Can you trust what you are seeing online? We are headed into an election season, and I want to caution all my readers. Do not trust anything you read, see, or hear, especially online. This is perhaps one of the most contentious election seasons yet, and we have a new foe to deal with: deepfakes.
Now, I try to stay away from politics on this blog, but I think there is a more pressing issue to contend with here. We need to become good discerners of truth. We need to know how to do good due diligence. We need to know how to spot a deepfake—and let me tell you this is becoming harder to do, as nefarious characters become craftier and scarier.
The Problem
This is impacting our business in more ways than one. In fact, more than one-third of U.S. businesses have experienced a deepfake information security incident last year. This is according to research done by ISMS.online.
So how do we better prepare ourselves for what’s to come? Let’s dive into what exactly a deepfake is. A deepfake is content that uses a person’s face or body that has been digitally altered, with the intent to spread false information maliciously.
As an example, deepfake technology enables nefarious characters to operate a business email style attack. But it can get even more sophisticated than attacks of the past. Some can even mimic the voice and image of senior leaders to trick them to transfer funds.
Deloitte suggests generative AI (artificial intelligence) is expected to magnify the risk of deepfakes and other fraud in banking in particular. In fact, it points to a specific example from January 2024 when an employee at a Hong Kong-based firm sent $25 million to criminals after being instructed to do so by her CFO on a video call that also included other colleagues. However, it turned out she wasn’t on a call with any of these people. It was a deepfake that replicated their likeness.
Deloitte’s Center for Financial Services predicts gen AI could enable fraud losses to reach $40 billion in the United States by 2027, from $12.3 billion in 2023, a growth rate of 32%.
These pose a real threat to our businesses as well—and the threat is rising steadily. Deepfakes are already the second most common information security incident impacting organizations, with the most common incident being malware infections (37%), according to ISMS.online.
The Solution
To address this problem, we must attack it from multiple angles. Our business must take the lead here. Let’s look at a few ways we can approach this.
We must train and inform our staff and team on what to look for. We need to teach them what to look for. We need to help them recognize what scams look like. And we need to be doing this constantly because these threat actors keep changing their methods constantly.
We must leverage technology. Nearly two in three organizations plan to increase their spending on securing supply chain and third-party vendor connections in the coming 12 months, and 68% expect to increase their overall information security spending. If we want to be resilient, we must consider technology.
We must create solid business policies and procedures. More than a third of businesses admit employees use personal devices without proper security measures, leaving businesses more vulnerable to targeted cyber-attacks like deepfakes. We can no longer do business the way we did in the past. We must become savvier and tell our workers how to combat this problem.
What would you add? How can we best prepare our workforce for deepfakes? How can we teach and train them to be aware of the risks that exist today?
Want to tweet about this article? Use hashtags #IoT #sustainability #AI #5G #cloud #edge #futureofwork #digitaltransformation #circularworld #deepfake