AI-Based Attacks,
Fraud Management & Cybercrime,
Governance & Risk Management
Also: Non-Human Identities Transforming Security; Insights from the Delinea-StrongDM Acquisition
This week’s ISMG panel convened four editors to examine the significant impact of deepfakes on digital Know Your Customer (KYC) practices, the implications of rising non-human identities for Chief Information Security Officers (CISOs), and what Delinea’s acquisition of StrongDM indicates about the evolving privileged access market.
Panelists Anna Delaney, Mathew Schwartz, Michael Novinson, and Tom Field delved into how affordable and efficient artificial intelligence-driven technologies, particularly deepfake and face-swapping tools, are eroding traditional digital KYC processes and biometric liveness checks. Such advancements are not only lowering fraud barriers but also pushing companies to reassess their identity verification methodologies and defensive testing strategies.
The discussion highlighted how these AI-driven threats, notably deepfakes and the rapid proliferation of non-human identities, compel CISOs to rethink their strategies around identity security, visibility, and governance. As attackers increasingly exploit compromised logins rather than vulnerabilities, the need for robust measures is more urgent than ever.
The panelists also explored Delinea’s acquisition of StrongDM, noting it signifies growing consolidation within the privileged access and identity management sectors. This trend, they noted, is driven by the imperative for scalability, cloud-native capabilities, and sharper competitive positioning, particularly as major players like Palo Alto Networks reshape the market landscape.
In examining these developments, professionals are urged to consider the tactics delineated in the MITRE ATT&CK framework, which indicates possible adversary techniques such as initial access and credential dumping that may be relevant in the context of these attacks. The insights from this panel stress the importance of continuous adaptation to evolving threats in the cybersecurity landscape.
The ISMG Editors’ Panel continues to offer timely insights, with previous discussions available for review, including the recent editions on the lack of multi-factor authentication fueling cloud data breaches and the ongoing prevalence of digital skimming. These resources remain essential for business owners aiming to fortify their defenses against emerging cyber risks.
