2024-04-20 –, Track 2
Companies who are not prepared for the evolving technology and capabilities of deepfakes risk compromising their security, IP, and corporate funds as threat actors expose a vulnerability in security practices. According to Business Insider, the employee of a Hong Kong multinational company recently remitted the equivalent of about $25.6 million — but it turned out to be a deepfake, according to local police. Deepfake social engineering has already occurred in multiple cases leading to CEO dismissals and embarrassment for the company. With the upcoming 2024 election, experts are expecting usage of deepfake technology to increase exponentially. Threat actors will undoubtedly gain access to this technology at lower and lower cost, making the threat to businesses even more prevalent.
In this talk, we will outline the ways companies can ensure they do not fall victim to these types of attacks by implementing low or no tech strategies including training and awareness, but also a process of “trust but verify” to ensure procedures are in place which prevent employees from taking unilateral action based on a deepfake interaction. Ironically, this incredibly advanced AI threat can be defeated with a no-technology solution.
Nick Gicinto is an executive security leader and veteran of the Central Intelligence Agency (CIA), Tesla, and Uber as an insider threat, intelligence and security specialist. He is currently the CISO and Professor of Practice in Cybersecurity at William Jewell College.
Nick was recruited into the CIA and spent 10 years in the Agency amassing five promotions and 14 exceptional performance awards as an Operations Officer. His role as an OO was to collect foreign intelligence to brief senior U.S. policymakers, including use in the U.S. President’s Daily Briefing. During his CIA tenure, Nick focused on state-actor level threats and worked both counterintelligence and counterterrorism operations in the U.S. and abroad.
After leaving the CIA, Nick joined Uber’s Threat Operations team helping the company build a global intelligence capability in 40+ countries designed to keep Uber’s riders and drivers safe in addition to investigating leaks of intellectual property. He was recruited by Tesla to build the Global Security Response team, focusing on insider threat and investigations into leaked/stolen intellectual property. GSR’s investigations lead to multiple civil lawsuits vs. competitors and former employees, as well as law enforcement referrals and convictions.
Nick later moved to RiskIQ (now a Microsoft portfolio company) as a Vice President to build the Incident, Investigation, and Intelligence (i3) team, RiskIQ’s managed intelligence services (MIS) capability tied to its cybersecurity SAAS product. After growing the team to close to 40 members, Nick joined Chainlink Lab’s as the VP of Security Intelligence, helping the web3 company develop its world class security program from scratch.
Nick has formed two security consulting LLCs, one which he uses to provide security training for Christian missionaries, and another which he integrated into another security company where he served as Executive Vice President until joining William Jewell College. He also serves as an Adjunct Professor of Cybersecurity in SET University's Masters in Cybersecurity program, located in Ukraine.
Nick holds a BA in Political Science from William Jewell College, and a MS in Defense & Strategic Studies from Missouri State University.