Virtualization Technology News and Information
Armorblox 2023 Predictions: Cyber insurers will demand AI security solutions, vendor compromise, and more


Industry executives and experts share their predictions for 2023.  Read them in this 15th annual series exclusive.

Cyber insurers will demand AI security solutions, vendor compromise, and more

By Anand Raghavan, Co-founder and Chief Product Officer, Armorblox

2022 has been a year full of changes that cybersecurity teams worldwide had to manage around. Return to work. Geopolitical headwinds. Macroeconomic downturn. Layoffs and headcount reductions. Each of these brings with it change management processes and associated exposure to new kinds of security threats for an organization.

At Armorblox, we have seen new variants of targeted email attacks through the course of the year - attempts at stealing credentials, compromising vendors to launch supply chain attacks against larger organizations, and different flavors of executive impersonation.

In the coming year, we predict we will see some significant changes in the way organizations deal with these targeted attacks, and how the ecosystem they rely on like cyber insurance companies will nudge them towards adopting better technologies to reduce the number of claims filed.

Here are our predictions for 2023.

1.  Cyber insurers will require AI-powered security solutions to lower risk.  

The top three claims filed in 2021-2022 were for business email compromise, vendor or supply chain fraud, and ransomware. All email-borne threats, and all threats that existing gateways and email provider-based security solutions could not prevent. In 2023, cyber insurers will continue to look for better ways to assess the risk of the organizations they insure, and having AI-powered email security solutions in place will become desirable, if not a necessity.

Cyber insurance questionnaires have grown from two pages to twenty pages in many cases, and exclusions to policies for "pre-existing conditions" will become the norm. Organizations will need to show a modern email security stack with custom, bespoke models that understand their unique threat exposure and illustrate how their investment in these solutions drastically reduces the number of attacks, and hence the number of claims they would need to file.

2.  Phishing simulation and security training will become less relevant. 

According to Cyentia Institute Research, 14% of users with five or more phishing training sessions still click on phishing links. Email security training for end-users can help, but there are still improvements to be made in our approach to cybersecurity education. That is why context-specific education will become a more desirable option.

In-email contextual warning banners help your employees make sense of the real threats that are targeting them on a daily basis. Having an email security solution that provides this information also creates a more accurate feedback loop for your security team. If an end-user avoids a specific warning, that allows the security team to know exactly what type of training that employee needs.

Running simulated campaigns and putting employees through a generic phishing awareness program filled with very generic videos will become outdated. What companies will find more relevant and interesting is to provide in-context feedback in real threat emails, and then do targeted training videos based on specific threats an employee was exposed to. To provide this capability, organizations would need to invest in solutions that can dynamically add banners based on specific attack categories and educate users based on that.

3.  Cybersecurity professionals will demand more Natural Language Understanding. 

The nature of targeted attacks has fundamentally changed, and legacy approaches to solving this with email header inspection or email authentication will no longer work. Natural Language Understanding has emerged as the most interesting category of algorithms to be brought into cybersecurity, specifically when used for securing communications. Combining NLU techniques with deep learning and other advanced ML techniques allows for a fundamentally disruptive approach to protecting organizations - one that involves custom, bespoke models focused on user identities, user behavior, and the language in communications. Cybersecurity teams will start thinking about their attack surface area in the context of business workflows, and not just one-off emails. The workflows that are most sensitive involve money, credentials, sensitive data, and confidential data. Algorithms built with Natural Language Understanding are perfectly placed to process emails, understand the context, and protect organizations against compromised workflows.

4.  Vendor and supply chain attacks will increase in frequency. 

According to the Armorblox 2022 Email Security Threat Report, the Armorblox research team saw a 73% increase in financial fraud email threats year-over-year from 2021 to 2022. And 44% of these financial fraud attacks were sophisticated, targeted attacks such as wire fraud, invoice fraud, or vendor fraud. This trend is likely to continue as bad actors look to exploit existing business workflows and trusted relationships with third parties.

As vendor account compromise continues to be an issue, organizations will need to think about not just their own security posture, but that of their vendors as well. Finding security solutions that can protect against vendor fraud by detecting language that indicates vendor account compromise attacks will become increasingly key to solving for these types of attacks. This becomes particularly relevant for the Fortune 500 or Global 2000 companies that have a large ecosystem of suppliers, vendors, and distributors whose security stacks are nowhere as mature as those of large organizations. Large organizations might consider requiring all vendors to follow certain security best practices, including modernizing their email security stack if they want to continue being a vendor in good standing.

5.  Cybersecurity professionals will need DLP Solutions with fewer false positives.   

Data protection as a separate siloed approach has become stale and riddled with false positives because it lacks the context of communication and the identities of the parties involved. Cybersecurity professionals will increasingly look for DLP solutions that leverage AI, ML, and NLP, and therefore have fewer false positives due to the solution's ability to accurately identify sensitive information. These solutions will need to use language-based techniques to correctly identify business workflows that include sensitive or confidential information, protecting them from compromise.

Adopting the right technologies that are cloud-based and AI-powered will be key when solving for the threats we are sure to face in 2023. Cybersecurity as an industry is still in the early days of adopting Natural Language Understanding-based technologies to protect against threats. There are a lot of exciting opportunities ahead!



Anand Raghavan


As Co-founder & CPO at Armorblox, Anand loves the excitement of working with world-class teams to build and market game-changing products. Prior to Armorblox, Anand launched ThoughtSpot out of stealth mode, and built and ran product marketing and product management teams there. Anand was a founding team member and product manager at Blue Jeans Network, helping to grow it from four employees to 200+ employees and 2,000+ customers. Before that, he held several engineering roles, including six years at NVIDIA.  Anand has a B.Tech. in electrical engineering from the Indian Institute of Technology Madras, an M.S. in electrical and computer engineering from the University of Illinois at Urbana-Champaign, and an MBA from the Wharton School at the University of Pennsylvania, where he graduated with honors and was named a Palmer Scholar.

Published Tuesday, November 22, 2022 7:40 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2022>