Behavioural AI to the cyber-rescue

With the year reaching its end, many organisations are already planning for the year ahead. 

 

This change relies on reflection, evaluating what worked and what could’ve been better. While business growth is probably the focus for many, cybersecurity must be included in this road map—specifically, security awareness training (SAT).

 

Now is the time for security teams and leaders to evaluate whether their SAT programmes have been effective, and to incorporate those learnings into their plans for the new year. For many, the efforts are not worth the results.

 

While it’s important to invest in effective and engaging awareness training, it’s just as crucial that organisations adopt multi-layered defensive measures that support their staff year-round. 

 

Traditional SAT is failing

Conventional SAT programs are often outdated, leaving employees disengaged and passive when faced with real life cyber threats—and we’re seeing the consequences.

 

Research shows that 99% of organisations experienced an avoidable security incident because of an end-user action, like clicking a malicious link—the exact behaviour that SAT should be teaching users to identify and ultimately avoid. 

 

With the rise of generative AI, traditional tell-tale signs of phishing like spelling mistakes, poor grammar, and broken sentences are no longer reliable signs for users to look out for. Attackers are increasingly manipulating victims through carefully crafted, socially engineered messages.

 

Most organisations do not have continuous training programmes in place, and for those that do, it’s often just a box that is checked to meet regulatory requirements—leading to SAT programmes that are too infrequent and irrelevant to be truly effective in changing employee behaviour.

 

Meanwhile, 83% of IT leaders agree that their current SAT tools require substantial effort to operate and maintain, with more than half (53%) agreeing that the effort required to run them outweighs their impact. This data points to a clear need for refreshed SAT—for employees and the security teams that work so hard to protect them.

 

Modernising SAT with behavioural AI to scale defences  

Just as AI is helping adversaries target their victims, it can also help advance awareness training. Thoughtfully modernising SAT tools with behavioural AI makes programmes smarter, safer, and more personalised—in turn, transforming employees from liabilities into defenders.

 

Personalisation is the first key step. AI-powered awareness training detects risky behaviours—like clicking suspicious links—and delivers immediate, just-in-time coaching to reinforce the right behaviours and helps users apply what they learn to real-world scenarios.

 

This type of immediate contextual coaching sets a solid foundation to empower employees, and can be even more advantageous when paired with SAT that is augmented toward different threats faced by each individual’s role. For example, an employee on the finance team might need training on wire fraud tactics, while an engineer may need guidance on secure coding or software supply chain risks.

 

SAT with behavioural AI tailors content based on job function, prior behaviour, and common attack patterns to make the material more engaging and relevant, in turn encouraging employees to become more capable defenders.

 

Autonomous training also improves the lives of security teams by streamlining phishing simulations, training assignments, and tracking outcomes. Of course, human oversight is still essential, but AI-powered SAT has an almost immediate impact on reducing the burden on the IT department to build, deliver, track, and scale defences.

 

Building a strong, resilient culture of defenders

Despite organisational efforts to improve technical capabilities, successful email attacks are still on the rise. Ensuring that employees are trained to identify and report adversarial behaviours is a crucial step in securing your organisation. 

 

Integrating behavioural AI into SAT will not only empower employees but also lighten the load on security teams and ultimately foster a stronger, more secure organisational culture.

 

---

 

Mick Leach is Field CISO, Abnormal AI

 

Main image courtesy of iStockPhoto.com and Liudmila Chernetska