Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
ManagementSecurity Enterprise ServicesSecurity Leadership and ManagementSecurity & Business Resilience

Risk Management

Don’t discount the risk of deepfakes to the enterprise

Many security researchers are now predicting that deepfakes could become a major security threat in the 2021-2022 period. Where is the threat and what can you do about it?

By Darren Thomson
SEC0421-DeepFake-Feat-Slide1_900px

FreshSplash / E+ via Getty Images

SEC0421-DeepFake-Slide2_900px
SEC0421-DeepFake-Feat-Slide1_900px
SEC0421-DeepFake-Slide2_900px
April 14, 2021

Social engineering is a defined domain within the social sciences that focuses on efforts to influence particular attitudes and social behaviors. In recent years, there has been a recognition that social engineering plays a huge part in the execution of cybersecurity attacks. Specifically, social engineering in a technical context can be defined as the act of exploiting human weaknesses to gain access to personal information and protected systems; it relies on manipulating individuals rather than hacking computer systems to penetrate a targeted system.

Traditionally, social engineering techniques have been categorized as either physical or non-physical (often termed “technical” where computer systems are used as the basis for attack). Physical manifestations of social engineering involve a physical act on the part of the criminal that grants access or steals information. Non-physical social engineering involves use of authority, playing on emotions such as greed, curiosity and anger as well as the use of impersonation. The intersection of “non-physical” and “technical” social engineering is where criminals are mostly focused today.

 

Hyper-Connectivity Provides Opportunity

Increasingly, workers today are hyper-connected, data-rich and often blur the lines between their public and private information. A person working from home, for example, most likely uses many of the same technical resources for their private conversations as they do for the public ones. Electronic communication such as email and, in particular, social media platforms further prepare the ground for sophisticated social engineering by cybercriminals.

Importantly, the definition of a trusted relationship has also changed significantly in recent years. Historically, a criminal leveraging social engineering techniques would have had to imitate a close relation or colleague in the physical world. Now, the spoofing of an email address or the creation of a fake social media account may be sufficient.

Even prior to the COVID-19 pandemic, people were physically meeting less and the tools that replaced these physical interactions were becoming more ubiquitous. In turn, these very same tools started to become almost perfect vectors for social engineering attacks. More and more of our data has to be online today in order for service providers, governments and others to make use of it and provide us with service. People have created digital avatars of themselves (for the purposes of engaging with social welfare or interacting with the banks online, for example) and these digital identities are proving to be just as valuable as physical human targets have been for centuries.


Deepfakes Present a Major Security Threat

Within the general trend of more advanced social engineering techniques, enabled by AI and machine learning technology, “deepfakes” represent a particular concern to enterprise security leaders as they attempt to predict what the next few years will bring. Deepfakes (essentially, fake video identities) leverage AI and machine learning to create “photo-realistic” simulations of certain individuals interacting with a video camera.

This technology has been steadily growing in sophistication for several years but the use of deepfakes in the cyberthreat domain has yet to materialize as a major source of concern. It is interesting to reflect, however, on the potential impact of this technology since COVID-19 and increased use of video conferencing services. Many security researchers are now predicting that deepfakes could become a major security threat in the 2021-2022 period.

We are likely to see both legitimate and illegal use of this technology in the coming years. Early adopters here are likely to appear in various parts of the entertainment industry. Legitimate consumer applications such as “faceswap” are demonstrations of early commercialized offerings that are helping to generate revenue with the technology and drive down the cost of application in the field. Criminal use of deepfake technology is yet to materialize fully but future targets could be political figures (particularly those who have a large online presence) and business leaders who could be targeted with ransomware or “business email compromise” attacks.

 

Audience Manipulation

In the 2021-2024 timeframe, deep fake videos will likely affect domains such as politics, the media and large businesses. Politicians are on camera frequently, often in stationary positions. This creates an opportunity for politically motivated groups to spread false messages, manipulate audiences and damage reputation through the use of this technology. In business, there is already evidence that criminals are researching how deepfake technology could be leveraged to manipulate unsuspecting employees in espionage or financially motivated attacks.

A particularly interesting area of innovation is in the technology of “mouth mapping,” invented by students and the faculty at the University of Washington, Seattle. Here, targets can be made to say anything in very realistic simulations that even the trained eye would find hard to distinguish from reality. This technology is likely to lead to viral political videos that insight fear, uncertainty and crime. It is also applicable to social media and web conferencing (particularly relevant in a post-pandemic era).

The effects of these types of attacks are likely to manifest themselves in a way that increasingly exaggerates the impact that we witness in cyber today. Manipulation of social media to spread fake news, false executive orders to request transfers of money and the breach and subsequent exfiltration of sensitive data are all risks that are likely to see materially increased impact in the coming years, thanks to deepfake technology.

 

The Role of Enterprise Security Leaders

There is little that risk managers can do to combat the development of deepfake technologies, but careful risk selection will become increasingly important as this and other offensive technologies evolve. Careful analysis of organizational cyber resilience and maturity will likely prove to be the difference between success and failure for insurers and cybersecurity leaders alike. In addition, defensive technologies are being developed to detect fake videos, and the adoption of these emerging cyber defenses will be key in combating the next generation of cybercrime.

As always, risk managers should try to take a balanced approach when identifying and selecting the right risks. There is no silver bullet of questioning that will translate into zero losses, however, companies can still try to understand how a given risk stacks up to information security frameworks. Taking the NIST Cybersecurity Framework for example, understanding how companies, identify, protect, detect, respond and recover will provide a more holistic view of the risk.

Technology can play its part but to holistically defend against the looming threat of deepfakes, it is important for companies to consider people, processes and technology. Companies are increasingly training their employees to identify and detect social engineering attacks, and build processes for alerting such incidents and escalating them before others fall victim.

KEYWORDS: cyber security deepfakes enterprise security public safety risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Sec0421 deepfake slide2 900px

Darren Thomson is Head of Cybersecurity Strategy at CyberCube.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
close

1 COMPLIMENTARY ARTICLE(S) LEFT

Loader

Already Registered? Sign in now.

Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Half closed laptop

Sudo Vulnerability Discovered, May Exposes Linux Systems

Person holding cellphone

Millions of Android, iPhone Users Could Be Sending Data to China

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • deepfake

    How to mitigate the threat of deepfakes to enterprise organizations

    See More
  • SEC0921-Talk-Feat-slide1_900px

    The risk of human trafficking to the enterprise supply chain

    See More
  • employees are putting enterprises at risk by logging into personal sites with work devices and also work credentials

    One in four people use work password to log on to personal sites, increasing the risk to the enterprise

    See More

Related Products

See More Products
  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

  • facility manager.jpg

    The Facility Manager's Guide to Safety and Security

  • The-Complete-Guide-to-Physi.gif

    The Complete Guide to Physical Security

See More Products
×
FreshSplash / E+ via Getty Images

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!