Super Cyber Friday
Getting Your Copilot Pilot Out of Pilot

Every organization wants to achieve the productivity benefits of generative AI. But privacy and security concerns mean that very few organizations have been able to move these systems into production, noted Brian Vecci, Field CTO, Varonis. Ultimately, Microsoft Copilot and other generative AI tools can only use data based on the security model already in place at an organization.

Check out this preview of our Super Cyber Friday event happening in two weeks, Friday, May 31, 2024. Our topic will be “Hacking Microsoft Copilot: An hour of critical thinking of how to get your Copilot pilot into production.”

REGISTER for 5-31-24 Super Cyber Friday Event

Joining me and Brian will be Cyrus Tibbs, CISO, PennyMac.

It all starts at 1 PM Eastern/10 AM Pacific. At the end of the hour [2 PM Eastern/11 AM Pacific] we’ll switch gears to our meetup where everyone will get a chance to chat face-to-face. Join us!

REGISTER for 05-31-24 Super Cyber Friday 

HUGE thanks to our sponsor Varonis

Defense in Depth
How Do We Build a Security Program to Thwart Deepfakes?

We're seeing AI and LLM rapidly push what was science fiction into production. Our ability to generate realistic sound, video, and images opens the obvious door for indistinguishable fakes from the real thing. How do we keep up as security professionals?

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap, CISO, LinkedIn. Joining us is Russ Ayres, svp of cyber and deputy CISO, Equifax.

Reality is up for grabs with deepfakes

With a lot of generative AI, the potential and reality of disruption aren’t hard to think of. Deepfakes are the most acute example. This leads some to see an explosion of disinformation and fake news, as Loga Devan Thirumalai of Deloitte Business Advisory speculated, "The outcome of such technologies, if left unchecked and unrestricted, may lead to confusion between reality and virtual world." But as with any new technology, deepfakes could also present a market opportunity. "The potential positive and negative applications make this both exciting and scary. I see a new shortlyhe near future if not already existing, ‘Reality Auditor,’" said Ejiro Iwhiwhu of Nestlé.

The reality of current technology vs. its potential

While deepfakes represent real world threats today, there are still some limits to the technology. "We are still many years away from this being accessible at the level where you can no longer distinguish reality from a game. Sorry to say it but it’s going to take quite some time before everyone can start running around Hogwarts casting spells with great graphics,” said Noble Todd of Auctane. The danger with deepfakes right now comes from passively absorbing them. As John Lawson points out, they aren’t perfect yet, saying, "If you're looking to see why it’s a fake, then you can find some evidence, but when you’re not specifically looking for the small details of fakery it will pass muster. Otherwise, it will just be casually consumed and accepted as real."

How does the rest of society adapt?

We’ve seen high profile cases of deepfakes used in fraud, but perhaps the harder challenge will be how to account for them in other aspects of society. Ron Healy of Vertex Inc wondered how the legal system will adapt, saying, "I wonder how long it will be before we see something produced by gen AI used as 'evidence' in the legal process of a crime. Humans are terrible at spotting fakes and also terrible at re-thinking what we think we know, once we think we know it." Lorne Rogers wondered how evidentiary processes will deal with deepfake content, saying “Surveillance video that is fake could be used to convict, or exonerate, people for crimes incorrectly. Video ‘evidence’ will become MORE unreliable than eyewitness testimony (and that tends to be pretty bad already)."

The new normal

Unless some very stringent regulations come into play, deepfakes will be with us. David Oliver of DOPV shared a more dystopian take on this, saying, "Deepfake is the new reality. We won’t know what is real. We already have lost faith in our institutions; as this technology improves imagine those with influence, money, and power using technologies." Organizations should already account for the reality of deepfakes in their security architecture.

Thanks to our other unwitting contributors: Ravi Lodhija of Ram Infosystems Limited and Demiro Massessi of Lifestyle Design Group.

Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.

Listen to the episode.

Thanks to our podcast sponsor, Sonrai Security

Subscribe
Subscribe to Defense in Depth podcast

Please subscribe via Apple Podcasts, Spotify, YouTube Music, Amazon Music, Pocket Casts, RSS, or just type "Defense in Depth" into your favorite podcast app.

LIVE!
Cyber Security Headlines - Week in Review

Make sure you register on YouTube to join the LIVE "Week In Review" this Friday for Cyber Security Headlines with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be Mike Lockhart, CISO, EagleView.

Thanks to our Cyber Security Headlines sponsor, Tines

Cyber chatter from around the web...
Jump in on these conversations

"People in cybersecurity, how many hours a week do you typically work?" (More here)

"What is the best phishing email you have seen?" (More here)

"Are you Cloud Security material?" (More here)

Coming Up On Super Cyber Friday...
Coming up in the weeks ahead on Super Cyber Friday we have:

• [05-24-24] NO SHOW

• [05-31-24] Hacking Microsoft Copilot

• [06-07-24] Hacking SOC 2 vs. ISO 27001

• [06-14-24] Hacking the Conversation Around Risk

• [06-21-24] Hacking Generative AI Anxiety

 Save your spot and register for them all now!

Thank you!
Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.