Artificial Intelligence & Machine Learning,
Fraud Management & Cybercrime,
Multi-factor & Risk-based Authentication
Also: Why AI Agents Are Colliding, What Good Governance Ought to Look Like
This week, a panel of four editors from ISMG examined the alarming rise of real-time vishing attacks that successfully circumvent multifactor authentication (MFA). They also explored the complexities arising from AI agents making conflicting decisions within organizations. Central to the discussion was the pressing need for governance, accountability, and control as businesses move into the next phase of AI integration.
During the panel, Suparna Goswami, Anna Delaney, Mathew Schwartz, and Tony Morbin delved into how real-time vishing attacks are gaining traction by merging sophisticated social engineering techniques with advanced phishing toolkits. This disturbing trend enables attackers to manipulate employees into approving unauthorized login requests, thereby compromising Software as a Service (SaaS) environments. The panelists emphasized the implications of this evolving threat landscape on enterprise security.
Additionally, the rapid, unregulated proliferation of multiple AI agents within enterprises is leading to inconsistent decision-making, confusion, and heightened security risks. This fragmentation of data systems and inadequate governance structures yield operational inefficiencies and potential for trust breaches. The discussion highlighted how AI could be effectively harnessed to create structured frameworks and controls through standardized risk assessments, defined ownership roles, and automated governance processes. Insights from a recent EY report were cited to illustrate how responsible AI adoption can mitigate risks.
As businesses consider AI integration, it is essential to recognize the MITRE ATT&CK framework’s relevance in understanding adversary tactics. Techniques such as initial access through social engineering and privilege escalation enabled by AI conflicts are key threats that organizations need to prepare for. Effective governance will be fundamental in managing these risks and ensuring that AI deployment remains beneficial rather than detrimental.
The ISMG Editors’ Panel is a weekly forum that addresses critical cybersecurity challenges. Previous discussions have included a comprehensive look at how digital skimming is still thriving and an investigation into the impact of deepfakes on digital trust. For those interested in staying abreast of the evolving threat landscape, these discussions provide valuable insights.