---
title: Google’s Defence Architects Launch AegisAI, AI-Native Email Security as Phishing Attacks Quadruple in Effectiveness
description: AI-powered phishing is outpacing legacy email security. AegisAI agents cut false positives and speed defence for Microsoft 365 and Google Workspace users.
author: Darie Nani (Editor-in-Chief)
date: 2025-09-10T12:01:20.000Z
updated: 2026-02-26T18:02:03.206Z
canonical: https://www.sovereignmagazine.com/article/google-s-defence-architects-launch-aegisai-ai-native-email-security-as-phishing-attacks-quadr
image: https://cdn.nanimediahouse.com/Cy-and-Ryan_20250908_Landscape-v2-scaled.jpg
categories: Startups, Artificial Intelligence
content_type: Spotlight
region: United States
publication: Sovereign Magazine
about:
  - type: Organization
    name: AegisAI
    description: "AegisAI is pioneering the next generation of email security through autonomous AI agents that detect and respond to email threats without human intervention.\n\nFounded by former Google engineers and product leaders with deep expertise in large-scale threat detection, the company delivers radically simplified and more accurate protection against phishing, malware, and social engineering attacks. AegisAI is backed by leading venture capital funds and angel investors. Learn more at www.aegisai.ai ."
    url: https://www.aegisai.ai/
    sameAs:
      - https://www.linkedin.com/company/aegisaisecurity/
---

Artificial intelligence has fundamentally broken email security. AI-generated phishing emails now achieve a 54% click-through rate compared to just 12% for human-written ones – making them over four times more effective at tricking employees into clicking malicious links. Attackers wielding AI tools now race against defenders scrambling to adapt systems built for a pre-AI world.

![AegisAI Executive Overview Dashboard 1024x802](https://cdn.nanimediahouse.com/AegisAI_Executive_Overview_Dashboard-1024x802.png)

Two former Google executives who spent years protecting billions of users have stepped forward with what they argue is the first truly AI-native solution to this growing threat. Cy Khormaee and Ryan Luo, who previously led Google’s Safe Browsing and reCAPTCHA services, have raised $13 million to build [AegisAI](https://www.aegisai.ai/) – autonomous AI agents designed specifically to counter AI-powered attacks rather than retrofitting traditional rule-based systems.

## The Architects Behind Billion-User Protection

[Khormaee brings exceptional credentials](https://www.sovereignmagazine.com/article/scalekit-raises-5-5m-as-authentication-systems-fail-ai-agent-test) to the challenge, having served as Head of Product for Google’s User Protection Services, overseeing [Safe Browsing protection](https://safebrowsing.google.com/) that shields billions of users daily from malicious websites. His work extended across reCAPTCHA and Web Risk services that form the backbone of internet security for countless applications and services.

‘After spending a combined few decades protecting billions of users at Google, we’ve seen firsthand how enterprise email defences have failed to evolve,’ Khormaee explained. ‘We’re seeing the sophistication of AI powered attacks increase rapidly while existing email security defences are standing still. Security leaders lack the tools they need to defend their organisations.’

## AI-Driven Attacks Explode in Volume and Success

Since ChatGPT’s launch in late 2022, [phishing volume has surged by 4,151%](https://socradar.io/phishing-in-2024-4151-increase-since-chatgpt/), while AI-driven phishing attacks specifically increased by 1,265% by late 2024. Recent data shows that 67% of phishing attacks now utilise AI capabilities. Warnings about [AI-driven cybersecurity threats](https://www.sovereignmagazine.com/article/uk-warns-of-ai-advancements-threatening-global-cybersecurity-systems) continue mounting from security agencies worldwide.

Modern attackers increasingly abuse trusted platforms like Salesforce, Zoom and Google to deliver malicious content, exploiting the inherent trust these services carry to bypass traditional reputation-based security filters. A recent ReliaQuest report revealed that automated phishing using the Axios user agent achieved a 58% success rate versus just 9% for traditional methods.

Business Email Compromise attacks alone caused over $2.7 billion in losses in the United States in 2024, with 64% of companies affected and average losses of $150,000 per incident. The [average cost of phishing-related data breaches](https://www.sovereignmagazine.com/article/the-ai-led-tug-of-war-within-finance) reached $4.88 million in 2024-2025.

## Why Traditional Systems Cannot Adapt

Rule-based email security systems face an impossible challenge when confronting AI opponents. Traditional filters rely on static patterns, known sender reputations and predefined rules that cannot keep pace with AI attacks that continuously evolve tactics, rotate graphics and messaging, and create increasingly convincing lures in real-time.

False positives compound the operational burden. Enterprise security teams report that [61% of employee-reported phishing emails](https://emailsecurity.fortra.com/blog/phishing-emails-false-positives) turn out to be false positives, diverting valuable SOC analyst time away from genuine threats. Over 40,000 false positives in a recent survey period illustrate how traditional systems waste resources whilst genuine AI-powered threats slip through.

‘We don’t believe in creating more alerts — we believe in creating better security outcomes,’ said Ryan Luo, AegisAI’s CTO and co-founder. ‘Our mission is to protect organisations without adding operational burden and to give security teams the reliable intelligence they need to focus on what matters most.’

## The AI-Native Defence Approach

AegisAI’s solution represents a fundamental departure from traditional email security architecture. Instead of rule-based filters, the platform deploys autonomous AI agents that inspect, analyse and neutralise email threats in real-time. These agents continuously learn from adversarial behaviour and share threat intelligence across organisations, enabling rapid detection of emerging phishing tactics.

Customers have seen up to 90% reduction in false positives compared to traditional solutions – an improvement that could save enterprises significant operational costs. The platform integrates seamlessly with Microsoft 365 and Google Workspace via API deployment, requiring minimal configuration or ongoing maintenance. [Practical AI cybersecurity implementations](https://www.sovereignmagazine.com/article/what-ai-cybersecurity-really-looks-like-on-the-ground-for-us-businesses) like these demonstrate how businesses can deploy effective defences without overwhelming their teams.

Early customer feedback validates the approach. Bam Azizi, CEO at [Mesh](https://www.meshconnect.com/), noted: ‘As a former security founder, I’ve seen the cat-and-mouse game play out for decades—especially in email security, where attackers constantly evolve to trick employees. Aegis is the first solution that truly changes the game. They came into Mesh and stopped attackers in their tracks.’

### Investor Confidence in AI-Native Security

The $13 million seed round led by [Accel](https://www.accel.com/) and [Foundation Capital](https://foundationcapital.com/) demonstrates investor confidence in the AI-native approach. Eric Wolford, Partner at Accel, emphasised the importance of founding teams with genuine AI expertise: ‘The AI era will inevitably drive disruption in email – the easiest attack vector. We were looking for a team that was AI-native – people who didn’t just whitewash with AI – people who had the DNA and career investments in the development of AI.’

Ian Cohen, CEO at Lokker, provided additional validation: ‘We immediately saw threats to our accounting, engineering, and executives teams in the dashboard. Aegis enabled us to see and stop these threats without our team manually hunting them down.’

## Security Built for the AI Era

AegisAI represents the beginning of a broader movement towards [security tools built specifically for the AI era](https://www.sovereignmagazine.com/article/how-aaf-management-turned-55m-in-emerging-manager-bets-into-a-private-market-intelligence-ope) rather than adapted from pre-AI systems. The cybersecurity industry is witnessing increased acquisition activity around AI security capabilities, with companies like [Cato Networks acquiring AI security startup Aim Security](https://cyberscoop.com/cato-networks-acquires-ai-security-startup-aim-security/) to integrate advanced AI security into their platforms.

There is a growing recognition that traditional cybersecurity approaches cannot simply be enhanced with AI features – they need rebuilding from the ground up to match AI-powered attack sophistication. [Companies developing](https://www.sovereignmagazine.com/article/i-wanted-to-love-perplexity-s-ai-browser-but-the-permissions-screen-made-me-hit-cancel) security-by-design approaches and [AI trust platforms](https://www.sovereignmagazine.com/article/bigeye-bets-on-ai-trust-platforms-as-mohamed-k-alimi-joins-to-build-agent-oversight-tools) share similar philosophies about building security into systems from day one rather than bolting it on afterwards.

As AI becomes more sophisticated and accessible, every aspect of [cybersecurity will need similar fundamental rethinking](https://www.sovereignmagazine.com/article/businesses-should-be-paying-attention-to-ai-powered-social-engineering). Whether traditional security vendors can adapt quickly enough, or whether AI-native startups will capture the market by building superior solutions from scratch, remains an open question.

For enterprises currently struggling with the explosion of AI-powered threats, one fact stands clear: the old rules no longer apply, and neither do the old defences.

**About AegisAI**

AegisAI is pioneering the next generation of email security through autonomous AI agents that detect and respond to email threats without human intervention.

Founded by former Google engineers and product leaders with deep expertise in large-scale threat detection, the company delivers radically simplified and more accurate protection against phishing, malware, and social engineering attacks. AegisAI is backed by leading venture capital funds and angel investors. Learn more at www.aegisai.ai .

[Website](https://www.aegisai.ai/)
