Abnormal AI leadership changes reflect rising AI-generated email threats

At a glance

What this is: Abnormal AI says AI-generated attacks are increasing fast enough to reshape its leadership priorities around product, customer success, and legal oversight.

Why it matters: IAM and security teams need to treat identity and behavioural signals as a shared control plane because email, connected apps, and account abuse now blur together across human, NHI, and autonomous-style attack paths.

By the numbers:

• Over the past six months, Abnormal has seen a 97% increase in advanced attacks bypassing Secure Email Gateways.
• Abnormal is trusted by thousands of organizations, including more than 25% of the Fortune 500.

👉 Read Abnormal AI's analysis of rising AI-generated threats and leadership changes

Context

AI-generated phishing and impersonation campaigns are reducing the reliability of message-based trust signals. When attacks can mimic familiar communication patterns at scale, email security can no longer depend on static filtering alone, and identity context becomes part of the detection problem.

For IAM and security teams, the practical issue is not just malicious content. It is how trust is inferred across human users, service identities, and connected applications when behavioural signals become the main way to distinguish real activity from synthetic abuse.

Key questions

Q: How should security teams defend against AI-generated phishing that bypasses email gateways?

A: Teams should combine behavioural detection with identity-based response, because content inspection alone is increasingly easy to evade. The most useful controls correlate sender behaviour, user interaction patterns, sign-in anomalies, and downstream app activity. That approach helps distinguish synthetic legitimacy from real trust and lets defenders respond before account abuse spreads into connected systems.

Q: Why do connected applications increase the impact of email-based attacks?

A: Connected applications extend trust beyond the inbox. Once an attacker reaches a user or account, inherited authentication and authorisation can open access to business systems such as collaboration, HR, and service platforms. That is why email security now needs to include session behaviour, token activity, and app-level access monitoring, not just message filtering.

Q: How can organisations tell whether behavioural AI is working in practice?

A: Look for reduced dwell time between suspicious delivery and response, better correlation between email and identity events, and fewer missed cases where legitimate-looking traffic leads to account abuse. If detections are accurate but cannot explain why an event was flagged, the programme may be operationally weak even if it looks effective on paper.

Q: Who should own the response when AI-driven impersonation crosses from email into identity risk?

A: Ownership should sit across security operations, identity teams, and governance stakeholders, because the event is no longer only a messaging issue. If the attacker can pivot into accounts or connected apps, containment, auditability, and business impact review all become part of the same response chain. Clear accountability matters more than organisational silos.

Technical breakdown

Why behavioural detection is replacing signature-based email filtering

Traditional secure email gateways are built to recognise patterns such as known malicious links, domains, payloads, or sender reputation. AI-generated attacks weaken those assumptions because the content can be fluent, context-aware, and personalised enough to resemble legitimate business traffic. Behavioural AI shifts the detection model toward anomalies in sender patterns, message timing, account relationships, and downstream interactions. That matters because the attacker does not need a novel exploit, only a convincing imitation of routine work behaviour.This is especially relevant in environments where email is tightly connected to identity workflows, ticketing, and SaaS access.

Practical implication: tune controls to detect behavioural deviation across mail, identity, and app activity instead of relying on content signatures alone.

How identity context changes detection across connected applications

The article points to protection across Microsoft 365, Google Workspace, Slack, Workday, ServiceNow, and Zoom, which is a reminder that email is only one entry point into a broader identity surface. Once an account is abused, attackers often pivot through connected applications where trust is inherited from existing authentication and authorisation state. That makes behavioural analysis more useful when it joins identity posture, session activity, and application relationships into a single view.The real challenge is not just blocking a malicious message, but spotting the trust chain that lets a compromised account move laterally into business systems.

Practical implication: extend monitoring from inbox defence to connected application access, session behaviour, and privilege abuse indicators.

Why compliance and legal governance now sit inside the detection stack

The addition of a chief legal officer signals that AI governance, transparency, and compliance are becoming operational concerns, not just policy topics. In security programmes, this usually happens when controls need to support evidence, defensibility, and cross-functional decision-making under scrutiny. As AI-driven attacks become harder to explain with simple rule sets, organisations need governance that can justify why a message was flagged, how identity evidence was used, and what audit trail exists after response.That does not make detection slower. It makes it more accountable.

Practical implication: require audit-ready explanation for behavioural detections so security, legal, and compliance teams can act on the same evidence.

Threat narrative

Attacker objective: The attacker wants to use convincing synthetic communication to gain trusted access paths that support account compromise, fraud, or broader enterprise intrusion.

1. Entry occurs through AI-generated communications that mimic trusted senders closely enough to bypass secure email gateways and reach users or connected workflows.
2. Escalation follows when a recipient interaction, account compromise, or connected-app trust path gives the attacker access to identity-linked systems beyond the inbox.
3. Impact lands in compromised communications, account abuse, and potential movement into cloud applications where inherited trust lets the attacker operate as a legitimate user.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• DeepSeek breach — DeepSeek breach exposed 1M+ log lines and sensitive secret keys.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Behavioural AI is becoming an identity control, not just an email control. When attacks are fluent enough to bypass secure email gateways, the security question moves from message filtering to trust validation across identities, sessions, and applications. That shift matters because modern abuse chains do not stop at delivery. They exploit the fact that a trusted communication channel can still carry an untrusted actor. Practitioners should treat behavioural detection as part of the identity stack, not a separate messaging layer.

The named concept here is identity-behaviour convergence: the point at which communication security and identity security stop being separable operating domains. AI-generated threats make this convergence unavoidable because the attack is judged by behaviour, not by simple content markers. The implication is that teams can no longer assess inbox security without also assessing account posture, application trust, and downstream user interaction patterns. Security programmes should plan for this merged control surface rather than maintain disconnected ownership models.

Leadership changes in product, customer success, and legal usually follow control-surface expansion. That pattern suggests the market is moving from point detection toward platformised response models that need operational maturity as much as model quality. For practitioners, this is a signal to re-evaluate whether their own detection and governance workflows can explain outcomes across security, compliance, and incident response. Identity programmes should expect more demand for evidence, traceability, and cross-domain reporting.

AI-generated attacks expose the weakness of trust built only on recognition. Human familiarity, sender reputation, and routine workflow patterns are all easier to imitate than many teams assumed. That means threat models need to account for adversaries that are optimising for believability rather than technical sophistication. The practical conclusion is that security architecture must assume synthetic legitimacy and verify behaviour continuously.

Behavioural detection becomes most valuable where identity, email, and SaaS access overlap. That overlap is where attackers inherit legitimate context and hide inside normal work patterns. The field should expect more security programmes to converge around shared telemetry and policy enforcement across communication and access systems. Teams that keep those domains separate will keep missing the attack path.

From our research:

• The average estimated time to remediate a leaked secret is 27 days, according to The State of Secrets in AppSec.
• Only 44% of developers are reported to follow security best practices for secrets management, exposing a significant developer behaviour gap, according to The State of Secrets in AppSec.
• For a broader identity lens, see Ultimate Guide to NHIs , Key Challenges and Risks for how visibility gaps and over-privilege compound across machine identities.

What this signals

Identity-behaviour convergence: security teams should expect email, collaboration, and SaaS access telemetry to be analysed as one control surface rather than separate product silos. That shift matters because synthetic communication increasingly succeeds by looking operationally normal, not technically malicious.

The practical signal is that detection programmes will be judged on explainability as much as accuracy. When a control blocks a message, the organisation still needs to know which identity, session, or downstream app path triggered the decision and whether the response was proportionate.

With only 44% of developers following security best practices for secrets management, per The State of Secrets in AppSec, behavioural defence has to extend into how credentials and trust are handled after initial access. Teams that treat message filtering as the end state will keep missing the identity layer.

For practitioners

• Map inbox controls to identity outcomes Review how email detections feed account lock, session revocation, and step-up verification when suspicious communication is confirmed. If the response stops at quarantine, attackers can still use the trusted account or connected app path.
• Correlate behavioural signals across connected apps Join mail telemetry with sign-in events, token usage, and app-to-app activity across Microsoft 365, Google Workspace, Slack, Workday, ServiceNow, and Zoom. A single message is rarely the full attack surface.
• Add auditability to behavioural decisions Require security tooling to preserve the evidence that led to a detection, including sender relationships, message timing, and abnormal interaction sequences. Legal and compliance teams need that record when the response affects business users or customer-facing workflows.

Key takeaways

• AI-generated impersonation is pushing email defence into identity territory because trust now depends on behaviour as much as content.
• The 97% rise in advanced attacks bypassing secure email gateways shows that signature-style controls alone are losing coverage against synthetic legitimacy.
• Practitioners should connect inbox signals to account containment, SaaS telemetry, and audit evidence so response matches the full attack path.

Key terms

• Behavioural AI: A detection approach that identifies threats by analysing patterns of activity rather than relying only on static signatures. In identity security, it evaluates how messages, users, sessions, and applications behave together so that abnormal but believable activity can still be flagged.
• Identity-behaviour convergence: The point where communication security and identity security operate as one problem because the attacker can abuse legitimate-looking behaviour to reach trusted systems. It matters when email, sign-in, and application telemetry must be interpreted together to understand risk.
• Connected application trust chain: The inherited trust path that lets one authenticated account influence access to other business systems. When attackers compromise a user or identity, that trust chain can extend into collaboration, HR, and service platforms without a fresh login challenge.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Abnormal AI: Abnormal AI Expands Leadership Team to Advance Behavioral AI Platform. Read the original.