so, now what?

Tesla has just decided to let go of many of its data annotators working on the auto-pilot. Does that mean it is the end of autonomous cars? Of course not. If anything, they are becoming better at doing one of the most important tasks: annotating data in an automated fashion. Unfortunately, hype and reality typically don’t align. Back to the Tesla example: the promise of autonomous cars filling our streets and highways is taking longer than anticipated and certainly much longer than Elon Must had hoped (robotaxis should have been here two years ago). But I still believe cars will drive autonomously one day soon, just like I believe we will have autonomous SOCs before too long. These SOCs will still have humans present, but most of the work will be handled by the machines.

What is the human part in the future of AI / ML?

AI/ML has proven effective as an assistant in the security operations world, but like with autonomous cars, there is still a lot of investment to do before we can hand over the keys. Humans remain an integral part of the decision-making process. We still rely on them to spot the old man crossing the road on a dark night. Over time the models will learn, and the machine will perform more independently. AI will do 99% of the work for us soon, dealing with all the obvious and predictable actions and decisions, but it is incumbent upon us, both end-users and practitioners, to pump the brakes when AI hits its threshold. It is up to us to turn the wheel when we are on the highway going 75 MPH with the kids sleeping in the back seat and something comes flying across the road.

Cyber security awareness, specifically phishing simulation and testing has been around for the better part of a decade and is a common tool used by security teams to increase employees’ ability to spot phishing attacks, which in turn reduces the overall security risk of the organization. Cyber fighters are constantly chasing better content to put in front of their employees, but they all struggle with the same issue - people don't like training.

When it comes to email phishing and social engineering, awareness training functionality is usually considered an add-on. That said, the silent consensus is also that employees are the last line of defense, so this add-on is a necessity because the phishing problem isn’t going away – in fact, it continues to get worse as threat actors continue to scale and innovate their attacks.

While many vendors have abandoned the human element, or worse, blame humans for security lapses, we continue to believe that humans are an integral part of any effective email security solution. That’s why we include phishing simulation testing in all our plans (even our free Starter plan) and continue to expand employee training capabilities.

We invite you to download our new report "The Business Cost of Phishing", where you can discover the true cost of phishing on organizations as well as what IT and Security professionals believe is coming next.  You can get the report at https://secure.ironscales.com/the-business-cost-of-phishing/report-download