How to mitigate the threat of deepfakes to enterprise organizations

Image from Unsplash

The deepfake process, powered by artificial intelligence (AI) and machine learning technology, allows people to produce or alter video and audio content so that it represents something that, in reality, is not real or authentic.

Like the rest of the technology universe, deepfakes and cybersecurity threats are constantly evolving in complex ways. According to a recent report, the number of attacks leveraging the face- and voice-altering technology that creates deepfakes jumped by 13% in the last year. As security methods continue to evolve, so do the technologies and techniques used by those looking to promote chaos through misinformation.

In addition to the havoc deepfakes can wreak on governments, militaries and consumers, they can also threaten businesses globally. Enterprises must understand the dangers of deepfake technologies, including reputational and financial losses, while security leaders take steps toward combatting the damage.

Reputation, reputation, reputation

When assessing the impact of deepfakes, its reputation that’s most at stake. Fake interactions between an employee and user, for example, or the misrepresentation of a CEO online could damage an enterprise’s credibility, resulting in user and other financial losses.

To protect against cases like this, companies must thoroughly monitor online mentions and keep tabs on what is said about the brand.

Level up enterprise cybersecurity

Cybersecurity is another area that must adapt to the rising use of deepfake technology. It is now even more important for enterprise companies to update, upgrade and utilize cybersecurity and identity verification technology to counter the level of sophistication bad actors employ as they create and spread deepfakes.

Audio deepfakes are particularly concerning, as they create synthetic voices that accurately mimic the voices they claim to be. In some cases, employees are fooled into thinking the deepfake is the actual voice of senior management. Audio deepfakes can also fool voice verification technologies at large institutions such as banks.

However, businesses now have access to tools that can identify deepfakes. These tools utilize the power of AI and machine learning to detect inconsistencies in video and voice presentations.

So, what’s next for deepfakes?

Deepfakes will become more common and will penetrate unexpected areas. The typical uses will continue to be media, in all forms, including political campaigns, social campaigns and even commercial campaigns. Other impersonation forms that can prove even more problematic can range from a fraudulent person taking exams to fake doctors providing fraudulent online services.

In recent weeks, according to the FBI, fraudsters have even begun leveraging deepfake technology to interview for remote jobs, particularly in the technology field, using stolen personal data to pass background checks.

In the identity space, security leaders can expect to see an increase of fraudsters trying to fool authentication systems by using synthetic images or videos of someone other than themselves. As it becomes increasingly difficult to differentiate between a real and a fake picture, it will be necessary for identity verification solutions to keep pace with the changing technology to help limit the damage of these synthetic identities.

How to combat deepfakes

To combat the disinformation and misrepresentation caused by deepfake technology, enterprise security teams can employ a wide range of cybersecurity strategies, such as cybersecurity tools that use AI to detect deepfakes, social media monitoring, and employee education.

Companies can safeguard themselves by educating employees to be well-versed in the world of deepfake technologies. Take the time and spend the resources to educate staff on the apparent signs of a deepfake, such as inconsistencies, unnatural movements, etc.

Security teams must equip themselves and all employees with the necessary skills to outwit, outlast and outplay bad actors spreading misinformation.

Jonathan Wilson is Chief Risk and Compliance Officer at AU10TIX. Wilson has over a decade of building and managing global risk management programs in the fintech space, including anti-fraud, AML, KYC/KYB, chargeback management, credit risk, identity verification and data analytics. He has been in the tech space since the early 1990s, with an IT and technical background. Wilson is a dynamic and focused payments and finance executive with a passion for solving business problems that help companies grow and win.

Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

Push-to-Talk over Cellular (PoC) is today’s Nextel radio network with nationwide voice, text, and video calling that can be quickly deployed with no infrastructure costs.