AI attacks expose email security threats

COMMENTARY: Email security has become a board-level business continuity issue. Enterprise CISOs are explaining to executives why their teams burned an average of more than 160 analyst hours last quarter investigating legitimate business emails flagged as threats. That's $24,000 in fully-loaded analyst time—per quarter—just on false positives.

The stakes are rising exponentially. Recent Harvard research shows AI can fool over 50% of humans, while reducing attack costs by more than 95% and increasing profitability up to 50-fold. For enterprise CISOs managing more than 10,000 mailboxes, this isn't operational pain—it's existential business risk.

[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]

Legacy email systems are failing at enterprise scale. With SOCs receiving more than 4,400 alerts daily and 43% being false positives, large enterprises investigate 600-1,900 false positives daily. At current analyst rates, that's $875,000 annually in wasted human capital—before calculating business disruption costs.

Why legacy email security has hit a dead end

Both first and second-generation email security systems suffer from the same fundamental flaw: they're prosecutor-only systems that can only hunt for guilt, never prove innocence.

First-generation pattern matching hunts for suspicious indicators using manually-crafted rules. When threats are novel, there are no patterns to match. Teams can't use regex to define "normal"—there are infinite legitimate business scenarios to manually code.

Second-generation machine learning calculates threat probabilities based on historical attack data. When AI generates personalized, novel attacks with no historical precedent, statistical analysis fails completely. We also can't build ML models to detect legitimacy—the feature space is too vast, creating long-tail correlations that generate massive false positive rates.

This creates an unsolvable FP/FN tension. Make the prosecutor more aggressive, and it’s possible to convict more innocent emails. Make it more cautious, and more threats escape. It's a zero-sum trade-off that we can never solve within a prosecutor-only architecture.

Here's why all of this will become catastrophic: AI has made hyper-personalized attacks go from rare, nation-state capabilities to commonplace, commodity threats. Traditional systems are essentially blind to threats they've never seen before.

Give every email its day in court

We’re now starting to see the rise of third-generation email security platforms that use LLMs as the central coordinator of analysis, not as a bolt-on module. This architectural shift from "LLM-as-assistant" to "LLM-as-master" enables fundamentally different capabilities.

These tools break the prosecutor-only paradigm entirely. Every email gets its day in court. Our system acts as both public defender and prosecutor, while an impartial LLM judge weighs the evidence and renders verdict.

When AI creates novel attacks with no historical precedent, pattern-matching fails. But these architectures focus on stable indicators that persist regardless of attack novelty:

How dual evidence collection changes everything

Dual evidence collection has become very important in this third generation: and they fundamentally change email security economics.

Take a $50M vendor payment approval from the CFO during quarterly close. Legacy systems see urgent language, large financial amount, after-hours timestamp. Every pattern screams threat. Email gets quarantined. Business disrupted.

Dual evidence architecture simultaneously runs two parallel investigations:

The LLM judge weighs all evidence. Strong legitimacy indicators outweigh minor threat signals. The promise: Email clears automatically with 98% confidence. Business continuity maintained. Analyst focuses on actual threats.

The zero-memory advantage

Products that fall in this new category are built on an AI-native architecture that delivers the reasoning power of a thousand elite analysts with the memory of a goldfish. Each email gets analyzed using current signals and organizational context, then the analysis gets discarded. Maximum analytical capability, zero data persistence. No compliance challenges. No competitive intelligence risks.

Legacy platforms can't evolve to this model. They were built for signature matching, and adding LLM reasoning creates bottlenecks and integration complexity. Complete rebuilds are required—not incremental updates.

Organizations deploying these third-generation architectures establish measurable operational advantages while competitors waste resources on false positive management. Many will maintain operational superiority for years, while competitors struggle with technical debt and increasing blind spots against novel attacks.

The window for early-mover advantage gets measured in months, not years. The question isn't whether AI-native email security will become standard—it's whether organizations will lead this transition or spend years catching up while managing preventable business disruption from attacks legacy systems can't even see.

Alan LeFort, chief executive officer, StrongestLayer

SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.