AI-Based Attacks , Artificial Intelligence & Machine Learning , Fraud Management & Cybercrime

Beyond Phishing: AI's New Tricks for Cyberattacks

Paramount's Surinder Lall on AI Impersonation, Deepfakes, AI Governance Frameworks
Surinder Lall, senior vice president, global information security risk management, Paramount, and CyberEdBoard member

Artificial intelligence has become a game changer for businesses and cybercriminals alike, and AI-powered impersonation techniques have become a formidable challenge for organizations. While phishing emails have traditionally been an easy way into corporations, "AI is now bypassing these defenses," said Surinder Lall, senior vice president of global information security risk management at Paramount, and CyberEdBoard member, referring to the conventional security training that focuses on spotting bad spelling, logos and suspicious email addresses.

See Also: Mitigating Identity Risks, Lateral Movement and Privilege Escalation

The implications of these AI-powered impersonation techniques extend beyond email phishing. Voice synthesis is also used to impersonate colleagues, and there are cases of deepfakes in video calls leading to unauthorized cash transfers, Lall said.

To combat these sophisticated threats, Lall cautioned enterprises to take a measured approach to AI adoption. "Build an internal system, or build a system where you know where the data is going, and there is appropriate role-based access control ... Otherwise, you should prepare yourself for the day it ends up in the public domain," he said.

In this video interview with Information Security Media Group at Cybersecurity Summit: London, Lall also discussed:

  • Strategies for developing adaptive AI governance frameworks;
  • The hidden risks of third-party AI tools and potential data exposure;
  • Why physical verification might make a comeback in the age of digital deception.

As part of Paramount's information security leadership, Lall safeguards its assets. He has worked in companies such as Viacom and Elsevier Science, and he founded The Neurodiversity Network and AI Ethics and Policy Think Tank. He is a board member of U.K. Government Cyber Security Advisory and a CyberEdBoard member.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.