91% of Security and IT Professionals Agree Cybercriminals are Already Using AI in Email Attacks, per Report from SlashNext and Osterman Research

New market research reveals email and multi-channel messaging security is a top concern for organizations, as AI plays a pivotal role in the threat landscape 


PLEASANTON, Calif. – August 21, 2023 SlashNext, the leader in SaaS-based Integrated Cloud Messaging Security across email, web, and mobile, today released a report and whitepaper in partnership with Osterman Research, a leading market research and consulting firm. The report, titled “The Role of AI in Email Security” includes data from a recent survey of U.S. tech and security leaders at organizations of at least 1,000 employees, and sheds light on their views of how AI is being weaponized by cybercriminals in email and other messaging-based attacks, and how they are preparing to defend their organizations against these attacks using AI-enabled security solutions. 


The report reveals that 91% of respondents either agreed or strongly agreed that cybercriminals are already using AI in email attacks targeting their organizations, with 74% indicating they have experienced an increase in the use of AI by cybercriminals in the past six months. Similarly, 88% of respondents believe cybercriminals will continue to innovate in their use of AI in these types of attacks going forward. This strongly echoes what security experts and researchers have been warning since ChatGPT became publicly available just a few short months ago, and spinoffs of ChatGPT developed with malicious intent, such as WormGPT, entered dark web forums.  


“Protecting email has always been a top security concern for businesses given its inherently insecure nature and the incredible access it can offer an attacker should they succeed in compromising a user’s account,” said Patrick Harr, CEO, SlashNext. “However, email is not the only channel cybercriminals use to target employees. The data shows rapidly increasing rates of attacks on mobile devices and other messaging channels such as Slack, LinkedIn, Microsoft Teams, and this study by Osterman Research demonstrates that security and IT professionals are actively seeking security solutions that offer protections to these channels as well.” 


Additional key data points from the report include: 

  • 25% of respondents indicated email security is their top concern, with another 52% indicating it is among their top three concerns. 
  • Email provides access to almost everything else within an organization, and from its early inception was not designed to be inherently secure – this has made it both a prime target for bad actors and an incredibly difficult attack surface to defend. 
  • The percentage of respondents ranking AI as “extremely important” to their email defenses has increased more than fourfold over the past 12 months, and a total of 92% of respondents currently rate it as moderately or extremely important.  
  • 90% of respondents confirmed they have implemented an AI-enabled email security solution beyond what is offered by their cloud email provider. 
  • After adopting AI-enabled security solution(s), four out of five organizations observed improved efficacy in detecting multiple types of threats in email (e.g. targeted spear phishing, BEC, account compromise of internal employees, malicious attachments and URLs, etc.), even as threat actors have changed their attack methods. 
  • 83.7% of respondents said the ability to protect other communications applications in their ecosystem (e.g. Teams, SharePoint, Zoom, Slack, etc.) was moderately or extremely important when evaluating AI-enabled email security solutions 


“Our research clearly demonstrates a critical need for organizations to protect more than just email – IT and security leaders are focused on their complete attack surface and recognize the increasing threat of malicious messages reaching employees via other communication and collaboration tools such as SharePoint, Slack, Zoom and Teams,” said Michael Sampson, Principal Analyst, Osterman Research. “What’s more, our research indicates that these IT and security leaders view specialized AI-based solutions as key to their current and future defenses when it comes to email and multi-channel security. The security community is clearly embracing the idea that we must fight AI with AI.”  

The Osterman Research report was sponsored by SlashNext, Abnormal Security, IRONSCALES, KnowBe4, Mimecast, Perception Point and SonicWall. Read “The Role of AI in Email Security report in full. 

Register for the webinar, The Role of AI in Email Security with SlashNext and Michael Sampson, Principal Analyst, Osterman Research on September 12, 2023 at 12 p.m. PST.  


Learn more about SlashNext Complete and SlashNext’s patented HumanAI detection or schedule a demo today.  


About SlashNext 

SlashNext protects the modern workforce from malicious messages across all digital channels. SlashNext Complete™ integrated cloud messaging security platform utilizes patented HumanAITM technology with 99.9% accuracy to detect threats in real-time to stop zero-hour threats in email, mobile and web Messaging Apps across M365, Gmail, LinkedIn, WhatsApp, Telegram, Slack, Teams and others messaging channels. Take advantage of SlashNext’s Integrated Cloud Messaging Security for email, browser, and mobile to protect your organization from data theft and financial fraud breaches today. 

Media Contact 

Emily Ashley 

Lumina Communications for SlashNext