Jason DeJong is a senior solutions architect with Technologent with over 20 years of IT experience primarily focused on information security and risk management. DeJong shares his experience, knowledge and thoughts on the security issue of DeepFakes.
To view the original article, please visit: https://www.atmmarketplace.com/blogs/deepfakes-why-its-a-danger-to-your-business-and-your-workforce/
In the realm of information technology, Deepfakes are an advanced form of social engineering attack in which an adversary uses deceptive techniques to lure a person into completing a specific action.
The concept behind Deepfakes has been around for years. Consider phishing emails as the starting point; an email goes out to numerous recipients in the hopes that some of them will take the bait and perform a specific action. The evolution of phishing is spear phishing or whaling, where the levels of sophistication grow and intended targets become more focused. While these types of attacks have worked for years, corporations are tightening security postures and conducting user awareness training which has led to an increase in Deepfakes.
Deepfakes leverage automatic computer-graphics or machine-learning systems to synthesize images, videos, or even voice. Adversaries are using Deepfakes to target specific people within an organization with the intention of gaining access to a corporate network or resource, gaining knowledge about processes or procedures, or having an individual complete a specific action such as paying false invoices.
We have all seen doctored videos of celebrities on the internet but imagine if the CEO of a major financial institution was on a doctored video claiming they were closing branches. A video of this nature could cause irreparable damages to the reputation of the individual or the business. With the advances in artificial intelligence and machine learning some of these Deepfakes can be almost impossible to identify. One of the main defenses against these types of attacks is to create a security policy for the organization and to conduct user awareness training sessions for all employees.
Zero trust architecture
We all know there is no silver bullet for defending or securing our environments, but designing and implementing a strong security model is a great place to start. One example of such model is a zero trust architecture, which is a security concept that requires all users to be authenticated, authorized, and continuously validated before being granted or keeping access to applications and data. This is especially key in the financial industry.
This concept has been around for about ten years, but only now is starting to gain real traction in the business. The zero trust model uses micro-segmentation to add granular perimeters at critical locations in the network limiting the flow of east and west traffic or lateral movement. Zero trust can only be successful if organizations are able to continuously monitor and validate that a user and his or her device has the right privileges and attributes. Organizations and financial institutions need to leverage advanced technologies such as multifactor authentication, identity and access management, and next-generation endpoint security to verify a user's identity. With effective implementation, the zero trust architecture model could drastically enhance the security posture of an organization.
In our current environment many businesses seem to be focused on end point security solutions, infrastructure upgrades or enhancements or the newest toolset which promises to secure your entire platform. While some of these tools are essential to secure an enterprise, many bring along extra workloads, training, and management. Assessing the toolsets used in your environment has proven to be extremely beneficial. This type of assessment provides an understanding of the tools being used by employees and allows for standardization across the departments/divisions.
Another key aspect to having a strong security posture is to automate as many manual tasks as possible. Misconfigured settings due to human error are one of the leading causes of security breaches to date. By removing the human interaction and creating comprehensive repeatable automated tasking your environment inherently becomes more secure.
Evaluate the current IT environment
In my opinion, the first step to achieving a strong security posture is to evaluate your current IT environment, business priorities, and available resources. We can't protect our environment if we don't have a clear picture of what it looks like. Aligning security priorities to key performance indicators of the business can provide transparency, allowing decision makers to see how security needs align to business priorities providing a clear picture of the most critical assets needed to keep the business churning. As always, finding the appropriate resources or security personnel is a challenge many companies have and will continue to deal with for some time.
As our network perimeters continue to expand, protecting our critical assets has never been more important or more difficult. Securing and defending networks is never an easy task but if you define a clear security policy for your organization, educate your users, and be transparent to senior leaders, achieving a robust security posture is possible.