We’re seeing AI and LLM rapidly push what was science fiction into production. Our ability to generate realistic sound, video, and images opens the obvious door for indistinguishable fakes from the real thing. How do we keep up as security professionals?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our guest, Russ Ayres, svp of cyber & deputy CISO, Equifax.
Got feedback? Join the conversation on LinkedIn.
Huge thanks to our sponsor, Sonrai Security
Start a free trial today! sonrai.co/ciso
Full Transcript
Intro
[David Spark] We’re seeing AI and LLM rapidly push what was science fiction into production. Our ability to generate realistic sound, video, and images open the obvious door for indistinguishable fakes from the real thing. How do we keep up with all of this as security professionals? What can we do to secure that?
[Voiceover] You’re listening to Defense in Depth.
[David Spark] Welcome to Defense in Depth. My name is David Spark. I’m the producer of the CISO Series, and joining me as my co-host, you’ve loved him for ages, and now you can love him again. Your favorite – by the way, people have really hooked onto this – you loved him as a child actor…
[Geoff Belknap] [Laughter]
[David Spark] Geoff Belknap, the CISO of LinkedIn.
[Geoff Belknap] That’s right. And today with the advent of AI, you can add me digitally into whatever is your favorite TV show. I recommend Lost.
[David Spark] That would be awesome. Let us throw down that challenge. Please insert Geoff into your favorite television show, along with a bunch of kids as well.
[Geoff Belknap] I can’t think of a single reason I’ll regret saying this later.
[David Spark] Maybe you could make him a younger version of Geoff, among other children.
[Geoff Belknap] Even better.
[David Spark] That’d be fantastic. Our sponsor for today’s episode is Sonrai Security – secure admin accounts, remove unused identities, enforce least privilege, and disrupt attack paths across AWS, Azure, and Google Cloud. Hey, that sounds awesome all the way around. Guess what? We’ll be talking about that and more a little bit later in the show.
But first, Geoff, let’s talk about our topic. And this is based on a discussion that happened a year ago. So, advances in AI multimedia means we increasingly can’t trust what we see with our eyes and our ears.
Linas BeliÅ«nas shared a photorealistic video that was completely computer generated. Now, this was from a year ago. And now today, fabricated realistic video is a hands-on reality through OpenAI, through their Sora program. It’s interesting how just a year ago, so many people doubted that this was computer generated and many said we were a long way off.
It’s only been a year and we’re definitely not. Given that it was 10 years ago that such, “I can’t believe my eyes” videos would have required a budget of millions and a company like ILM to produce, Geoff, what are the security implications for this tech hitting the consumer market?
[Geoff Belknap] Well, I think twofold, and we’ve talked about this a couple of times in the show. One, more strategically, I think the thing that I and many others have said is the problems that all of us thought were 5 or 10 or 15 years off in the future, AI really helps accelerate bringing those problems and really solutions to bad guys much, much closer.
You can build automation, you can run more complex attacks, and you can start to attack people in ways that we haven’t seen before. And then I think second and more tactically, it brings the problem of individual validation or verification of who’s actually calling me right now. There’s a current problem, an epidemic, I would say, of people who pretend to be David or Geoff, call the Help Desk, and say, “Hey, I’m David.
I’ve forgotten my password. Happy to get on video and show you what I look like. Please reset my password.” That was kind of the gold standard of how to validate people before, and now it’s left a lot of organizations scrambling for how do we manage this in a world where there can be deep fakes?
[David Spark] I have a possible solution to that which I learned from another CISO, and I’m going to hold off in describing that – it’s a tease, everybody – a little bit later in the show. Now, I do want to say though, before we get into this discussion, and I introduce our guests too, that the people who were commenting on this, most of them were not security professionals.
Usually when we’re quoting people, we’re quoting security professionals. And I just noted that as we were pulling quotes for this, most were not. So, I just want to qualify that when we get into this. All right. Now, I want to introduce our guest who is phenomenal. We had him on the Headlines show and said, “We got to bring you on to Defense in Depth.” So, thrilled to have the SVP of Cyber and the Deputy CISO over at Equifax, none other than Russ Ayres.
Russ, thank you so much for joining us today.
[Russ Ayrers] Yeah, great to be with you again. I appreciate the offer to show up and discuss deep fakes.
Why is this a problem?
4:38.141
[David Spark] Loga Devan Thirumalai of Deloitte Business Advisory said, “The outcome of such technologies, if left unchecked and unrestricted, may lead to confusion between reality and the virtual world.” I think we’re all in agreement on that one. Ejiro Iwhiwhu of Nestlé said, “The potential positive and negative applications make this both exciting and scary.” Couldn’t agree more.
“I see a new career choice in the near future, if not already existing – reality auditor.” I love that one. The reality auditor. Ravi Lodhiya of Ram Infosystems Limited said, “It is next generation and downhill for real studios and a threat to the entertainment industry. I think it is inevitable. Sadly, technological advancement will take real jobs away instead of creating more jobs.” I don’t know if that’s so true.
What I think we see often is when technology comes, it shifts jobs because there are jobs that exist today that didn’t exist three, five years ago, and I think the same will be true here. Hence, Ejiro mentioned that there may be a new job of the reality auditor. What do you think of that, Geoff, reality auditor?
[Geoff Belknap] I feel like reality auditor is the most dystopian job title I can think of.
[David Spark] [Laughter] It’s a good title.
[Geoff Belknap] It seems awful. But I think overall, my take on this is that jobs ebb and flow. Look, we have zero chimney sweeps or nearly zero chimney sweeps compared to what might have been in the Victorian era. That’s not bad. Certainly, it’s bad for individuals who made their entire career and living being a chimney sweep.
But I think we have the ability to train people and to help prepare people, and we just need to accept that as the economy grows and expands and looks for new opportunities and goes in different directions, jobs change. And I think certainly there are a ton of new jobs that are happening because of AI, either somebody who’s a prompt engineer or a developer or people who are building models or training.
And there will be a bunch of safety and security and privacy jobs that are spawned out of this. So, it’s not like only jobs are lost, but certainly some jobs, especially at the early career stage, are going to be a lot different than they might have been, now with the advent of AI.
[David Spark] I think these quotes here, Russ, kind of set the stage of what we’re dealing with, mostly of it’s exciting and scary all at once. You got to agree with that, yes?
[Russ Ayres] Totally. I think everything that we were just going through with Geoff there is not only true today. Like you mentioned, it was true before. You probably had it when people were pulling ice out of the middle of the Great Lakes a long time ago. But I would also caution a bit against thinking that it’s a brand-new problem in the tech field.
Because if we look back, you see what Kodak did in dominating the print film medium for cameras. But then when digital cameras came around, they didn’t take advantage of it, even though it was right on their front door. So, what you’re seeing is a natural evolution as we would see anywhere. Steam engines, coal, everything moving to let’s say electric in the future.
That’s going to change battery technologies, how we pull energy from the sun, how we get it from wind. All of those things are going to generate some new jobs. So, the way that I like to look at these problems is say what is the maximum efficiency we can gain from whatever the problem is, and then orient all of our worries to that.
We’ve seen this one before.
8:18.729
[David Spark] Now, this first quote I’m about to read, I’m not saying this to make fun of this person, but to point out this went a lot faster than people thought. And I just want you to know that this was emblematic of a lot of comments. By the way, there were hundreds of comments on this post as well with this video.
And everyone should check out this video. We’ll have a link to it. Noble Todd of Auctane said, “We are still many years away from this being accessible at the level where you can no longer distinguish reality from a game. Sorry to say it, but it’s going to take quite some time before everyone can start running around Hogwarts, casting spells with these graphics.” Sad to say, we’re kind of there now.
John Lawson said, “It’s very good. If you’re looking to see why it’s a fake, then you can find some evidence. But when you’re not specifically looking for the small details of fakery, it will pass muster.” It’s an interesting comment. “In many ways, it’s like a Turing test. If you’re looking to rumble a bot, it’s easy.
Otherwise, it will just be casually consumed and accepted as real.” Now, this is the thing that we’re seeing often with these deep fakes is that with true investigation, you can see this. So, I kind of see this as kind of maybe another level for the SOC possibly, Russ, is that maybe there’s a way to analyze these deep fakes to see that they’re deep fakes, there could be something underlying.
What do you think?
[Russ Ayres] My guess is we’re going to put a lot more attention on who is the original source than we would be uncovering that specific deep fake. So, if I did it in terms of documents, let’s say, and made an analogy for that, we’re probably not going to dig a lot through the document. We’re more than likely going to put a lot of effort into our IAM control up front and make sure that we know who it is that’s going to send us the doc.
That’s probably where we’ll get the most value. I think there is going to be tech. We’re going to ask people to do it. Get some watermarks in these deep fakes. If you’ve got some tooling, insert a particular frame in there that we can take a look at. But the threat actors are probably not going to do that.
And if they’re not going to do that, then it’s just going to increase and ratchet up all of the extra effort we’re going to have to do everywhere else. So, it may not be applicable as much as finding out who sent it.
[David Spark] Geoff, do you think – and this is an interesting take – you think the better analysis will be the sender, not the actual asset? What do you think?
[Geoff Belknap] I think that’s a big part of it. But the reality is today we have a… We’re going to call it broadly a deep fake problem without all the advent of LLMs and AI helping us. Today, attackers can very successfully send you an email that looks like your company’s login page, and that is almost flawless that most people would not be able to tell.
They can log in. That experience will feel again, very flawless, just like logging into the real website. And that’s with no support from AI today. So, I think all the tools and techniques that we use to fight those kinds of frauds and phishing and other kinds of attacks today are going to be just as relevant.
I think if anything, what this is going to do is solidify in our minds that we can no longer believe our eyes and our ears. We have to go to other methodologies.
I know a friend of ours who’s the CTO for a media company. This is a big problem for them because they have to deal in media, and what they’re doing is they’re making sure when media is sourced, it is watermarked and stamped – for lack of a better description, sorry, Melody – but it’s watermarked and stamped a certain way so that they can validate where it came from and that it’s honest.
But that’s a very different problem for interacting with somebody live or validating an email or a document. And I think we’re just going to have to fall back to you can’t eyeball it anymore. You can’t pass the phishing test by eyeballing it. You’re going to have to fall back to other technology. Which, frankly, is what we’ve always needed to be doing anyway.
We can’t rely on the person to make a good decision. We’ve got to fall back to other technologies. I think this just accelerates how fast we need to do that.
[David Spark] Let me throw out this little wrinkle here, Russ. Listening to all this, it just dawned on me. We don’t usually pick up the phone. We don’t usually send a video message. So, wouldn’t just the mere existence of that raise an eyebrow going, “Wait a second, the CEO literally never calls me.
The CEO never sends me a video message. Everything’s done through email.” So, just the mere existence of that may be the doubted alone.
[Russ Ayres] It is, except for the AI component that we just mentioned. If they’re reaping all the results across everything they’ve done, they’ll likely be able to much more quickly use the techniques that seem to be working. Which means maybe they won’t be using the video, maybe they won’t be using the phone.
But I think you bring up a very interesting point, and Geoff was hinting at it a second ago. I don’t know if we don’t find ourselves picking up the phone more often in the future. And then me talking to you, and if somebody says, “Hey, remember we were on the podcast?” and I go, “Really? What was the topic that we brought up before we went to air?” I wonder if it doesn’t get us back into a world where we start dealing with humans again on a much more fundamental human connection level.
[David Spark] So, this brings up the security suggestion that was told to me, and I’ve actually discussed it with my own family, and that is – and you can do this with your business, and I just did it with my family – there’s plenty of audio and video of me out there. Same with you, Geoff, I know. We now have a family password saying that if all of a sudden you hear my voice or a video telling you to do something and you do not hear that password, it’s not real.
[Russ Ayres] Ah, there you go.
[Geoff Belknap] I think the secret handshake is going to be the way to go.
[David Spark] It’s essentially the equivalent of that.
[Geoff Belknap] And we’re back to speakeasies and secret passwords. I think the real person, the real victim in all of this is going to be that CEO that you know exists that loves to send people gift cards, and they’re just out of luck now.
[Russ Ayres] I’m going to write that down. I’m totally going to use that.
[Laughter]
Sponsor – Sonrai Security
14:36.515
[David Spark] Before we go on any further, I do want to tell you about our absolutely spectacular sponsor, and that is Sonrai Security. So, do you know what’s more old school than blowing on a Nintendo cartridge to make it work? Manually creating individual policies to achieve least privilege in your cloud.
You can actually leave those old habits in the past and lock down access to sensitive permissions and services without disrupting DevOps. With the cloud permissions firewall, that’s from Sonrai Security, you can easily restrict excessive permissions from human and machine identities, quarantine unused identities, and restrict specific regions and unused services with the click of a button.
Continue maintaining this level of security by automatically enforcing policies as new accounts, roles, permissions, and services are added to your environment. See how easy it can be to achieve least privilege. Start a 14-day free trial for Sonrai’s cloud permissions firewall over at sonrai.co/ciso.
This problem doesn’t end here.
16:14.123
[David Spark] Lorne Rogers said, “This will likely soon become a legal problem as the tech reaches the point where we won’t be able to distinguish reality from illusions, evidentiary a very big problem. So, surveillance video that is partly or wholly fake could be used to convict or exonerate people for crimes incorrectly.
Video “evidence” will become more unreliable than eyewitness testimony even, and that tends to be pretty bad already.” Interesting point. I like that one. Ron Healy of Vertex said, “I wonder how long it will be before we see something produced by one or more AIs and one or more graphics engines used as ‘evidence’ in the legal process of some crime or other.
That’s scary. Humans are terrible at spotting fakes and also terrible at re-thinking what we think we know, once we think we know it.” This, I’m going to take this back, and I’ll start with you, Geoff, on this one, but I definitely want your take, Russ. To my comment of, in those cases, we’re going to need this reality auditor, someone that you actually look at the forensics of this file and tell if it’s real or not.
I mean, it seems that was the only way to handle this, and there’s got to be some kind of a thumbprint. What do you think, Geoff?
[Geoff Belknap] I don’t know. I agree with you. There’s got to be some way to handle this. There’s going to have to be some sort of forensics. I do know the way this is going to begin is there’s going to be an onslaught of people claiming that the video or the evidence against them is a deep fake or has been digitally altered, and I do know that from the brief period of time when I worked in law enforcement and worked very closely with some investigators that humans are terrible witnesses in general, and bringing any kind of doubt or any kind of manipulated media into the fray really impacts things.
So, this is certainly a problem, and who better to solve it than our justice system, which already has as much money, people, and information as anybody else?
[David Spark] And they’re very technologically advanced, too.
[Geoff Belknap] My experience has been lawyers and judges are the most technically advanced people. Apologies to our lawyers and judges listening, but you know who you are.
[Russ Ayres] I am picking up your sarcasm though.
[Geoff Belknap] Well, hopefully they can pick that up. They’re pretty good at those kind of things. But yeah, this is going to be very, very challenging, and it is definitely going to bring a change that’s first going to happen in media companies, not unlike my own. We have a news arm. You, at some point, are going to need to make sure that the videos that you’re showing, that the messages that you are sharing, are genuine.
Or are genuine at least to the best of your ability to ascertain that. And that’s already a huge problem without AI, so it certainly is going to get worse before it gets better, and it has an impact on all of us.
[David Spark] All right, Russ. If not forensics and possibly not being able to track the source here, what do you think of the way we’re going to validate things so video can be submitted as true evidence?
[Russ Ayres] I believe we’re going to go back to where we started, maybe investigation and the rest. You probably had circumstantial evidence in the beginning. And my dad was a prosecuting attorney, so he did repeat exactly what Geoff was saying. Your worst possible evidence is an eyewitness. And that changed over the course of time once DNA was available, and once you could place somebody at the scene of a crime with low probability it was someone else, that sort of increased the weight of that evidence.
That’s what I think we’re going to see. As these become more prevalent and people have an easier way of producing those videos, somebody’s going to contest it, just as Geoff described. And when that happens, they’re going to start looking for more certifiable physical evidence.
And that’s what I think happens for all these investigative techniques. They learn a new chemical composition of something, they can do shoe prints, then it transforms into something else. That’s what you’re going to see over and over again as you do technical leapfrogging. And the system is a bit slow to pick up whatever the technical teams are dropping down this month, so I believe you’re going to have a very difficult period in between getting that new physical evidence method, whether watermarks, determining who did it, and people right on the cusp of that that may have been convicted due to that evidence or maybe tilted a jury because of it.
That’s going to be a rough period, that intervening time when we don’t have rules and don’t have techniques.
[David Spark] Well, let me throw this out. So, we have a history of tweets, people believing a tweet. Like someone puts out a tweet saying, “Something has happened at Company XYZ,” and you see this blip in the market where all of a sudden it either jumps dramatically and comes back down when people realize it, or it falls dramatically.
Essentially, a ton of money is won and lost in moments. My feeling is the ability to game the system with these, where you don’t need permanent believability, but you need a moment of believability, and there’s definitely not enough time to figure it out, and there’s enough people being screwed. I think markets are going to be messed up with this.
[Russ Ayres] SpaceX exploding rocket, right? But it’s not really exploding? That would definitely tilt the market quickly, right?
[David Spark] Yeah, and then it may take someone a little time to figure it out and say this is bogus, but in that time it’s done its damage.
[Geoff Belknap] Yeah, well, we’ve already seen political robocalls where you are already listening to an audio format that’s not high quality, and it’d be hard to tell who you’re talking to anyway. So, this is absolutely not a thing of the distant future. It’s a thing of the now, and it’s a good time to say on this podcast of any place, like, hey, we don’t know the solution to this yet.
It is still something that we are working on, but I always come back to we need to just really focus on the fundamentals. There are some exotic, scary things that can happen as a result of this, but most of the things that you and I and the people listening to this podcast are going to deal with are fairly mundane and really come back to be good at the basics, and then you can worry more about these things later.
Why is this relevant?
22:41.208
[David Spark] David Oliver of DOPV said, “Deep fake is the new reality. We won’t know what is real. We already have lost face in our institutions. As this technology improves, imagine those with unlimited influence, money, and power using technologies to deceive a county with rapidly declining critical thinking skills.” Honestly, my more concern is this available to everybody, so everybody has the power to do this.
So, I don’t think you need all this money to do it. Demiro Massessi of Lifestyle Design Group said, “Looking at the pace we are advancing our simulations, it makes it look even more possible.” And just doubling down on that comment, I personally have never seen a technology move this fast. Geoff?
[Geoff Belknap] Well, I was going to say I can’t think of a single one. The only thing I really can think of moving this fast is just the internet in general. And yes, I’m sorry I’m that old, but I remember very vividly when I was getting out of high school and going into college. It was very clear what I wanted to work on, but there were no college programs for networking, and networking at the time, it was very, very hard.
And now, even my younger brother who’s not that much younger than me – sorry, Ian – he got his CCNA certificate coming out of high school. It was just a matter of less than 10 years between us. It went from the most technical program you can get in high school was drafting to my brother left high school with an advanced certificate in network engineering.
So, I think I’m at least comforted by that memory to know that, yes, today, the three of us sitting here having this great conversation, we’re a little concerned. But I think the reality is I have seen the market adjust and adapt to things like this, and I don’t think we will be as concerned five years from now.
[David Spark] Just to date myself, I studied Fortran in college.
[Laughter]
[David Spark] Russ?
[Russ Ayres] Yeah, I totally agree with Geoff there. We humans have a way to get around these problems. A little panicked in the beginning sometimes because it’s an unknown or the solution is not obvious. We have a way of figuring it out and coming out the other side with a better solve for all of us.
I think that’s exactly what we’re going to see here. If you take a few steps back like we were saying, am I concerned about the fact that one article I think we were talking about previously where everybody in the meeting is a deep fake, right? They’re talking to the finance person. Okay, that definitely worries me because that person, yeah, that person may not be technically savvy enough to know what we’re talking about right here.
And they just get called up out of the blue, “Hey, you need to cut that P.O. and get it done now.” I can see that definitely falling into the exotic category that Geoff described, and I can also see once it works and people are able to execute it quickly, you’ll just have a rash of those, and then maybe it disappears because another technique shows up.
So, that arms race is the part that concerns me a bit. I think it goes back to the fundamentals that Geoff described. We’re going to have to develop better fundamentals. We’re going to have to develop those special passwords, buttercup, or something that you have that everybody knows a method is at play that will verify the people they’re talking to.
I think that’s where we’re going to have to get to because just verifying or validating somebody based on a visual or audio representation, I don’t think that’s going to cut it. Let’s say in the next, I mean, I would have said a year, but I think this is so fast it may be within the next three months.
[David Spark] Yeah, I agree. I think we are going to see examples of this very quickly. Really why I picked this post was the fact that it only took a year to prove a lot of these people wrong, that they didn’t think it was possible. And not to put them down, but just because we didn’t think it was going to go this fast, and that’s what was really shocking to all of us.
Closing
26:45.637
[David Spark] Well, thank you. This brings us to the portion of the episode where I ask you which quote was your favorite, Russ, and why?
[Russ Ayres] It was definitely people casting spells like they’re at Hogwarts. That that was one of my favorites.
[David Spark] [Laughter]
[Geoff Belknap] Plus one.
[David Spark] That’s pretty good.
[Russ Ayres] Yeah, I should have asked Geoff what house he was.
[Crosstalk 00:27:03]
[Russ Ayres] Oh, of course. Yes, of course. I should have guessed that.
[David Spark] Geoff, your favorite quote and why?
[Geoff Belknap] I’m going to go with this quote by Demiro from Lifestyle Design Group, “Looking at the pace we’re advancing our simulations, it makes it look even more possible.” And I couldn’t agree more. The reality is when we started having this conversation just about a year ago to where we are today, it has been an insanely fast evolution of what’s possible.
And I mean, just what I’m able to do with random AI art generators in terms of moving pictures and things like that, it is hard for me to imagine that criminals will not have this technology available to them very soon, and it’s going to be a problem for all of us to start to address.
[David Spark] Excellent. Well, that brings us to the end of the show. I want to thank our guest, and that would be Russ Buttercup Ayres, who’s the SVP of Cyber and Deputy CISO over at Equifax. Thank you, Russ. That was awesome. We definitely want you back on another show.
[Russ Ayres] Thank you for having me.
[David Spark] Would love to have you on.
[Russ Ayres] Absolutely.
[David Spark] Huge thanks to our sponsor, Sonrai Security. Remember, they’ve got a 14-day free trial on their cloud permissions firewall. Just go to their website, sonrai.co/ciso. Geoff, as always, thank you so much, greatly appreciate it. And thank you to our audience. We greatly appreciate your contributions and for listening to Defense in Depth.
[Voiceover] We’ve reached the end of Defense in Depth. Make sure to subscribe so you don’t miss yet another hot topic in cybersecurity. This show thrives on your contributions. Please write a review, leave a comment on LinkedIn or on our site CISOseries.com where you’ll also see plenty of ways to participate, including recording a question or a comment for the show.
If you’re interested in sponsoring the podcast, contact David Spark directly at David@CISOseries.com. Thank you for listening to Defense in Depth.