Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

Varonis: 2025 Cybersecurity Threat Predictions: AI, Deepfakes & Cloud

Varonis
07/10/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


Hi, everyone. Thanks so much for joining us today. I'm Ashley Spinelli, your host for today's Data First Forum, Festive Forecast 2025 Threat Predictions. I'm thrilled to have you all here as we unwrap some of the most pressing cybersecurity threats we might face in 2025. We've got a sleigh full of insights and predictions to share and a bag full of presents, including CPE credit, which you all will earn for joining us today. Our panelists have been working hard, decking the halls with their knowledge and expertise, and they're ready to share their predictions for the threats coming down the chimney. I'd like to introduce you to Matt Radulak, a staple on the Data First Forum and Varonis' VP of Incident Response and Cloud Operations and EU Sales Engineering. Say that five times fast. Say hello, Matt. Hello, everyone, and thanks for having me here as one of your presenters. Yeah, I like that. We also have Mike Thompson, Director of Cloud and Security Operations here at Varonis. Say hello, Mike. Hi, everyone. Thanks for coming to join us today. Try to get in the festive spirit with my sweater, although it's not very chilly here in Dallas, Texas today. It's a great sweater. And we have Ed Lin, Cloud Security Architect here at Varonis. Say hello, Ed. Hey, everybody. Thanks so much for having me on today, guys, and hopefully we can share some great knowledge today. And you're working on your Santa Claus beard there, Ed. I can see it. It'll be in by Christmas. Yeah, I just need the white paint. Yeah. So they've been making a list, checking it twice, and they know which threats are naughty or nice. And with that, I'll hand things over to you, Matt. All right, before we get started, Ashley, you are on fire with the puns today. So I just want our audience to get into this vibe. If you can come up with a Christmas pun or an AI pun based on everything that we're doing, I think we're going to be on a roll today. And I'm talking about one of those Christmas Yule log-type rolls. So let's get started. My first question, and I'll ask Mike, I'll ask you, Ed, have you ever been fooled by a deepfake or seen a deepfake that you couldn't distinguish from reality? I'll start here, Matt. I don't know about a deepfake. Thankfully, no one's targeted me with a deepfake, but certainly AI-generated images I've fallen for. And I think I've seen a lot of them. I think AI imaging technology has come a long way over the past year. And I'd like to think I've gotten better at spotting them, but I was actually just having this conversation with a group of my friends last weekend. I don't know if anyone's seen this image. I was going around the internet a couple of months ago. It was like a guy fighting an alligator. It sounds insane. It sounds like obviously this should be a fake AI-generated image. But at the time, I really had trouble scrutinizing if it was real or not. And I had to kind of search, kind of try and get debunked. Is this an AI image or is this guy actually drop-kicking an alligator in the middle of a swamp? I recently went back and looked at that image again, and it was pretty clearly AI, but I think my eyes has learned a little bit better how to distinguish that. And before Ed goes, I'll give mine. I saw this video of a bunch of former presidents and heads of nations, and it was like AI-generated video that looked like they were all in a rap music video with the people and the cars and the jewelry and all that stuff. And when I was first watching it, I was like, man, this is some good material. But then they had so many different world leaders, I kind of had figured it was a AI-generated video. What about you, Ed? Yeah, I would say similar to Mike, thankfully haven't been targeted by a specific phishing attack or a video defaked from a relative to try to garner some money from me. But the one example that I always go back to that's really fooled me would be the time that that image of the Pope wearing that very stylish puffer jacket circulated the internet. And when my friend showed that to me, I immediately thought that was accurate. I thought that was real. I thought, wow, Pope has a great sense of taste. It looks amazing, especially with the large blinged-out necklace. I just didn't doubt that was real at all. And of course, looking back on it, it was a bit silly, but I really think with the way the AI is really increasing its ability to have high fidelity, it's gonna be even more convincing in the future. Just to kind of make something a little serious for a second, I lead up Varonis' incident response team, and we have unfortunately been called in to investigate incidents where the source of the attack was from AI. One that really comes to mind for me is I was a nation state actor from the Asia Pacific region. They targeted an organization and they embedded an employee in the interview process. And that potential employee pretended to be someone else throughout that entire interview process. So in every video interview, even though they sounded like themselves, they didn't take on the voice of this person, but the company didn't know what that person should sound like, they were able to disguise their image and look like this person from this particular LinkedIn. And if you Googled this candidate's name, you'd see pictures of them if you went on their Instagram. And this AI overlaid image in these video interviews represented this fictitious person, but in fact, it was a nation state actor trying to break in and steal the company's secrets. Now, ultimately what tipped them off was an alert and escalation from the Varonis managed data detection and response team that that person was logging in from a geolocation that was outside of that company's repertoire. And then they were accessing a bunch of source code information with the intent of exfiltrating it. And we were able to stop that, but it really, for me, I've always thought about deepfake phishing emails. I always thought about deepfake videos that might change the mind of the populace, but not something as persistent as having seven rounds of virtual interviews and maintaining this deepfake persona the entire time. That one really, for me, in terms of trends for 2025, right up there at the top. And Mike or Ed, anything like that that you guys have had experience with? Yeah, I think, I mean, in general, and I think we'll get into this a little bit more later, but we've seen an increase in just sophistication in general with like spear phishing attacks, like the AI, not just from deepfakes, but in terms of being able to eliminate some of the telltale like spelling errors and grammar things that we used to see. That's a thing of the past, right? AI has really erased that. But on the deepfake side, there was another really interesting story earlier this year. Where a deepfake with the CFO, they were impersonating the CFO and were encouraging an employee to wire millions of dollars and they actually had a Zoom call, like we have here, all of us up with multiple different staff members. Everyone was the deepfake, but the mark who they were trying to get to wire that money. And if you, it'd be one thing with one deepfake, but multiple people, you're seeing multiple staff members all in one Zoom. I mean, I think you would start to maybe even call your own sanity into question if you're like, how skeptical should I be that everyone else but me is fake, right? That you're getting into kind of Truman show territory. So I just think that- What is the callback mechanism? You know, like what the banks tell you that call them back at their number to validate it. You know, I think more and more, we're gonna have to just be suspicious of almost everything in that regard and try to call people back. And for me, it's cemented that we gotta have an in-person interview. Oh yeah, for sure, right? Get that point of contact, you know, get that reference, meet them in person. Can't trust what I see, unfortunately. This is all got me thinking, I get this question a lot when I'm at different conferences and stuff, like how do we actually protect against deepfakes? And what can we practically do? I think something from like a risk mitigation factor that we might wanna consider is who's our high risk individuals within the organization because of their public presence, right? If you have that LinkedIn rockstar who's always posting on social media and getting their face out there, great for marketing and great for the company, but maybe increasing their risk of someone who might be targeted. They might have a lot of their, hey, I'm doing it right now being on this webinar. Hopefully no one's capturing my video for deepfake purposes, but you know, our public presence is putting us at risk potentially. And we can maybe tell based on their sweaters if the sweater of the deepfake is fancy enough or not, Mike. Yeah, and who do you guys think would be the most vulnerable to like a deepfake attack? Like, is there a part of the population? Is there a particular user base? Like who's gonna be the victim? Yeah, when I think about that question, I think about it from two different sides, right? There are, as you're saying, Mike, the high profile individuals that may be vulnerable from the sense that their likeness is constantly plastered over social media. Their voice can be easily replicated because there's just so much data out there. But also from a business email compromise perspective, employees that let's say have financial authority or have the ability to remit large sums of money within a short period of time, I think attackers would look and use social engineering to identify those. And of course, putting individuals in an emotionally charged situation, right? I would imagine that deepfake scenario with that Hong Kong clerk. I mean, you have six of your bosses all yelling at you from a Zoom call to do something. That's a pretty charged situation. Is it the new phishing, right? Like is having an email or a video or a phone call where someone is posing to be someone else, is that like the real threat here? I also really like what Don said. Don said, I liked the latest FBI note saying, choose safe words for your family. Maybe we need to do that for everyone we know and like a good use of a past manager. I think that's definitely something to think about, right? Like if you're getting a call, you always hear about these scams that elderly people typically fall for where they're calling to bail them out of jail. Like maybe if they don't use the safe word, that's a good indicator. These are things we may even have to have at work and rotate them frequently in order to make sure that we're talking to a real person and not an AI. I mean, heck, Ed, how do I know right now that you're not an AI on this data first form? Jeez, you're giving me a existential crisis. How do I know if I'm not AI just generally speaking? Exactly, I agree with Klaus. The beard can't be real. You don't have a beard in the photo for this. Well, but let's kind of take this and jump onto our next kind of question here. Who's gaining the most advantages from using AI today? I mean, I think it's clearly threat actors if for no other reason, because they're not having to navigate a lot of the legal or compliance or security red tape that organizations are having to go through before they adopt AI technology, right? Like they're just jumping in head first, they're getting the hands-on experience, they're pushing it forward. We've talked to organizations that have been, spent all 2024 trying to plan how are they gonna carefully roll out AI? Threat actors aren't doing that. They're jumping straight in. So I think just from that perspective, they're clearly ahead of the game. And I think it's kind of like how regulation is always gonna lag behind technology. I think the same thing can be said from a defense perspective, right? There's gonna be novel things. We're always unfortunately gonna be playing catch up. Like this is a brand new set of capabilities and new attack surface ultimately as well. And we're gonna have to as defenders catch up to that. Yeah. Yeah, I mean, the attackers already have a toolkit, right? You can just like get, you can either use the commercial toolkits or you can go on dark web and find AI hacker toolkits, like ready to go. I mean, you don't even need a whole Bitcoin anymore. You can buy it for a small portion of a Bitcoin. And I was just gonna say, right? I think AI really does a great job with democratizing and lowering that barrier of entry, right? I think in the past, we were concerned about script kiddies, but now script kiddies can literally in natural language, let's say I've been a firewall that they've scanned using AI and just ask what vulnerabilities are available here. So it really lowers the barrier to entry and they use AI to really automate that attack and reconnaissance and all the different sorts of processes to increase the speed and scale of these attacks here. And let's kind of turn this, let's not get too doom and gloom, right? We're obviously meeting with a lot of organizations that are taking AI security seriously. What are they doing about it? You know, I think something that I've seen increasingly and we've even done it here in Baronis with our internal like cybersecurity awareness training that we make every employee to go through to make sure we keep our cyber insurance premiums is just awareness, right? Like the deep fake scenarios we're talking about before, that was part of our cybersecurity awareness training this year. But I think there needs to be a lot of that enablement with employees. Cause you know, we, I think we have a pretty technical audience here today, but there's varying levels of technical maturity across an organization. And we have to make sure that maybe those less proficient people technically have a solid understanding of the risks as well and that they take it seriously and with scrutiny, right? I mean, if you, we talk about this concept in the past of like MFA fatigue, right? MFA is a great security control, but if it becomes a routine part of your day and you get a prompt and you just dismiss it cause it popped up on your screen and you didn't want to see it anymore, I think we are going to have a similar thing with AI. Like right now it's kind of new and people are applying some scrutiny and human oversight over what they're getting back from AI. But I feel like as it becomes more routine and more part of our day-to-day life, we might lose that. So that's, I think user education is a big thing that I think is really important. But obviously there's a technology side to this as well. Let's zoom out from this security conversation for a second. If you're watching this webinar and your organization isn't using AI at all, you're behind. Like if you're not using AI to make efficiency gains or generative AI to just, you know, overall make people more productive or meeting AI to send notes and action items, you're behind. Technology is innovating in front of us and the leaders, the people out in the front are even using technologies like prompt monitoring. For instance, like many of our customers monitor what their employees do with Microsoft CoPilot to look for fraud and abuse. They're also starting to monitor to see who's using CoPilots the most to get what I call gains from AI. Like where are they getting productivity gains? Where is AI proving to be useful? Because you need to do this prompt in order to figure out the good stuff so you can replicate that. Because, you know, not everyone is a skilled prompt engineer and knows what to do or how to use AI. And you got to, you as a company, you need to find the people that are doing it well and repeat those behaviors across your company. Because if you're not, there are companies out there that are doing it and they're going to get ahead. And this is even more so for the organizations that are building their own LLMs on top of large LLM toolkits, not just using like, you know, ChatGBT or not just using, you know, Gemini or AgentForce or Microsoft CoPilot. Like they're building LLMs for their own business and to make them more efficient and to take advantage of AI, much like Varonis does in its own products. You know, we have things like AI-based classification and we have things like AI security analysts. We have things like AI natural language querying inside of our interface. It makes a better customer experience. So you have to look at yourselves and report to your board on how you're either making things more efficient, making your company make more money or providing better service and a better experience to your customers by using AI alongside of all the things that we're aiming to talk about on the session today, which is what are the biggest threats that we predict for next year and how AI is going to be a part of it. And maybe that's like a good place for us to, you know, kind of pause for a second, but also think about like, how does this play a role with like hybrid cloud security and all the challenges that have cloud? How many public clouds does you and your organization have presence in? And Mike or Ed, anything to add on like the ROI of AI? You have to really work closely with the business to understand all the use cases. Like what we've seen a lot of organizations do in that first phase, right, is kind of figure out that pilot group of users, say, all right, I'm going to have a few different teams, different business units, different stakeholders, you know, dive in, see what they can do for it and figure out what's a worthy investment. Not every team, not every business unit is maybe going to have the same ROI, but if you get the technology into the hand of, you know, I think that ROI is there. You just have to really work with the creative people in your organization who can maximize that technology, but it can be hard to quantify, right? You need that feedback loop with the people that are using technology. I mean, we've done that internally here. We had an internal pilot group, you know, bi-weekly feedback sessions. How did you use it this week? What worked well for you? What didn't? And I think that was very valuable and Baron is helping shape our AI strategy. How might deepfake capabilities look a year from now versus now and what can we do to stay ahead of that? I can speak to how the capabilities could look like from, you know, potentially an improvement perspective. Some of the tips that I've seen online and I've heard from other cybersecurity practitioners is, you know, while it's difficult to detect deepfakes, you can look for things like unnatural movements or expressions, inconsistent lighting or shadows, maybe even some distortion of the face and things of that nature. And of course, if they're acting unusual and are, you know, asking for unusual requests, but I would imagine in the future as, you know, we're diving into this AI war game where our defensive tools are getting better at detecting that and the offensive tools are getting better at hiding it, it's gonna be harder to tell. And so I think it really falls upon just what is the purpose of this call? You know, what is the behavior of the request of this call? If someone, you fake Mike, and all of a sudden Mike asked me at 8 p.m. and on Tuesday to send him Apple gift cards, I think that would draw a lot of flags, even if Mike was looking, you know, as polished as he usually would. And so I think that's how I would answer that question there. And do you guys think there are malicious actors using tools like spam calls to capture what's needed to create a deep fake? Absolutely. I mean, I don't know about spam calls in particular, but there's like any data that can be scraped is gonna get scraped without a doubt. Like I think, unfortunately, we just have to assume that that ship has sailed. And if that, you know, every avenue available to make that personal data valuable to a threat actor is being pursued. I mean, we're doing it right now. The three of us are doing content right now that someone could use to train a AI to look and sound like us and even make the same corny jokes as us. You know, I think Ashley's AI would make a ton of Christmas puns. Like it would learn pretty quickly. Now, like, but at the same vein, you know, spam calls, like let's think about it. Do you really need to? There's so much on social media. People have videos. They have, you know, there's YouTube videos. If you're in the public domain at all, there might be recordings of you speaking. You know, they got pictures. I mean, there's a lot already probably out there of what people would say is your likeness that could be used to train AI. They almost don't need to use a spam call. Now I want to just cover one. We've got so many great questions that have come in. I just want to cover one more before we jump into our next poll. Is there a new or novel attack vector that AI has introduced? If so, what is it? I was gonna say one thing we've seen is, yeah, like, again, I kind of mentioned this earlier. AI is a new attack surface. We've seen remote code execution against AI models. Another thing that we've seen is like rogue AI apps, right? Like if you're trying to download some, you know, chat GPT client that, you know, is supposed to give you access to all the advanced features, but really it's just, you know, essentially the public version and it's capturing your data and using that, like basically serving as a proxy to steal your information. Like there might be untrustworthy apps that are trying to bait in users to use AI and capture their information. So two things I wanted to touch on, Ed, but I didn't mean to cut you off there. And of course, I think something interesting that I read recently as well is that more and more people are starting to see AI software or software that was generated based on code prompts that you would receive from like, let's say a chat GPT, being a weak link inside the software supply chain, right? I think I saw somewhere that there have been maybe 40% of allergies this year that was associated with an improperly written code that was associated perhaps with, you know, chat GPT or GitHub Copilot or Amazon Co-Whisperer, perhaps not giving the best code that is oftentimes reused and repeated. And so you have, of course, the malicious aspects of attackers utilizing AI tools and then perhaps, you know, AI being replicated and reused without the highest level of scrutiny to develop the code that, you know, our infrastructure may be utilizing in the first place. So different avenues here, I think. Yeah, and then wait until the AI decides it wants to do this all itself and it's us versus a self-learning AI of AI attacks. Will deepfake risk be part of the new assume breach mentality in our governance strategies? And do we need to have safeguards to assume that everyone isn't who they say they are? I think, Matt, you introduced me to a concept last year, which is kind of real-world MFA. This is something I didn't know existed until I hopped in an Uber with you and you gave a pin code to the driver. And I was like, what was that all about? And you showed me, it's like, hey, this is MFA in practice. Like, I don't want to get abducted by a rogue ride-share driver. So- You don't always get the wrong Uber and go in the wrong direction. I mean, I guess- True, maybe that's a little less- It's one bad for my personal. I don't even shut the door. Just for those of you that don't know, this is a security feature in all the ride-sharing apps, or at least in Uber, where you can have multi-factor authentication with you and the driver. And so I open the door to the Ubers, I give the pin number, and until it actually confirms that they're them, I don't sit in the car and close the door, just in case. I mean, I think maybe, is it we're going to do that in every single meeting? No, but in the right meeting, in the right topic of conversation, like that might be a control we need to start implementing. Like if we're discussing wiring millions of dollars, absolutely, we need that real-world- Maybe we need a prompt for MFA right now. And if you guys fail the MFA prompt, like, you know, you're kicked off the Data First Forum, right? Because then you'd have to have something you have, you'd have to have the phone, and then, you know, or the multi-factor token, and then you have to provide it on domain. Maybe multi-factor authentication is the place for this. You know, I think a lot of like cloud security, it's like a Swiss cheese model for a lot of organizations. You all think you have this impermeable outer shell, like the block of cheese, but in reality, it's because you don't have the visibility to see the holes. The more that we conduct risk assessments and we look in cloud, I use the Swiss cheese analogy a lot. And it's a lot of that is because, you know, data flows like water through like the membrane of your organization, whether it's people, it's collaborative data stores like 365, it's, you know, Kubernetes, it's, you know, databases in your cloud, it's compute or object storage in your cloud. Like data is flowing so rapidly and it's not all user initiated transactions. A lot of it is API and service-based and token-based transactions that you might not even have visibility into. And so it's very, very unlikely, unless you have a very small cloud, that your cloud is being equally protected. And what do you guys think? A hundred percent. We, Ed and I both work on the cloud security architect team here at Varonis. We've done hundreds of risk assessments at different environments, looking at AWS, looking at Azure, looking at Google Cloud, looking at SaaS applications. And you're a hundred percent right, Matt. Like the people tend to laser focus on a priority, right? Like this is the cloud that we're, for whatever reason is getting our attention from a security effort standpoint. And we got some data over here and we don't really know what's happening in this spot. And I get that. You have to prioritize your data and your security decisions and your budget. But like you said, data flows like water. All these clouds are interconnected. So if you have not putting controls in place that can protect your data wherever it sits, I think you're asking for trouble. And we see this, there's some trends that we see consistently every time we do one of these cloud assessments in terms of exposure, in terms of like sensitive data, like credentials, API keys being stored improperly. I think maybe sometimes people get hung up on this idea of like a public exposure. It's obviously a concern. We don't want resources exposed publicly, but getting back into that, the holes inside the environment, we just see so much internal overexposure. And I think about like AWS as an example, we create new custom policies. We have access keys granted to applications. We have a role trust policies. What roles can assume what other roles, which can access which resources and creates quite a maze that without proper visibility can be really difficult to understand. And we often refer to as the blast radius, right? And Brunus, what can any given identity do in our environment? I think when you're looking at a multi-cloud world, that question is extremely complicated for most organizations to answer and ultimately control. We see the side effects of that, right? We see the results of the difficulty in managing that. If we take that and we think about like predicting for 2025, I think that combining the two threats we've been talking about is really like the blast radius for the average order of 2025. You've got this new entry point that most people aren't prepared for, right? AI, deepfakes, AI based attacks. Once an attacker gets control of identity, it's game over. They're just gonna use all the tokens. We see less and less drop in exploits, dropping malicious tools, giving EDRs or modern firewalls, a chance to pick stuff up. We see attackers exploiting the blast radius, like using the active and the controls that, the access that they have in order to access and exfiltrate information or gain additional privileges. And so like one of those that right now, for a lot of works might be an insider problem is once deepfakes get better and the entry point for attackers kind of lowers as Ed talked about, like the script kitties are now using AI instead of just using stuff they downloaded off of GitHub. What used to be an API key stored in plain text or a password stored in plain text is now the source of your next big breach. Same thing when you think about like, I always come back to that snowflake breach from earlier this year, maybe it was even the summertime, like a hundred something organizations fell victim to a very, very trivial attack vector, right? And these are big name companies. They have the security stacks. They have SIMs, they have modern firewalls, they have endpoint agents, right? Like they're doing all this stuff, but what did they fall victim to? Password reuse with the lack of multi-factor authentication and not enabling what were called network access controls or limiting, we'll look at some balloons coming up, or limiting where someone can log into your snowflake from. And the lack of those two controls and the commonality that people reuse their passwords between different applications led to 160 or 170 organizations to get their snowflakes breached, right? That's just one cloud app that is often interconnected to other things that was exposed because of password reuse. Like I think we're really just at the tip of the iceberg in terms of trends and predictions for 2025 on how inside exposures become external exposures and breaches in cloud. Yeah, the group responsible for that, Shiny Hunters, they've been in the news again recently with a major AWS breach, right? They're really focused on finding these credentials via some mechanism, Info Stealer Malware as an example and using that, right? And if you don't have those, like you said, Matt, these are basic controls, things that could've, we'd like to think, very easily prevented, but the wrong credential in the wrong hand, so they can script all this stuff and make it very easy for them to discover the ones that are gonna be impactful is a growing trend that we see. It's like these identity-based attacks, right? I'm not trying to detect malware. I'm not trying to detect malicious code. This is a valid account that has access to our most sensitive data. And we think about like Snowflake as an example, like everything in Snowflake's important. That's why you're feeding it into Snowflake and from some of those other data stores, right? It's like concentrating my most interesting, most impactful data that matters to the business into one area. So having loose controls on something as valuable as Snowflake is kind of mind-blowing to me. So, and Ed, I wanna give you a question. I gave that Swiss cheese analogy. I might've stolen that from you. What does that mean? Like how do people's clouds end up like Swiss cheese? Yeah, I think that's a great question. And I think what we've been discussing so far, which is obviously incredibly relevant, are malicious attackers or those with that malicious intent that are looking to exfiltrate and steal data from these cloud environments. But again, to what Mike was mentioning, what we just see time and time again is it's not even those with malicious intent that are always causing these sorts of data exfiltrations and breaches. For example, I was conducting a data risk assessment for a client that was heavily reliant on AWS. And as we delve into their cloud configuration specifically, we actually discover something very alarming. It turns out one of their AWS administrators, which obviously is a non-malicious actor that we know of was just doing their job and made a seemingly innocuous change to a security group or basically a virtual firewall that inadvertently granted unrestricted access to their entire or one of their many Postgres databases, which basically means that to anyone on the internet with the right tools and a bit of know-how and maybe a little bit of AI, could access and potentially exfiltrate that database. You think like tools like Shodan, which are freely available, I can just scan for any devices that are open to port 5432. That's something that you can use. And when we presented this finding to the customer, the entire team, their organization, their security infrastructure teams, they were really quiet, right? You could really feel that awkward silence there. And then, you know, this AWS admin broke the silence and kind of muttered under their breath, basically something along the lines of like, geez, I already told that team to stop doing that a long time ago. And I think that really reveals two critical issues. One, that's not a first time mistake, right? It sounds like a reoccurring problem. And two, despite knowing that risk, this team lacked a comprehensive repeatable system to consistently alert and resolve these critical exposures. And so to tie back to your question, you know, why is cloud Swiss cheese? Well, even if you have the robust security controls that can close that front door, it doesn't mean that, you know, data can leave through the side windows, the back door, the upstairs floor, right? These misconfigurations and unfortunately human error can really create these gaping holes that allow that flow of data outside the environment. Yeah, and let's, you know, I know we were prepping before this today and we get real excited when the three of us get together and talk about like how the world is going to end from cloud data breaches and AI, the eventual demise to our robot overlords. But let's talk about insider threats. When I think about 2025 predictions, I see like job, just like the classic insider, job hopping insider threat getting bigger. Because like, imagine your first day at a new job, you're eager, you're excited, and they put co-pilot on your computer. How powerful you would be to like learn everything about that company and how it operates. And like, I don't know, I feel like somebody that did that at enough places could really learn a lot and have like an intense amount of knowledge that otherwise took people years and years and years to build up this like tribal knowledge of like how it works and what makes it efficient and what makes it better. And if you get access to something like a co-pilot on your first day, I mean, you could just ask a co-pilot. Like, what's the number one thing we're good at? Why? You know, what's the design? What's the proprietary design behind that? I also think that that's going to open up the doors to like a lot of data governance risk. I agree. And while this may not necessarily be a cybersecurity trend, I did read recently that from a poll that one out, like one out of every two millennial workers, they're open to job switching and job hunting. And so meanwhile, you know, while it's not necessarily malicious that what they're thinking that they're doing, you know, what's stopping someone from doing a report export in Salesforce, grabbing a list of clients and bringing that to the next customer or a conversation. Right? And so I think governance really has a big play, especially when it comes to job switching and understand the right controls you might have. And when you do see someone put in their two weeks notice or maybe put at risk, for example. This is a question I often pose to people when I'm trying to get them to think about data security. It's like, can you answer the question of how much data your summer intern that just started has access to on day one? Do you have any way to quantify that? I mean, we know that because we do that with Varonis, but for a lot of organizations, that is an impossible question to answer, even more so to know what that data is meaningful. So, and I think, you know, to Ed's point, right? People are hopping jobs more. Like, you know, if I, if, you know, I'm not planning to leave Varonis, but if I were, I'm sure they'd, whoever it would be like, what do you, what can you teach us? Like, what did you learn at Varonis that you can learn to make us better? That's an attractive quality in a candidate. Negative, Bill Stryer. The pattern is full. No, I'm kidding. So, you know, I guess where I was going with this is like that visibility, understanding data access. We were talking about zero trust a little bit earlier and that often, you know, extends down to the application layer and fails at the data layer, understanding what can any given individual actually access. So I think we've seen a trend in this. I mean, the DSPM market is growing. I think organizations are catching on to the idea that we need these same security controls down to the data layer. But I, you know, with the economy and the trends that Ed was mentioning with millennials job hopping, I think this is going to be something that organization would be really sharp on being able to identify those insider threats and understand when atypical data access is occurring. Yeah. Oh, sorry, Matt. But the last thing I would add to that really quickly is that a lot of the organizations that I work with, especially from a Salesforce perspective, have a really great way of provisioning access to a new user and a really great way of deprovisioning access to that user. But to Mike's point, you know, just because you're deprovisioning access, can you certainly say what this user touched during that time during the two weeks? And for a lot of organizations out there, that question is really hard to answer. And so it's not just how much data they have access to, but among the data logs that they are accessing, what's relevant? And that's a hard question. So what's a better strategy to protect against the threat vectors that we talked about today? Protect or detect? And while I give Mike and Ed a chance to answer that, we launched a feedback poll. For everybody that's out there listening, you know, Data First Forum is made possible by you, our audience, more so than any of the producers from Varonis or me and my co-speakers. And we really, really value your feedback. We always want to make them better and more exciting and more interesting. We hope you've had a great time with us today. So please take a second and give us some feedback. And I'll ask Mike and Ed the question again. You know, what do you guys think? So based on my personal experience, I like the shift left in the sense of really getting a good understanding of where your sensitive data is or where all your resources are, like really inventorying, you know, what your cloud landscape is, for example, what are the different IaaS, PaaS or SaaS applications your organization uses, what they might be doing with that specifically, understanding, you know, should there be sensitive data in there? If there is, what type of data is in there? Then applying the right sorts of protections based on that prioritization and the knowledge you gained from doing so. And then of course, building detective controls on that. But that's my personal opinion. Mike, I'm curious to hear yours. I think that's like a protect. To answer the question of protect versus detect, you're saying protect. Yep. Mike? Well, I feel like I need to take devil's advocate from Ed now on the detect side. Yeah, user behavioral profiling. I think a lot of the threats that we talked about today, AI, insider risks, right? These are not things that we can detect from a signature-based approach, right? We're not looking at malware signatures. I'm not looking at, you know, a lot of things that we would usually detect threats at. So having a strong behavioral approach to detection is gonna be critical as these threats evolve and get, you know, more advanced, more difficult for traditional detection methods And here's what I'll say. I don't like absolute questions like that. It's shades of gray. You gotta be able to do both. You gotta do your best to prevent, but know you're never gonna be perfect, right? Like you as an organization, you have to be 100% all the time to avoid a data breach, right? And if you take a preventative-only strategy, you'll fail. Even a zero-trust network is compromisable by an insider. Look at the text-share outbreaks. Like this guy got into the most secure facilities in the world, a SCIF, where they process classified data. There's guards with guns. There's EMF protectors, like, and he got sensitive classified information out of an enclave, a thing that's not even connected to the internet. So you gotta be able to protect and try to stop that from happening, but then have a compensating control of detection to be able to know that something bad is happening with the things that are still allowed to happen. And if you can do both of those, that's the better strategy. Should we be expecting bad actors to use autonomous hacking tools and executables in 2025 and beyond? Yes, they're probably already using it. There was actually a POC developed by a blue team or defense team that developed a polymorphic AI that basically, upon execution, rather than reaching out to a command and control server for someone to utilize, you can actually reach out to a chat GBT or open AI API and just compile that code on the fly. And so I think it's already being used since 2023 or even before that. And I would imagine that 2025, it would continue or even improve. Mike, any closing thoughts? No, I'm trying to be cheery. That ad just scared me a little bit, but this is festive today. Well, so then we'll leave it with this. Let's let all of our good actors be on the nice list for Christmas and the holiday spirit and all the bad actors get lumps of coal in their GPUs to slow down their AI processing. And I think with that, we should say farewell. Thank you, everybody. First, big shout out to Ashley. You did a great job opening us up today and all the Varonis producers. And Mike and Ed, thank you guys for being here today. Big thanks to our audience. Yeah, thank you everyone for joining. We really appreciate it. And appreciate all the interaction too. We had some really great questions today. I wish we had more time. Thanks everybody.

TL;DR

  • Nation-state actors are using deepfake technology persistently throughout multi-round interview processes to embed malicious insiders within target organizations, representing a significant escalation in social engineering sophistication.
  • AI has become both a weapon and an attack surface, with rogue AI applications harvesting user data and AI-generated code introducing vulnerabilities into the software supply chain at alarming rates.
  • Autonomous hacking tools leveraging AI APIs can now compile malicious code on the fly without traditional command-and-control infrastructure, a capability already in use since 2023.
  • Insider threat risk is amplified by workforce mobility trends, with organizations struggling to track what data departing employees accessed during their tenure despite strong provisioning processes.
  • Effective security strategy requires both prevention and detection working together—zero trust alone cannot stop insider threats, as demonstrated by classified data breaches from highly secured facilities.

AI-Powered Deepfakes and Social Engineering Threats

The panel opens with a discussion of how AI-generated deepfakes have evolved from novelty to genuine security threat. The Varonis incident response team shares a striking case study involving a nation-state actor who used deepfake technology throughout an entire interview process to embed themselves within a target organization. This persistent use of AI-generated video across seven rounds of interviews represents a significant escalation in social engineering sophistication. The panelists note that while detection techniques exist—looking for unnatural movements, inconsistent lighting, or facial distortions—offensive AI capabilities are rapidly improving, making behavioral analysis and verification protocols increasingly critical.

Emerging Attack Vectors and AI as Attack Surface

Beyond social engineering, the discussion explores how AI itself has become a new attack surface. The team highlights remote code execution vulnerabilities against AI models and the proliferation of rogue AI applications designed to harvest user data while masquerading as legitimate tools. A particularly concerning trend involves AI-generated code from tools like ChatGPT and GitHub Copilot introducing vulnerabilities into the software supply chain, with estimates suggesting 40% of vulnerabilities this year may be linked to improperly written AI-generated code. The panelists also address the emergence of autonomous hacking tools that leverage AI APIs to compile malicious code on the fly, eliminating the need for traditional command-and-control infrastructure.

Insider Threats and Data Security Posture Management

The conversation shifts to insider threats, particularly in the context of workforce mobility and economic pressures. With millennials averaging job changes every two years, organizations face increased risk of data exfiltration during employee transitions. The panelists emphasize that while many organizations have strong provisioning and deprovisioning processes, few can definitively answer what data a departing employee accessed during their tenure. This visibility gap underscores the growing importance of data security posture management and the need to extend zero trust principles to the data layer, not just applications and networks.

Balancing Prevention and Detection Strategies

The panel concludes with a strategic discussion on whether organizations should prioritize protection or detection. While one perspective favors shifting left with comprehensive data inventory and classification before applying controls, the counterargument emphasizes that AI-driven and insider threats cannot be addressed through signature-based detection alone—behavioral profiling becomes essential. The consensus view rejects the binary framing entirely: organizations must pursue both strategies simultaneously, recognizing that even zero-trust environments can be compromised by insiders, as demonstrated by high-profile classified data breaches. The key is implementing compensating detective controls for activities that prevention cannot stop.

Chapters

0:00 - Introduction and Panel Welcome
2:00 - Personal Deepfake Experiences
4:36 - Nation-State Deepfake Interview Attack
17:16 - Future of Deepfake Detection
19:43 - AI as New Attack Vector
21:25 - Deepfake Risk and MFA Strategies
33:57 - Insider Threats and Data Visibility
35:45 - Protect vs Detect Strategy Debate
38:44 - Autonomous AI Hacking Tools
39:32 - Closing Remarks

Key Quotes

4:36 "I was a nation state actor from the Asia Pacific region. They targeted an organization and they embedded an employee in the interview process. And that potential employee pretended to be someone else throughout that entire interview process."
5:55 "I've always thought about deepfake phishing emails. I always thought about deepfake videos that might change the mind of the populace, but not something as persistent as having seven rounds of virtual interviews and maintaining this deepfake persona the entire time."
19:57 "AI is a new attack surface. We've seen remote code execution against AI models. Another thing that we've seen is like rogue AI apps."
20:54 "I think I saw somewhere that there have been maybe 40% of allergies this year that was associated with an improperly written code that was associated perhaps with chat GPT or GitHub Copilot or Amazon Co-Whisperer."
38:54 "There was actually a POC developed by a blue team or defense team that developed a polymorphic AI that basically, upon execution, rather than reaching out to a command and control server for someone to utilize, you can actually reach out to a chat GBT or open AI API and just compile that code on the fly."
38:06 "Even a zero-trust network is compromisable by an insider. Look at the text-share outbreaks. Like this guy got into the most secure facilities in the world, a SCIF, where they process classified data."

FAQ

How can organizations verify employee identity when deepfakes can fool video interviews?

The panel suggests implementing real-world multi-factor authentication for high-stakes interactions, similar to ride-sharing PIN verification. For sensitive discussions involving financial transactions or critical decisions, organizations should require additional verification methods beyond video presence. Behavioral analysis and monitoring for anomalous access patterns after onboarding also serve as compensating controls.

Should security teams prioritize prevention or detection against AI-powered threats?

The panel consensus is that both are essential and neither alone is sufficient. Prevention through data classification, access controls, and zero trust architecture should be the foundation, but organizations must assume these controls will eventually fail. Detection through behavioral profiling and anomaly detection provides the compensating control needed to identify threats that bypass preventive measures, particularly for insider threats and AI-driven attacks that don't match traditional signatures.

What makes AI-generated code a security risk in the software supply chain?

AI coding assistants like ChatGPT, GitHub Copilot, and Amazon CodeWhisperer may generate code with security vulnerabilities that developers then reuse without adequate scrutiny. The panel cites estimates that 40% of vulnerabilities this year may be linked to such improperly written AI-generated code. The risk is compounded when this code is replicated across multiple projects without security review.


Categories:
  • » Webinar Library » Varonis
  • » Cybersecurity » Data Security
  • » Cybersecurity » Zero Trust
  • » Data Protection
Channels:
News:
Events:
Tags:
  • AI & Machine Learning
  • Threat Intelligence
  • Data Privacy
  • Security Operations
  • Zero Trust
  • Panel
  • Technical Deep Dive
  • deepfake attacks
  • AI-powered social engineering
  • nation-state threats
  • insider threat detection
  • AI attack surface
  • software supply chain security
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: Varonis: 2025 Cybersecurity Threat Predictions: AI, Deepfakes & Cloud

              Upcoming Webinar Calendar

              • 07/14/2026
                01:00 PM
                07/14/2026
                Crafting a Championship-Worthy Security Team for Unmatched Defense
                https://www.truthinit.com/index.php/channel/2025/crafting-a-championship-worthy-security-team-for-unmatched-defense/
              • 07/14/2026
                02:00 PM
                07/14/2026
                Understanding the Crucial Role of Context in Safeguarding AI-Accessible Data
                https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-safeguarding-ai-accessible-data/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Insights and Strategies for Effective Data Privacy and Protection
                https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-for-effective-data-privacy-and-protection/
              • 07/22/2026
                01:00 PM
                07/22/2026
                Insights from Attackers During the FIFA World Cup: A HUMAN Dialogue
                https://www.truthinit.com/index.php/channel/2029/insights-from-attackers-during-the-fifa-world-cup-a-human-dialogue/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 07/29/2026
                12:00 PM
                07/29/2026
                Unified Data Security in Action: Uncover, Analyze, and Resolve Threats
                https://www.truthinit.com/index.php/channel/2045/unified-data-security-in-action-uncover-analyze-and-resolve-threats/
              • 07/29/2026
                01:00 PM
                07/29/2026
                Ask Your Cloud Anything: Unlocking Governance Silos in your Environments
                https://www.truthinit.com/index.php/channel/2048/ask-your-cloud-anything-unlocking-governance-silos-in-your-environments/
              • 08/19/2026
                12:00 PM
                08/19/2026
                Becoming Agent Ready: Insights from Cyera's Expertise
                https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jul
                14

                Crafting a Championship-Worthy Security Team for Unmatched Defense

                07/14/202601:00 PM ET
                • Jul
                  14

                  Understanding the Crucial Role of Context in Safeguarding AI-Accessible Data

                  07/14/202602:00 PM ET
                  • Jul
                    21

                    Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

                    07/21/202604:00 AM ET
                    • Jul
                      22

                      Insights and Strategies for Effective Data Privacy and Protection

                      07/22/202606:30 AM ET
                      • Jul
                        22

                        Insights from Attackers During the FIFA World Cup: A HUMAN Dialogue

                        07/22/202601:00 PM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version