SMS messages don’t have a great security reputation. We can thank SIM swapping attacks for that. But there’s also a whole supply chain for delivering these messages that is an underappreciated attack surface.
This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis (@csoandy), principal of Duha. Joining us is our sponsored guest, Brian Long, CEO, Adaptive Security.
Got feedback? Join the conversation on LinkedIn.
Huge thanks to our sponsor, Adaptive Security
And now, with Adaptive’s new AI Content Creator, security teams can instantly transform breaking threat intel or updated policy docs into interactive, multilingual training — no instructional design needed. That means faster compliance, better engagement, and less risk.
Trusted by Fortune 500s and backed by Andreessen Horowitz and the OpenAI Startup Fund, Adaptive is helping security teams prepare for the next generation of cyber threats.
Learn more at adaptivesecurity.com.
Full Transcript
[Voiceover] What I love about cybersecurity, go!
[Brian Long] I love that in cybersecurity, we are unquestionably the good guys. I’ve worked across many different industries, but it’s a great industry to be in because we’re doing something really good for people.
[Voiceover] It’s time to begin the CISO Series Podcast.
[David Spark] Welcome to the CISO Series Podcast. My name is David Spark, I am the producer of the CISO Series. And joining me as my co-host, it’s Andy Ellis, who’s the principal over at Duha. Andy, say hello to the audience.
[Andy Ellis] Good afternoon, folks, or depending on when you’re listening in the world, good morning, good evening, or good night.
[David Spark] I was listening to a podcast, I was going to sleep last night, and I don’t know what the heck I was listening to.
[Andy Ellis] Well, it sounds like it did its job.
[David Spark] Yes, it did its [Laughter] job. We are available at CISOseries.com. We have lots of other wonderful programs over there. You should check them out, just go to CISOseries.com. Our sponsor for today’s episode is Adaptive Security, OpenAI’s investment for AI cyber threats, next-generation security awareness training, but it’s built for AI email phishing, vishing, smishing, and deepfakes.
More about just that a little bit later in the show. With our guest today, we have a guest from Adaptive Security, but before I jump into that, we are just a few weeks away, Andy – you and I – from the Black Hat Conference.
[Andy Ellis] Yep.
[David Spark] They call it Black Hat, or that whole week they call Cyber Summer Camp because it’s Black Hat, it’s BSides Las Vegas, and it’s also DEF CON, so three conferences in a row in sweltering August heat in Las Vegas.
[Andy Ellis] Right, one of the most inhospitable locations on the planet.
[David Spark] Right, and then most of the people in cyber wear all black. Again, not a good idea. But here’s my one complaint, and this is to all the companies that send people to Black Hat. So, many companies like to tout how they’re so diverse or hiring more women in cybersecurity, but if you go to Black Hat, you wouldn’t know because it is about 98% male and mostly white as well.
So, for those companies that are touting – well, mostly male, this is the big thing. Because honestly, I will look in a sea of people there and I’ll see two women. So, my feeling is if you want to tout that you have a lot of women on your team, send them to conferences, send them to Black Hat.
It is, I think, sort of the patting yourselves on the back is kind of limited.
[Andy Ellis] Right, I think that the way you should look at this is conferences are two things. They’re both opportunities for your staff, and you should make sure those opportunities are sort of well distributed across your staff that you’re not discriminating in those, but they’re also an opportunity to sort of put your representation on display, say “here’s who we are.” And so, if you’re hiring a lot of women and for some reason you decide that they’re not people you want to have in public, maybe you need to second guess what you’re doing.
Now, it may also be that women are more likely to be the primary caregiver and thus going to a weeklong conference is more problematic for them, but that’s on you to solve, company.
[David Spark] Yes. So, I would like to see better representation. If you claim the representation is within your organization, represent it outside of your organization.
[Andy Ellis] Yep.
[David Spark] All right, let’s bring our guest on. Thrilled that they’re joining, and by the way, been a phenomenal sponsor of the CISO Series, and we have the head honcho. We have the CEO, the co-founder of Adaptive Security, our sponsor guest, none other than Brian Long.
Brian, thank you so much for joining us.
[Brian Long] Hey, thanks for having me on.
Would this person be a good fit for the job?
4:26.171
[David Spark] It used to be that hiring an employee that was a secret North Korean operative would be the stuff of overwrought paperback novel, but now, it’s just a Tuesday. Case in point – the story in The Register about Vidoc Security Lab co-founder Dawid Moczadło, who almost fell for hiring two North Korean hires twice in as many months.
Both candidates sailed through initial interviews with strong backgrounds, seemingly legit LinkedIn profiles, but fell apart in the video interviews with laggy and unconvincing appearances and answers seemingly coming from ChatGPT. Since these scams don’t seem to be going anywhere anytime soon, how does hiring need to adapt, Andy?
This isn’t just an issue for security hires. Sounds like identity verification has to happen earlier in the process. What do you think?
[Andy Ellis] Yeah, I think this is one of the challenges we have, which is a lot of our business processes are fundamentally designed around in-person interactions and have never been redesigned for a virtual world. So, we expect that we can see the candidate at some point, but COVID has completely derailed that assumption.
Even though for a lot of companies, it hadn’t even held true at that point, you were hiring remote staff in various places. But we really have to accept that we’ve built on insecure protocols entire business processes, and adversaries are going to exploit them.
So, yes, we absolutely need to bring more than just identity verification, but you have to think very carefully about, “Oh, I’m interviewing a person, and I can’t watch what they’re doing.” This completely changes the dynamic.
[David Spark] Brian, this is kind of your bailiwick over at Adaptive. This problem is going to get tougher. I mean, it’s like we kind of all know that, isn’t it?
[Brian Long] Yeah. I mean, look, I think that we’re seeing the models get better so much faster, the LLM models, that although you might be able to tell what is real and what isn’t today, the ability to tell is quickly getting harder and harder with each new release.
And then I think even more important than that, we’re also seeing the cost of these models drop significantly. Every time that there’s a big new release, makes all the headlines, “Oh, there’s a new version of Grok,” or OpenAI or whatever it might be, that buried somewhere in the story is that they also decreased the pricing of their prior model by 90%, right?
And when the second-place model is going to be good enough to fool anyone, and the third-place model is also pretty good, that’s when we’re going to start seeing these types of attacks really happening at scale, when you can run it with almost infinite scale without spending that much money – when the ROI’s going to be there for the attacker.
[David Spark] So, we’ve started doing this with my family, with my employees, where we sort of have sort of off-digital ways to verify. So, like having a code or saying, “What did I do yesterday?” Or one friend was telling me, you can create a personal authenticator.
Anyone can create an authenticator.
[Andy Ellis] Mm-hmm.
[David Spark] Him and his wife are always discussing financial stuff, and so when they communicate, they just say, “Go to the authenticator. Tell me what the six-digit code is right now.” I mean, it seems we have to kind of have a verification that sort of, I’m going to say off the books, off the digital, off the…essentially the normal transom.
Andy, what do you think?
[Andy Ellis] Yeah, so I think we do, and I love some of the early things. Like I love the idea of an off-the-books authenticator as a stopgap mechanism. We have to recognize that the problem is we’re trying to patch over that we don’t know who we’re talking to.
[David Spark] Mm-hmm.
[Andy Ellis] And the challenge is one of the things we’ve seen for a long time in the BEC world, the business email compromise, which people mostly think of as, “Oh, well, it’s just like targeted phishing.” No, we see cases where people have their entire infrastructure compromised, and you wait for a person to get on an airplane to fake them, right?
And now the deepfakes make that worse, but if you’re relying on something that has a digital basis like, “Oh, well, they have the authenticator app.” Well, how do you know that itself hasn’t been compromised? What are you doing to sort of completely validate that pipeline and make sure that what you’re being asked to do is something legitimate?
[David Spark] I’m going to let you have the last word on this, Brian. Do we have to like go off books here?
[Brian Long] [Laughter] I think your point around having an authentication code with loved ones, with people at companies, that’s going to become a new standard. But even more broadly, two things. One, I think it’s just awareness, right? I think that the folks here and a lot of the people listening, they are still the top 1% of knowledge on this stuff and they’re pretty savvy.
Everyday people really do not have any idea of what the capabilities are here, and I think that the first big step is just going to be that general awareness. I think we are urgently needing to spread that awareness because unfortunately, I think the technology is moving a lot faster than the awareness is.
[David Spark] Let me throw this out. And I remember I had this conversation because I remember a woman contacted me, and the alarm was going off in my mother’s house. And I knew that my mother screws up with not communicating the alarm code, and I actually knew the alarm code.
And Geoff Belknap, who’s the co-host of our other show, Defense in Depth, he said something, he goes, “You know what? What’s the worst happen if the alarm keeps going off, you don’t tell this woman the code, cops show up? You pay a fine.” Like sometimes you just got to, if you don’t know for sure, just take the alternative, which isn’t probably the worst thing in the world.
Andy, you’re nodding your head.
[Andy Ellis] Oh, absolutely. Anytime that you have this interaction with somebody who says, “Hey, can you X?” your brain should be in two different models. One is this person is an adversary, and one is this person is a friend or a helper or just needs assistance.
And you should walk through like, “Well, what do I do in both cases and what makes it work well?” Like I can be radically hospitable to the person saying, “Hey, I’m at your mom’s house. I just set off the alarm, help me,” and I’m like, “That’s great, but I don’t know who you are.
I wasn’t expecting…”
Now we have this all the time. Like we have our house up for sale. We’re not in it, and the realtor keeps setting off the alarm, right? They get the key, they unlock and open the door and go back to their car, and they forget to turn off the alarm. And so, I get a call that says, “Hey, the alarm is going off.
Do you want us to dispatch police?” Now I know who I’m getting the call from, then I get the text from the realtor. And so, in that case, I’m like the likelihood this is an adversary… And besides, the house is empty at this point. What are you going to do where the realtor is doing an open house?
You’re going to rob the house? So there I’m comfortable. But in this case, we actually then have personal codes that are just for voice. When the alarm company calls me, they’re like, “I want to authenticate who you are. What’s your personal code?” and I have a code that is just used with them just to authenticate that I’m the person who picked up the phone.
What about this AI security challenge?
11:38.907
[David Spark] Speaking of AI technology that isn’t going anywhere, coding is one of the prime use cases where we’re seeing some of the most rapid adoption. A post on the cybersecurity subreddit points out that AI-generated code can usually pass static analysis tests but often suffers from issues like bypass authorization flows or missing input validation.
Now commenters on the Reddit post pointed out that even with AI-generated code, the engineer who submits it still needs to “own it” and check their work, like in anything in this world. But others pointed out that this solution doesn’t really scale, even as developers use these tools to produce more code.
So, are we creating a whole new paradigm for code development, or are we just now shifting code development to Security, QA? So, think about it this way – it’s this vibe coding, create a code for this, create code for this, create code for that. Boom, I got something.
QA, Security, figure it out. Like, does that become the new development model I throw it at? I’m sure like everyone hearing this is like shivering, but what do you think, Brian?
[Brian Long] Yeah, I mean, I think something that Andy said earlier resonates with me here as well, which is a change in controls. I think that while we have not adjusted our controls for a lot of remote workers, we have not also adjusted our controls for agentic type of workers, and we’re going to have to see a pretty significant change in those controls around looking at these agents just as we would looking at people.
And because agents can behave and operate very differently, and they may not have those alarm bells and awarenesses that go off that happen to people, it’s going to have to be much more stricter governance. I think where we are now, where you can vibe code and work with it, kind of go back and forth, this is going to be looked at as the kindergarten of AI coding, right?
We’re going to see agents completely putting together entire pieces of software for folks, and as that is becoming more clear every day, it’s going to lead to massive change in how we look at security.
[David Spark] Andy, your take here. Again, I throw this theory, will essentially coding be someone dictates what they want and then it just gets thrown to QA and Security from that point?
[Andy Ellis] So, in a sense, yes, but I think that’s an oversimplification. I think Brian’s on the right path here. The biggest challenge is is that most people don’t engineer software. They’re already vibe coding just with their fingertips.
[David Spark] Mm-hmm.
[Andy Ellis] The AI isn’t fundamentally changing the problem, which is we tend not to have software specifications, we do not know how to test the software that got written because we don’t know what it’s supposed to do, and now you just have an AI that’s vibe coding it.
And here’s my biggest thing. I love people who say, “Well, AI will write more secure software.” If you have an LLM writing your software, what did the LLM train on? All of the software written by humanity to date, which is pretty dang insecure.
[David Spark] [Laughter]
[Andy Ellis] So, we’re going to end up with repeats of bad software. What I’m looking forward to in the agentic world is the idea that we can say, hey, you’re going to sort of vibe code to an agent, but the first agent actually writes specifications.
And then you have an agent that comes in and says, “Okay, let’s add in all the specs for how to have authentication done correctly and authorization and how to harden ourselves against all of the known vulnerabilities.” And so, in a sense, the agentic world gives us this opportunity to basically massively refactor prompt engineering, to basically say humans should not write prompts.
You need sort of AI to write prompts for AIs to write prompts before you even write code. And that at some point you’re also writing your test cases out of your AI as well.
[David Spark] By the way, we have solutions for this in that there are many AI tools out there. You sort of give it a prompt and it said, “Here’s a better one for you.” So, this is kind of the same idea.
[Andy Ellis] Right, but these are just nascent. I love the kindergarten version. Like, I don’t even think we’re in the kindergarten yet for when you think about how AI will disrupt the software development industry. Like it’s going to be the point that somebody is, like Brian is going to say, “I want to found a company to do X.” And at that point you’ll have a fleet of agents that will come in and be like, “Okay, well, this is the set of features you’re going to need.
Let’s get our front end UX developer agent and our backend UX developer agent and our software architect agent.” And we’re nowhere close to that yet, but that’s where we’re going to be. And then you’re going to basically say QA becomes cheap. Like you will have QA agents.
You don’t have to pay humans to go do this. That’s actually where we need AI more is in all of the work that we’re unwilling to pay humans to do but desperately needs to happen.
[Brian Long] Yeah, I mean, I think that the optimistic approach here, the optimistic view, is that we are in the early innings and ultimately where we’re going will enable humans to do a lot of the art side of creating software, and I do think software is art.
And I think there’s good art, there’s bad art, but it is art. And humans could do the amazing art side of that. And if we get this right, it will allow AI to enable us to not have to do all the tedious things and all the stuff that happens in the background in order to focus on the stuff that really makes it special, makes it different between good software and bad.
Sponsor – Adaptive Security
17:04.726
[David Spark] Before I go on any further, I do want to tell you about our spectacular sponsor, and that would be Adaptive Security, OpenAI’s first cybersecurity investment. Yeah. You heard that right. That means a lot. So, let me point out what we all know right now.
AI-powered social engineering threats like deepfake voice calls, GenAI phishing and vishing attacks are evolving fast. Adaptive helps security leaders get ahead with an AI-native platform that simulates realistic GenAI attacks and delivers expert vetted security awareness training, and it does it all in one unified solution.
And now, with Adaptive’s AI Content Creator, security teams can instantly transform breaking threat intel or updated policy docs into interactive multilingual training. No instructional design needed. That means faster compliance, better engagement, and less risk.
Adaptive is trusted by Fortune 500s and backed by Andreessen Horowitz and the OpenAI Startup Fund. Adaptive is helping security teams prepare for the next generation of cyber threats. You need to learn more. You need to go check them out. Go to AdaptiveSecurity.com, go check them out.
And when you do take a look at them and you want to learn more, let them know that the CISO Series sent you there, that’s how you found out about them.
It’s time to play “What’s Worse?”
18:41.373
[David Spark] All right, Brian, you know how this game is played. Two horrible scenarios, you have to decide which one’s worse. I make Andy answer first. This is a little bit of a detailed one. It’s long. I think it’s good. Hopefully, I’m right. Good means, by the way, tough.
That’s the plan. Comes from Louis Zhang of AIA Australia. Here we go. We have two scenarios. Scenario number one, telemetry everywhere, insight nowhere. That’s the headline. So, your tooling stack is textbook enterprise grade. You got SIEM, SOAR, EDR, NDR, DLP, CSPM, IAM, you name it.
You got everything. Probably some stuff you don’t need. But it’s all deployed. Logs stream in by the terabyte. Dashboards glow with KPIs. Alerts never sleep. But context? Completely missing. So, you got no business-driven threat modeling, no meaningful data classification.
The CMDB is outdated or incomplete. Asset criticality is anyone’s [Laughter] guess. You’re drowning in detections, you can’t triage, patching blind, and reacting to noise without knowing what really matters. Sounds awful, right?
[Andy Ellis] But it sounds like at least – patching blind means at least there’s some patching – so there’s like a tiny beacon [Laughter] in there. Okay.
[David Spark] Something’s happening. [Laughter] I mean, it’s like a thousand monkeys in front of typewriters.
[Andy Ellis] They got something right.
[David Spark] Leadership sees a shiny tech stack and assumes you’re secure. They cut funding for future-proofing AI automation scalability. You’re equipped with tools, but not defense. The good news, you’ll keep your job at least until there’s a breach, which we know will happen.
All right, that’s scenario number one.
[Andy Ellis] Okay.
[David Spark] Scenario number two. Context rich, capability poor. So, you’re strategically aligned with the business. Threat models are current, asset maps are accurate, risk is contextualized, and execs understand cyber in business terms. That sounds great.
[Andy Ellis] Mm-hmm.
[David Spark] But your environment can’t keep up. Tooling is legacy and fragmented. Talent has walked and you’ve got no backfill. Detection relies on humans, not machines, and integrations are brittle or non-existent. Automation is a dream deferred. You know what to defend and why, but you cannot scale, you cannot respond fast, and you cannot modernize.
The business is supportive, at least mentally, but the budget only stretches to compliance checkboxes. You’re not flying blind, you just can’t take off here. All right, Andy, which scenario is worse?
[Andy Ellis] So, I think what’s fascinating about this one is that these are actually two scenarios that are both better than the norm for a lot of companies.
[David Spark] [Laughter]
[Andy Ellis] A lot of companies have neither the context nor do they have the telemetry.
[David Spark] Yeah, but the thing is, in both of these, they’re extreme good on one and extreme bad in the other. So, yeah, very few companies have extreme good in either end.
[Andy Ellis] But most companies are basically bad at both of these. So, this is one of those fascinating of like, “Oh, I’m so good at something in a way nobody else is good at, but I’m just as bad as everybody else at this other thing.” And so, this one’s a fascinating challenge, and I think I have to look at it from a couple different perspectives, right?
So, let’s look at it from the career perspective of the person in charge, right? So, in one of them, you get to play with a lot of technology, you’re padding your resume. Your whole team’s very happy with they get to learn all these techs. And there’s sort of the classic information security trope of completely disconnected from the business, but has cool technology, like knows a lot of what’s going on, but not why or what it means.
I think that’s a trope that we have. And there’ll be a lot of people who’d be happy in that situation. And so, you should sort of honor that. And there’ll be people who will love that situation because it’s good for them for the short term. And that’s the first scenario.
Second scenario, in a sense from the business perspective, this is a much better scenario because the reality is, I think we in the security profession have too often believed it is our job to solve problems, right? And what’s being pointed out in this one is you can’t solve any problems because you don’t have the people to do it, but the business knows what the problems are because you have the right alignment with them.
Well, it’s the business’s responsibility to solve problems. So, I’ll be honest, if I have to pick between these two, I’m going to say the first one is worse because you are spending a lot of money and providing no business value.
[David Spark] And the business believes you’re doing well in the first one.
[Andy Ellis] And the business thinks you’re doing… They have outboxed to you risk awareness. They’re not aware of any risks. They think you have solved the problem, but you have not. And so, they’re really happy. You’re checking all the boxes. It’s great.
[David Spark] But you brought up a good – hold it, I’m going to argue back with you – you brought up a really good point when I was reading that saying something’s getting patched. I don’t get any sense anything’s happening in the second scenario.
[Andy Ellis] Right. So, the second one, it’s hard to say what’s actually happening, but in a sense, if the business knows that they’re not investing in security, which was very clear in that one, the business is like, “Great, security is really important.
We can’t afford it. Your team is under-resourced, that kind of sucks.” And you’re going to be very stressed in that. The CISO in that world is not happy, but I actually think you’re going to end up with potentially better business outcomes. You’re certainly not wasting money on security that you’re not actually doing anything with.
So, I’m going to reluctantly say that the first one, and I worry that Brian’s going to be like, “Ah, I completely disagree.”
[David Spark] I hope so. That’s what I’m hoping for.
[Andy Ellis] I think that the first one is worse simply because you are spending money and getting no value out of it, but you have a bunch of happy vendors.
[David Spark] That’s good. Happy vendors. [Laughter] I mean, Brian can get behind that. [Laughter]
[Andy Ellis] I’m going to put Brian on the spot. Now, if Brian goes in, I’d be saying, “Oh, Brian, you’re just doing it because you’re the happy vendor that they’re buying a lot of.”
[David Spark] Brian, what’s your answer on this one?
[Brian Long] Yeah, I was pulled in by the happy vendor closing there.
[David Spark] [Laughter]
[Brian Long] That drew me in. I was initially going to say that the second one was worse because I like that with the first one, it seems at least that you have the opportunity to do something about the problems. It seems clear that there’s something that you can push and maybe draw attention to.
[David Spark] I get the sense also in the first scenario, there’s more physical action happening…
[Brian Long] Yes.
[David Spark] …where there’s not much happening in the second scenario.
[Andy Ellis] But it wasn’t clear to me that there was valuable action happening, right? You see this in a lot of SOCs, right? They’re chasing alerts.
[David Spark] No, no, no, no, that’s true. It’s not valuable, but…
[Andy Ellis] Like the fact that you’re closing alerts and investigating things doesn’t mean you’re actually doing anything for the business.
[David Spark] It could be a whole Sisyphean scenario in the first one.
[Andy Ellis] Right.
[David Spark] It could be. But at least the rock is moving, even though not too far.
[Andy Ellis] Yeah. The rock is moving side to side, crushing one foot then the other one.
[Brian Long] There’s something you could put in board slides and draw attention to and say, “We did X, we did Y, we did Z.”
[Andy Ellis] Right.
[Brian Long] And even if everything breaks one day, you can still point back to all those slides.
[David Spark] Yeah.
[Brian Long] But I did like also the point around just being able to get a lot of great experience, understand a lot of things because when that day does come, you’ll have a lot of nice things on your resume to get the next job.
[David Spark] So, hold it. So, you are saying the second one’s worse or the first one’s worse?
[Brian Long] I’ve got it going back and forth, but I think that the second one is probably worse.
[David Spark] All right, so he’s against you here on this one, Andy.
[Andy Ellis] Yep.
[David Spark] That’s good.
[Andy Ellis] I have noticed this, and I have to go back through now, rescore everything, that on sponsored talks, I do the worst.
[Laughter]
[Andy Ellis] That’s where we get the most disagreement. I love it.
[David Spark] Brian, we love it when you disagree with Andy, so keep it up.
Please, enough! No, more!
26:20.298
[David Spark] Today’s topic is deepfakes. We started to talk on the show a little bit about this. Andy, I’m going to ask you about this, and it’ll be interesting, we should revisit this topic in just a few months because this is a moving target, but I want to know, what have you heard enough with deepfakes and what would you like to hear a lot more?
[Andy Ellis] So, I’ve heard enough about everything about deepfakes.
[David Spark] [Laughter]
[Andy Ellis] But my top thing is this presumption that deepfake detection alone is going to be interesting because it presumes that people will not be using deepfakes legitimately. Like we’re already slightly deep faking ourselves, virtual backgrounds, things of this nature.
My expectation is, and I’m surprised it isn’t mainstream already, but that within the next year or so, it’s going to be pretty mainstream that you’re just going to have a cleanup agent running that’ll basically be like, “Yeah, I know what you look like at your best.
I’ve got your profile photo. Let me remove reflections from your glasses and deal with the fact that you forgot to shave this morning and just clean up your imagery,” and that is a deepfake. Like we will be deep faking ourselves. And so, any solution for deepfakes that relies on, “I have detected that there’s a deepfake technology being employed,” fundamentally is uninteresting.
Like, this is a deepfake itself, even when we’re doing nothing else. We’ve got weird video, we’ve got post-processing. Let’s get past that and talk about like, what do you do when this is happening? When there’s an adversary involved that’s not just, “Oh, I tell my users that there’s some deepfake technology that happens to be running here.”
[David Spark] I think it gets down to this whole concept of verification and zero trust that whether deepfakes exist or not, we should follow these procedures kind of a thing.
[Andy Ellis] Right.
[David Spark] All right. Brian, I throw this to you, same question. What have you heard enough about with regards to deepfakes and what would you like to hear a lot more?
[Brian Long] Yeah, I mean, look, I think just to first address Andy’s point on deepfake detection, I tend to agree that it’s definitely not going to be the end solution. It may be a filter, right?
[Andy Ellis] Yep.
[Brian Long] It may be able to filter out 60, 70% of whatever it is, but also that the models are getting so much better, so much faster, etc., you’re going to be playing that arms race. So, I think TBD, there could be value on the filtering side. I think what to me, we’re not talking about enough is when you think of deepfakes, you’re thinking of the, “Oh, okay, we’re going to make something with your likeness or your voice.” I don’t think what’s being talked about enough is something we call deepfake personas.
[David Spark] Mm-hmm.
[Brian Long] Which is all of the context and open-source intelligence about an individual or a company that makes these persona deepfakes super intelligent. And that doesn’t need to be someone that’s on a video. In reality, most interactions are not happening over video.
[David Spark] This is a really good point.
[Brian Long] It’s going to be happening over voice phone calls, SMS messages, WhatsApp, any number of different communication channels, Instagram discussions, LinkedIn, whatever. It’s going to be happening – email, obviously – it’s happening across all these channels and the amount of context, the amount of OSINT that you could pull off of the LLMs now is staggering.
[David Spark] Let me actually just add something. I remember interviewing a hacker. This goes back many years ago before AI was en vogue, and this was the very question I asked of the hacker. What’s the big difference between hacking now and five years ago?
And it’s the very issue you’re bringing up. He goes, “The amount that I know about you, way more, way more.”
[Brian Long] It’s way more information, but I think also on top of that because the models allow us to input a tremendous amount of information and say, “Hey, use this to figure this thing out,” [Laughter] it can actually use that information at unlimited scale.
[David Spark] Mm-hmm.
[Brian Long] I just think that the information that’s out there, one recent example that we used was just using a LinkedIn URL on an LLM. We were able to find out the name of one of our employees’ five-month-old daughter because his wife had posted a job listing where for the first 20 seconds, it included the child’s name and the job listing on one website before she autosaved the difference.
So, that’s something that previously it would have taken a very long time to dig and find, but the LLMs can now all find an index instantly and you can hit it and get incredible amounts of data. And that’s really where we’re going to see these attacks coming is these personas, not just this kind of, to me, again, we can use this kindergarten example.
Sure, I can make me look like Andy, that’s fine. But to truly be Andy, to know everything about you and that your house is for sale and that I’m going to be able to know what type of alarm system you use and your family members’ names and all that stuff in real time and do that 1,000 times a second across many different attacks, that’s where the difference is coming.
[David Spark] By the way, this is the common response I have when people don’t seem to be worried about online privacy because the common response of, “Well, I got nothing to hide.” And of course, it’s not about what you have to hide, it’s about what information you have out there that others will use against you.
So, let’s skip to, I want to talk about what Adaptive Security is doing in this area. Let’s skip ahead here. How are you dealing with this very issue?
[Brian Long] Yeah, look, I mean, these AI attacks are growing at a blistering pace and at Adaptive Security, we’re trying to protect people from this next generation of social engineering attacks. So, deepfake personas, SMS-based phishing, voice-based phishing or vishing, and generative AI email.
And what we do is we actually simulate those types of attacks. So, we build up these huge OSINT models on companies, and then we run simulations over real-time deepfake voice phone calls, over SMS, over generative AI email, to figure out where the controls are weak at a company.
We also pair this with an incredible security training software suite that helps bring awareness to employees about these types of next-generation attacks, and we do it in a way that’s really personal to them. So, it includes OSINT about them in the training or deepfakes of employees and interactions within the actual trainings, all that sort of stuff to make it really engaging and real for them.
[David Spark] Let me ask because one of the things we always hear, it’s like, “I don’t need just my problems pointed out, I need solutions here.” Do you then, and also, given that you’re dealing with so many customers, you must be able to sort of create a good playbook on how to deal against this, yes, you help your customers in this way?
[Brian Long] Yeah, yeah. So, there’s also playbooks on how to deal with these issues, and I do think that the first step for a lot of companies is, A, understanding the problem and then, B, spreading awareness of that problem. But I do think there’s another step there, which is, okay, if I can basically take all the data that’s out there and I can run attacks on myself, figure out what those attacks look like, the other big step is I need to update my controls.
Today, companies, when they talk about controls, they’re like, “Oh, okay, why have a system where no one can request a wire transfer without this.” And you’re like, it’s way beyond wire transfers. There’s so many other things at the company that you currently, as Andy was talking about before, we’re built for this in-person, handing someone a file and saying, “Go do X,” or approving Y at an office.
Very, very different from where we’re going. And that’s really, those controls are going to need an update. You’re going to have to do an LM audit of your business.
[David Spark] So, l speaking of that, let’s close with this question. And that is, in all your research, in all your testing, what has surprised you as, oh, this is a way an attacker could get in and take something that nobody has thought about? And we only saw this through a testing or dealing with a customer.
What has been your biggest surprise, Brian?
[Brian Long] Yeah, I mean, I think that traditionally, when people think about social engineering, they think about it coming from authority figures, and authority figures being used to kind of push urgency and push timing to get people to do things, right?
[David Spark] Yes.
[Brian Long] That’s the traditional way of thinking about it. Something that we’re seeing be more effective is when someone in the middle of the organization, who isn’t necessarily an authority figure, is able to actually ask people for things as a favor, as for help, as for just everyday life, in order to either gather information or get someone to do something.
So, I think that instead of our prior view of these attacks always sort of coming with impersonation from the top down, we may see it come from the middle up or the middle out, which is a little different way of doing it. Most people just view it as someone’s going to impersonate our C-level execs.
Are we having communication issues?
34:48.690
[David Spark] If you needed another reason not to trust SMS as an authentication factor, well, we’ve got you covered. A new investigation by Lighthouse Reports reveals that millions of “secure” log-in codes from Google, Meta, Amazon, and over a thousand other companies were flowing through the network of a controversial Swiss contractor linked to surveillance operations.
The company Fink Telecom Services had access to nearly 100 million data packets containing not just the supposedly secret codes, but often the account names and phone numbers as well. This exposes a fundamental flaw in how SMS two-factor authentication actually works.
To save money, tech companies don’t send codes directly to users. Instead, they rely on a sprawling network of subcontractors using “lowest-cost routing,” where each middleman promises to shave costs in exchange for market share. But any of these middlemen can see everything that passes through their system, which is not great.
So, those codes that say “Do not share with anyone” may have already been shared with just about anyone. As an industry, we’re already pushing to abandon SMS authentication entirely, but we won’t be there for a while. All right, Andy, given these systems are mired in B2B deals you have no visibility into, is there any way to have confidence in the SMS supply chain or…
[Andy Ellis] No.
[David Spark] …it’s going out and we’re screwed?
[Andy Ellis] Long question to get to a really simple answer. Like, you should have no confidence in SMS if you are hand texting the codes to your customers. Like, let’s just start from that.
[David Spark] Okay.
[Andy Ellis] The way in which SMS is structured is not designed for security. So, no, like if I’ve got my customer support, somebody in the back room who’s frantically typing, like Dobby the house-elf on his fleet of iPhones, sending people codes, I still wouldn’t rely on it because you can’t trust the telecom vendors themselves…
[David Spark] Right.
[Andy Ellis] …who are required by law in many places to make it easy for law enforcement to capture those and that those then create back doors that other people can exploit. Now, once we add in the automation vendors who are going to make it cheaper and they’re sitting in the way, like all that you have done is added people, which adds risk, and none of the additions are reducing the risk in any meaningful way.
Like sometimes you add a vendor that increases risk, but their addition reduces risk on other vendors. In this case, no, you just keep adding more and more people. You have gone from having Dobby the house-elf sending the message to a whole network of house-elves and other people, and you’re literally writing SMS codes, taping them to passenger pigeons’ feet, and hoping that they fly in the right direction is functionally what we’re equivalent to, and anybody can read them.
No, we shouldn’t have any faith in SMS 2FA. You should not be using SMS 2FA. If you have a relationship with somebody, you should have some form of an out-of-band authenticator app.
[David Spark] Brian.
[Brian Long] Yes, [Laughter] it is an easy answer. I mean, look, with my last company, a company called Attentive, we sent over 50 billion messages, SMS messages, last year and I was always surprised when I was running that company that whenever you thought that there wasn’t an additional middleman, there was an additional middleman.
[Laughter] It’s definitely one of these places where you’re ending up going through eight different vendors before it actually reaches the end. And as Andy alluded to, whenever you’re adding that complexity, there’s additional steps, there’s more opportunities for something to go awry.
I do think that there are some good ways to try to go more direct, for sure, but you do generally need scale in order to be direct, and not a lot of businesses have that scale. So, as a result, they end up going through more and more middlemen.
Closing
38:54.678
[David Spark] All right. Well, that brings us to the very, very end of this show. Thank you very much, Brian. And thanks to our sponsor, Adaptive Security. Thanks for supporting the CISO Series. Remember, Adaptive Security is OpenAI’s investment for AI cyber threats.
They’re your next-generation security awareness training. They’re built for AI email phishing, vishing, smishing, and deepfakes. Go to their website, AdaptiveSecurity.com. Let them know you found out about them from the CISO Series. By the way, did you, when you were creating your company name, did you think of like any of these other like weird words where you have like a silent Q in the middle of it, Brian?
[Brian Long] Yeah, there’s schools of thought. People want to pick a name that’s unique, and then there’s other people that want to pick fanatic names. I’ve always been on the side of fanatic. And then I always pick names that start with an A because I want to be at the top of the sponsors list.
[David Spark] All right. Well, thank you very much. Now, I’m going to let you have the very last word here. Is there any special offer you’d like to give to our audience and are you hiring too?
[Brian Long] Yeah, so in terms of special offer for anyone that visits AdaptiveSecurity.com and comes in and [Inaudible 00:40:00] demo and mentions the show, we will offer you special rates, a special discount. And in addition to that, we also are going to make a custom deepfake attack for you that will do a simulation of anyone you want in your team’s voice with full AI OSINT behind it, so you can have a real conversation with anyone you want through our tool to understand some of those simulated attacks – with their approval, of course.
So, really special there. It’s pretty wild.
[Andy Ellis] You should do one of David Spark interviewing them for a podcast.
[Brian Long] Yeah, we could definitely do David Spark.
[David Spark] There’s plenty audio of me out there, I know that.
[Brian Long] All we need these days is really 3 seconds; 10 seconds is best practice, but it’s…
[David Spark] Three to 10 seconds?! There’s, I don’t know, there’s decades of my [Laughter] audio out there.
[Andy Ellis] I don’t know if we can find 10 good seconds of David.
[Laughter]
[David Spark] You can definitely get more than that.
[Brian Long] It’s got to be good though.
[David Spark] Well, thank you very, very much. Are you hiring over at Adaptive Security?
[Brian Long] We are, we are. We’re hiring across every function. Super excited. Everything from engineers to marketers to salespeople and everything in between. So, please also visit our job site. Just go to AdaptiveSecurity.com [Inaudible 00:41:09] the company, and there’s a whole set of job listings there.
[David Spark] And do mention that you heard it on this show. By the way, this sounds like, I mean, like fun because you are in a super-hot, growing field right now. So, it’s always fun to be in a growing field as well.
[Brian Long] Yeah, it’s a lot of fun. And we just raised a bunch of additional capital from OpenAI in OpenAI’s first and only cybersecurity investment, and I think they’re seeing what we’re seeing, which is a large uptick in these types of attacks. Look, I had a lot of these conversations 18 months ago where maybe like 5% of people had seen this type of sophisticated deepfake persona attack.
Now it’s like 40 to 50% of people. So, it’s grown quite a bit in the last 18 months.
[David Spark] Excellent. Thank you very much, Brian. Thank you very much, Andy. And thank you to your company, Brian, Adaptive Security. Remember, go to their website, AdaptiveSecurity.com. Huge thanks to our audience as well. You know I say it all the time, but I mean it.
I don’t know how I convince the audience that I truly mean it. I do mean it. We greatly appreciate your contribution – send in more “What’s Worse?” scenarios – and for listening to the CISO Series Podcast.
[Voiceover] That wraps up another episode. If you haven’t subscribed to the podcast, please do. We have lots more shows on our website, CISOseries.com. Please join us on Fridays for our live shows – Super Cyber Friday, our virtual meetup, and Cyber Security Headlines Week in Review.
This show thrives on your input. Go to the Participate menu on our site for plenty of ways to get involved, including recording a question or a comment for the show. If you’re interested in sponsoring the podcast, contact David Spark directly at David@CISOseries.com.
Thank you for listening to the CISO Series Podcast