2026-05-08 –, IFEN room 2, Workshops and AI Security Village (Building D)
Every day, millions of data points about YOU, whether public, leaked, scraped, or sold, quietly feed into a largely legal ecosystem of personal information. For modern threat actors, Artificial Intelligence (AI) is no longer just a buzzword; it is a tool used to weaponize this data at scale against both individuals and their organisations. What once required a non-trivial skillset in OSINT and social engineering can now be executed by anyone with a prompt and a scraped data set (or worse, an autonomous team of AI agents).
This talk explores the intersection of privacy and offensive security, demonstrating how exposed personal information is harvested and amplified by AI to create highly convincing phishing, deepfake scams, and automated fraud. We will break down how your digital footprint becomes an attack surface and build a defensive strategy to counter it.
We will focus on helping individuals and security leaders identify the human exposure, human attack surface, and cyber risk. We will tie this into Cyber Threat Intelligence (CTI), with actionable techniques for the individual and the SOC alike. We’ll discuss practical tips to deal with exposure, limit data leakage, spot AI-driven targeting and explore actionable privacy practices, such as email masking, and ways to operationalize techniques and services to exercise your GDPR right to be forgotten. Attendees will leave with a clear understanding of the emerging threat landscape and the defensive techniques to remove or reduce the "fuel" attackers use in order for individuals and organizations to protect themselves.
Glen Sorensen is a Recovering CISO/vCISO-Type and is presently a Solutions Engineer with DeleteMe. He has worn numerous hats in his career, in areas such as security engineering and architecture, security operations, GRC, and leadership, including leading the security program for a credit union and for smaller organizations in a fractional role. He currently focuses on how exposed information and OSINT are weaponized in conjunction with AI toward social engineering attacks, and how that factors into greater enterprise cyber risk.
Glen approaches problems with practical solutions that bring good business value and has worked across many sectors, including financial services, healthcare, manufacturing, and others. He has served as a consulting expert in a large legal case involving healthcare and cyber attack detection technology. He has been in IT and security for 20+ years, depending on how much misspent youth you count. He is a privacy geek and a sucker for a good tabletop exercise, and also serves as an Incident Master for HackBack Gaming, which puts his countless hours of roleplaying game experience to work teaching people about cybersecurity and incident response.