#Addressing Deepfake Threats in the Era of AI Agents

After years of generative AI adoption, the initial excitement around the technology has subsided, leading both attackers and defenders to work diligently on integrating AI-powered tools into practical applications. The reduced barriers to entry for less skilled hackers, combined with enhanced capabilities for sophisticated black hat operators, have made artificial intelligence a pivotal focus for security professionals.

The recent report on cybersecurity trends highlights AI-generated cyber-attacks as the foremost threat to organizations. A significant 71% of cybersecurity budget increases are attributed to the demand for AI technologies. Concurrently, generative AI firms are preparing to introduce next-generation AI agents capable of performing tasks autonomously, escalating the urgency of discussing defense strategies against AI-driven attacks.

One of the significant conversations slated for the upcoming cybersecurity conference will bring together leading experts on AI to share insights on combating threats posed by artificial intelligence. The session titled “Calling BS on AI – Strategies to Defeat Deepfake and Other AI Attacks” will particularly center on deepfake technology and AI-driven social engineering campaigns, which have emerged as two of the most concerning challenges in the current landscape.

Andrea Isoni, Chief AI Officer at AI Technologies, will be presenting alongside notable experts including Heather Lowrie of Resilionix, Zeki Turedi, Field CTO for Europe at CrowdStrike, and Graham Cluley, host of security-focused podcasts.

Difficulties with Text and Image Deepfake Detection

In a discussion regarding the capabilities of current detection technologies, Isoni emphasized the challenges in recognizing AI-generated text and images, suggesting that the technology has evolved to a point where detection will frequently fall short. He posits that effective detection of such synthetic content must become standard practice in cybersecurity, akin to password protection, encryption, and multi-factor authentication. Furthermore, he asserts that any effective detection technology must incorporate AI itself to be sustainable at scale.

Despite skepticism about the effectiveness of current detection tools, Isoni expressed a more optimistic view regarding deepfake detection technologies in the spheres of video and audio. He attributed this optimism to two key factors: the relative immaturity of AI generation technologies in these domains and the difficulty in obtaining substantial data on non-public figures.

Nevertheless, Isoni cautions that while advancements in deepfake detectors may improve response efficacy, they will likely not eliminate the risks associated with synthetic content, similar to how antivirus solutions have not eradicated malware threats.

Leveraging Standards and Regulations for AI Risk Management

Beyond the implementation of basic security measures and the utilization of detection technologies, Isoni urged organizations to evaluate potential threat scenarios and establish a comprehensive incident response plan, emphasizing a risk management framework. Industry standards, such as ISO 420001, alongside regulations like the EU AI Act, can guide organizations in formulating a risk-based strategy by clarifying potential threats and the associated penalties for non-compliance.

Isoni also encouraged organizations to investigate ‘AI safety layer’ products that are emerging in the industry, which are designed to shield AI models from exploitation and mitigate harmful impacts on end-users. These solutions are anticipated to be increasingly vital as the proliferation of AI systems continues.

In conclusion, the heightened focus on AI threats and the tactics to manage them will be a central theme at this year’s cybersecurity event, presenting a critical opportunity for professionals to learn about the latest developments in AI and the broader cybersecurity landscape.