8 Prompts to Enhance Your AI Security Mailbox Customization

It’s been four months since we announced AI Security Mailbox and its new functionality as a personal AI security analyst for email security operations and employee education. The AI Security Analyst transforms the response mechanism of the user-reported email workflow from a generic template-based response to a personalized AI-generated response designed to coach employees to be more cyber-aware based on the unique characteristics of the reported email.

In the short time since the release of this feature, we have seen 35,000+ GenAI responses sent to employees across 150+ organizations. The early feedback has been overwhelmingly positive as an increasing number of security teams capitalize on this opportunity and technology to train employees to be more cyber vigilant.

“AI Security Mailbox automates the user-reported email workflow 100%, so we don't spend any time on it. The user reports it, and if it's malicious, Abnormal just removes it from inboxes,” said Jeff Deakins, Director of Information Security and Infrastructure at Marmon Holdings. “The solution can actually point out what in the email is malicious, which is really the ability to coach and drive security awareness.”

Security teams can personalize the AI Security Analyst by providing it with custom instructions and can see how the analyst translates those instructions into responses by chatting with the AI Security Analyst in the portal.

We often get asked, “What should be included in the custom instructions?” The possibilities are endless. Personalizing the AI Security Analyst to best engage your employees is fun, but it can be difficult to type the instructions out. So, for all of you facing writer's block, I present eight customizable prompts to try with your organization!

1. Specify the Tone

Ultimately you want the interaction with the AI Security Analyst to be pleasant, engaging, and representative of your security team. Specifying the tone can be an impactful way to accomplish that.

Prompt: “Use a formal tone when communicating with VIPs, but use a professional yet casual tone when communicating with the broader employee base. When responding to reporters who reported an identified malicious email, respond more formally. When responding to reporters who reported an identified safe or spam email, respond with humor.”

2. Create a Custom Template

With the custom instructions box, you can personalize the format of the response emails. This can make the response easier for employees to digest and understand.

Prompt: “Use the following email template when responding to reporters.

Hello {{reporter_name}},

Thank you for reporting a phishing email and helping keep our organization safe. An automatic analysis of the reported email has been conducted and the email was determined to be {{verdict}}.

Sender: {{sender email}}

Subject: {{subject}}

Analysis:

{{Insert AI security analysis here}}"

3. Provide Valuable Security Context

Security teams implement policies specific to end users that can be forgotten or misunderstood. Security policies should be included in the custom instructions so the AI Security Analyst can educate and explain those policies to employees when it makes sense.

Prompt: “We mandate 16 character count passwords, send monthly security awareness training which should be completely thoroughly and promptly, and use [insert vendor name] for MFA.”

4. Encourage Follow-Up Responses

Employees can sustain a conversation with the AI Security Analyst by responding to the email with additional questions about the reported email or other security-related topics. This creates an opportunity to further educate the employee and improve security awareness.

Prompt: “Include the following at the conclusion of your responses to employees: ‘I can help you with additional questions about the reported email or other cybersecurity-related topics. Simply reply to this email with your question!’”

5. Respond in Multiple Languages

If your business operates with employees in several countries, you can customize the AI Security Analyst to respond in the native languages of those employees.

Prompt: “When responding to employees, begin every response with an English response and then respond with the same message below in French. Separate the English and French responses with a ‘***’.”

6. Provide More Verbose Security Awareness Education

AI Security Mailbox capitalizes on the response mechanism to reporters of phishing emails to educate employees. By default, the AI Security Mailbox may include brief tips and tricks on how to identify malicious content, but encouraging more verbose education could capitalize even further on the response motion.

Prompt: “When crafting the response emails, ensure that each message includes a tip on how the reporter can improve their cybersecurity awareness and remain vigilant.”

7. Have Fun and Make it Engaging!

Typical interactions between employees and security teams can be challenging, but it's not the security team's fault! Reminders about training, understanding policies, and updates on MFA or passwords can feel burdensome. The responses sent by the AI Security Analyst should be fun and engaging and result in a positive experience for the employees. In the example below, I will share a potential prompt that could be used by a home improvement company.

Prompt: “End every response email with a fun analogy about cybersecurity and home improvement.”

8. Encourage Reporters to Contact the Security Team

We understand that an AI Security Analyst might not be useful for every action. In the event that an employee needs a more hands-on response, we recommend providing a medium to request that via the AI Security Analyst.

Prompt: “End every message with the following: If you want to get in touch with the security team, please email xxxx@companydomain.com.”

With AI Security Mailbox, security teams no longer have to manually investigate, remediate, and respond to user-reported phishing emails. Instead, they can recapture precious time spent on these tedious processes while also capitalizing on an opportunity to educate employees with personalized AI-generated responses.

Ready to experience the benefits of AI Security Mailbox in your organization? Schedule a demo today!