A (4:44)

Exactly right. The game is changing in cybersecurity. And like you mentioned a decade ago, organizations were teaching, you know, employees how to spot phishing attacks. And cybercriminals now know what organizations are looking out for. So they're using AI to enhance their attacks, like you said, at a greater speed and it's cost efficient. So whether it's an individual or 10 people, AI attacks are just happening every day. And I would like to dive in into some real world examples of how AI driven attacks like you mentioned, supply chain manipulation and business email compromises. How are these attacks impacting organizations today? And then beyond the corporate world, we're also seeing AI being weaponized against individuals through romance scams. So can you talk to us a little bit about the corporate world AI attacks and then individual AI attacks?

B (5:37)

Absolutely. Corporate world is much more profitable for many cyber criminals and they are learning to leverage AI to come up with new innovative solutions. They may not know of how we function in our environment, but they can go and try to build these frameworks. Understanding of how things are done, understanding the processes and procedures target not only our technology, but also target our business processes. And finding these vulnerabilities that not always reside in our hardware software, but also would reside in our processes and individuals. They can leverage all these components. They also have unlimited amount of Approaches. So social engineering attacks involving help desk or other support staff, if it's coming through just an agent or a person sitting on the Internet, the bad guys are just programming AI to approach once, twice, a hundred times and they are looking for a single success. The cost of this is becoming negligible. The AI is enabling the bad guys to do multiple tries, multiple approaches, multiple ways to do things. Same thing comes in with fishing. Not only AI able to write a good phishing email, but it can actually initiate and continue conversation. So the bad guys are not limited to a single approach. They start with a basic approach that is driven by AI, then go with power up questions, comments and everything else. And it builds rapport, it builds actually a relationship. AI is actually a very malleable tool where if you explain the problem to it, it would actually really try to help. And there are many AI solutions that would actually unknowingly write a phishing email. They would try unknowingly build an approach that would be greatly vulnerable. And vulnerability is not only limited, as you said, to corporate environment, in our personal environment, we are also going out and expecting to find another human being. For example, for those of us who look to find our second half a partner. And romance camps are growing and brewing because the bad guys gave AI the same problem. They said that they want to play a role of a person who's looking for romance and letting AI continue that romance. The bad guys are setting expectations, they are playing AI as much as they're playing the individuals. And the stories become extremely complex, they becoming extremely believable and ability to generate falsified documentation. For them to build this story or the victim using AI, it's just going to the next level where in most cases even examining conversations, communications, it's not obvious to experts to see if this is a real person looking for romance or if this is an AI driven scam and ultimately it will open up. But at that time the individual who is targeted would be already potentially compromised, exploited, or much further in the scheme based on human attachment, based on AI driven decisions that otherwise would not be made. So unfortunately we are being bombarded by many AI components in the hands of really evil people. And it's hard to tell the difference and it's not very easy to defend against it.

A (9:40)

Thank you. And for romance scam, right? We've been seeing an increase and I know usually they target, you know, the older generation. Now let's say if someone was able to build a bond with that human through romance scam, and that individual sends X amount of money. Are there any like resources or any process where they can, you know, may possibly get their money back? Or is it kind of just like it's done and that's about it? That's nothing you can do. The money's gone.

B (10:12)

There are good safeguards around preventing these things. I talked to some banks and credit unions and they actually have processes at local branches that set to recognize these type of activities. And they try to counsel individuals, especially older individuals who clearly making a mistake and from a side point, from a neutral point, it's sometimes visible and they try to counsel them saying, hey, do you know that you're about to do this or that it works to a certain degree. We actually trying to get better with these safeguards. The same does not apply online. And unfortunately the threat actors are getting better in guiding these individuals through necessary steps that they need to do to send money electronically, to transfer this money, to convert them to cryptocurrency, stuff like that. And this is where AI also becomes useful because the bad guys don't know how Chase bank or bank of America works, but AI would actually give them step by step instructions in order to transfer the money with right references and basic steps providing technical support from the bad guys to a victim rather than having a victim go to help desk or assistance that would be able to spot these activities.

A (11:38)

Thank you. Yeah. Cybercriminals know how to stay hidden. Right? And they always find a way. If there's a will, there's a way. And earlier you mentioned, you know, know, cyber criminals using AI tools don't only target an organization's technology, but their business process. So they, you know, study the business, kind of get an understanding of their daily communications process in order to get in and not be detected. So Alex, how can organizations build a proactive defense against these AI driven attacks before they actually happen?

B (12:08)

Definitely, you have to examine technology and examine your business processes to understand not only if they work efficiently, but can they be tampered with. And this is a concept that we are using technology all the time. We are looking for vulnerabilities. We are saying, hey, what if somebody does this or that? And in our business processes, especially those that are being influenced by third parties, by customers, by partners, we don't always ask these questions. So in many cases we are actually seeing that to defend something we need to put necessary safeguards, understand that the person or AI on the other side can be incredibly sophisticated. We need to keep our face, we need to do great customer support and customer service, but at the same time These basic safeguards are necessary and we got used to going through several different steps. When we are connecting to third party services we may be ask on the personal level, ask for Marzo's maiden name or additional information, say codes and stuff like that. But in business same thing applies and building necessary safeguards and requiring those safeguards to be followed. This is absolutely critical. Even dealing with AI that is interacting with our customer service online, it's not impossible to do certain things. AI may not make as many mistakes, but AI has certain traits. AI is fast in making, rendering responses and decisions. We've seen several of our customers actually implementing hidden prompts that typically not visible to people. But AIs that read every character, every letter and every number, they may actually be reacting to this. So they put a complex math problem, for example, saying hey, what's number of PI to 20th decimal? And that's being put invisibly into a human into a problem. And in response an AI sees it and it gives a number. Well guess what? Most people I know don't know this off the top of their head and they would not be able to respond in 10 seconds. AI does. So you measure velocity, you measure response, you measure the correctness and you try to make a decision. Are you dealing with a human, you're dealing with AI. What is the intent, what is a person trying to do? Meanwhile, the most difficult thing is not to break our current processes, to affect our users, to affect the care and affect our services.

A (14:55)

And I appreciate you mentioning, you know, organizations implementing safeguards and also, you know, investigating certain behaviors. Like if a person responds within five seconds compared to a normal time response, that's usually a sign or a flag. But let's say an organization, even if they have safeguards in place and the worst case scenario happens so they don't catch that vulnerability and an attack is successful. What are the key first steps an organization should take to respond and recover?

B (15:26)

Well, this is as we have classic incident response. The situation is pretty much all driven by our incident response policy. So first detecting if there is something wrong, if there is an anomaly, if there are any kind of indicators of compromise that would be considered worse investig and then you go based on your investigation practices, understanding that dealing with AI may actually be more complex and more complicated in many different ways where you're not going to see immediate errors. So you look for consistency, you look for issues and follow your practices that should be built into the plan. But important thing, especially in the age of AI, is that in your incident response playbook, put in components. Consider scenarios that would be AI driven and how you would be investigating these things. Not only a basic ransomware attack or something like that, but something that would be complex, sophisticated on one side. But if you apply it in AI, it may be a breeze for cybercriminals to execute it.

A (16:44)

Thank you. And as we know, organizations are adopting AI, whether it's to defend against AI attacks or to better help their business process and flow. But have you seen attackers go against these AI implementations and attack them? And if so, what steps can organizations take today to mitigate the risk of attacks against their AI implementations?

B (17:09)

I think AI implementations today are more vulnerable overall to attack exploitation than most of our software solutions. AI is a great tool. It's a changer of a game that would be playing out not only in our lifetimes and things would change for the better across the board. We are at extremely early stages of this technology and we are in very unchartered territory ourselves because we are making up rules quickly and not always efficiently as we go. Think about the journey that we took over the last three to five years in adopting AI and how much of AI was within the organization really five years ago. But what it is right now is that it's a necessity to continue business. It's changing the speed, it's changing the quality, it changes everything. However, we are not following the best cybersecurity practices that we lay out for pretty much every other piece of software or hardware that we are bringing into your organization. Think about this. When I'm evaluating installation of new enterprise level software within an organization, I'm going to put a lot of different considerations, including the history of of vulnerabilities, including the history of exploitation for this particular software, how often the patches are being added, how much information would be stored in this particular software, and how it would be defended. So this is traditional software. How much of this is actually being applied to AI? And I know some organizations are thinking about this and doing this, but I can tell you that in our practice, we are seeing very few AI implementations actually undergo proper security evaluation overall, meaning that from pen testing and making sure that AI is actually not vulnerable, we do relatively little. And because this is not just a piece of software, it is a complex solution that may not live only within our enterprise, but maybe in the cloud, in many different distributed components. The data may be there and maybe it's said to be protected. But how much of a vulnerability is there? Because we are hearing more and more of the past year, year and a half of AI data Being leaked vulnerabilities through social engineering of AI leading to the breaches and AI unwillingly disclosing information to the bad guys about its configurations, about the confidential and so on, so forth. Our cybersecurity researchers have their hands full. But the same with PEN testing of AI almost non existent today. Very few organizations do this, very few organizations feel that they need it. But think about number of vulnerabilities that we're hearing about right now and how difficult, how easy it is to solicit additional information from AI. We see this unfortunately every single day and the bad guys know about this. They actually valuing those individuals in criminal organizations that can manipulate AI as most valuable resources. They are targeting AI for vulnerabilities and disclosures because they understand that this technology is less tested, less proven with age. And we unfortunately entrusting way too much to AI at this stage because this is in many cases way for us to succeed, to progress. So AI is vulnerable, your implementation of AI may be vulnerable and you should take necessary steps to defend against it. Hopefully this becomes standard, hopefully it becomes much better science like we have right now with PEN testing, red teaming and many other things. But in my view we are getting into this very slowly and not always effectively endangering our enterprises with with use of AI and AI's knowledge of our confidential information.

A (21:46)

Alex, thank you so much for being here today and you know, emphasizing how AI is changing and fast as well and diving into the world of cybercriminals using AI attacks and how organizations can mitigate against such risk as well as stay on top of, you know, the latest vulnerabilities that CISA posts as well. So Alex, thank you for being here today listeners, thank you for tuning in. Please keep the conversation going in our RSAC membership platform by visiting onersac.com membership and be sure to check onersac for new content posted year round. Finally, don't forget to register for RSAC 2026 conference by visiting RSAConference.com USA. Thank you all until next time.