By Kathryn McKenna
People must be trained and tested in the possibilities and dangers of deepfakes, Brian Martin, Director of Product Management at Integrity360 has warned.
Brian was speaking to Sync NI at Integrity360’s Security First conference which took place recently in the ICC, Belfast. Together with Richard Ford, CTO Integrity360, Brian led an immersive exploration surrounding the theme of ‘Solving the human and cyber equation,’ which involved a discussion of forward-looking insights inspired by the latest industry trends as well as exploring the critical factors shaping today’s security environment.
Further highlights included an expert panel featuring cyber psychologist Dr Nicola Fox Hamilton who explored why humans remain both the strongest defence and the weakest link in cyber security. Meanwhile, attendees also heard how to combat deepfakes and AI ‘trickery’, and entered a new era of autonomous cyber security with a panel discussion on AI-driven solutions led by Nick Brownrigg, Director of Solutions Architecture at Integrity360.
Special guest speaker at the event, legendary boxer and inspirational speaker Barry McGuigan, later brought a fresh perspective to the world of security, resilience, and unpredictability with an insightful and inspirational talk which concluded the day-long conference.
Speaking to Sync NI following his insightful presentation, Brian explains that whilst cyber attacks are hard to prevent, the focus should be on defending against them. With this in mind, there are different vectors of misuse of deepfakes with one primary mode that of digital communications channels, such as video and audio communications and even via text.
This is why people need to be more aware of the possibilities of what can be created using deepfake technology. Brian explains: “People need to be educated to the possibilities which exist, because it is now possible to create a very realistic video of anyone. It is completely possible to clone someone's voice and it is possible to make that voice say anything - and also to project that voice saying it into a video of that subject.
“You can imagine the possibilities when it comes to social engineering. Therefore, people need to beon the lookout for this. It is essential that employees are aware and constantly trained and tested against this.”
With this in mind, Brian warns it is vital that organisations are conscious of their main critical processes when it comes to operations including transferring money; changing payees on a system or sharing sensitive data.
“Companies must ensure these processes are robust in the face of these types of attacks,” Brian advises. “For example, if an employee receives an audio message from your boss requesting money is urgently sent to a bank account, this is not enough validation anymore. Even if you recognise the voice, there needs to be much stronger controls around these critical processes - as these can be created falsely using deepfakes.”
Utilising AI
One major positive of Artificial Intelligence is the manner in which it can absorb an enormous amount of information and process the data, before transmitting it to a human in an intelligible way. For analysts and cyber security engineers, this allows them to utilise AI in order to free up time and maximise their resources.
“AI can notice trends or threats and can alert us a lot faster,” Brian explains. “The technology can help to assimilate the information and translate it in a human intelligible way extremely quickly. In cyber security, the faster you respond the better, and the greater chance we have of mitigating the risk.
“In this way in particular, AI is making maximum impact. We're seeing it coming into tools within security operation centers, allowing analysts to get a lot more efficient about responding, dealing with a larger numbers of alerts, analysing quicker, discounting alerts which are not relevant and allowing them to focus their attention rightfully on genuine threats.”
Preventing an attack
For businesses keen to find out more about how to prevent a cyber attack from occurring, Brian emphasises the importance of employing the right reactive and proactive measures in place to defend yourself.
When it comes to cyber attacks, the faster you move, the more you're going to limit the damage. Therefore companies need to have good controls in place around detection and response. This is the reactive side of security.
“Cyber security breaks down into two main areas. There's reactive security – if an attack happens, you need to be able to detect it in order to respond to it. You need to be able to stop it in its tracks. This means we need to employ detection technologies in order to ensure you are responding to it in a timely manner, and that you possess an incident response capability in order to respond.”
The other area of security is the proactive side. “The proactive side is about reducing your attack surface and getting rid of any vulnerabilities or exposures that could be exploited by a threat actor.”
Reducing the attack surface through exposure management is a continuous process, but attention must be paid to any area with vulnerabilities which can be exploited. This includes a company’s technology, the Cloud, individual team members through education and ensuring staff members are up to speed on not clicking on malicious links or falling foul of a deepfake. “All of these proactive measures reduce your attack surface, so then on the reactive side, your company has much less to deal with, and hopefully you can catch all of those in time as well.
“It boils down to making sure you have all the right reactive and proactive measures in place to defend yourself.”
Find out more about Integrity360 by visiting Sync NI and exploring the Integrity360 Company Hub for Thought Leadership articles (Views), Interviews, Events and more.
Read the latest edition, Spring 2025, of Sync NI here completely free of charge.
Subscribe to the Sync NI newsletter for all the latest technology news, jobs and upcoming events in Northern Ireland.
Visit Sync NI online for the latest technology news in Northern Ireland
