Kaushik Hatti: How Bad Actors are Using AI to Exploit Gaps in Security
A deep-fake 'CTO' instructs an employee to move $25 million into random accounts. Kaushik Hatti discusses security in context of AI
In episode 5 of the "In Security" podcast, our host, Mike Cataffo, delves into the fascinating and ever-evolving landscape of AI and security. The guest for this episode is Kaushik Hatti, the Chief Information Security Officer (CISO) at Pinochle.AI. Together, we explore how bad actors are using AI to exploit vulnerabilities and discuss how security experts can leverage AI to beat bad actors at their own game.
Watch the episode here:
Key Takeaways:
- Social Engineering & Deep Fakes: We unconsciously leave "breadcrumbs" behind on the Internet, including our personal information. Threat actors can exploit this information to launch cyberattacks or commit other crimes.
- Leveraging AI to Prevent AI Risks: AI can be leveraged to reduce risks associated with security breaches and identify possible ways threat actors can exploit vulnerabilities.
- Prevention Against Threat Actors: Implementing a comprehensive strategy can address multiple aspects of threat prevention. This involves improving your technology, increasing awareness on a human front, aligning processes to comply with regulations, and upgrading the entire system holistically.
About Our Guest, Kaushik Hatti
Kaushik Hatti is the CISO at Pinochle.AI. His diverse background spans computational chemistry, machine learning, data science, cybersecurity, and bioinformatics. With a passion for AI and data, Kaushik has rapidly accumulated extensive experience and is driving innovation in his current role. His passion for data, combined with his humble demeanor, has driven his success throughout his career. He was recently recognized in the 2024 BW Security World 40 Under 40 Awards in India.
Exploring How Malicious Actors Utilize AI to Expose and Exploit Security Weaknesses
With a rich background from computational chemistry to cybersecurity, Kaushik brings unique insights into the rapidly evolving landscape of security and AI.
Kaushik shares a real-life example to explain how malicious actors can use AI to exploit security vulnerabilities: a deep-fake 'CTO' instructing an employee to move $25 million into random accounts, showcasing advanced social engineering.
Mike and Kaushik also discuss how social engineering has evolved, with precise delivery becoming more prevalent, and how today’s digital world has made it easier for malicious actors to gather personal information about potential victims and increase the success rate of their malicious campaigns.
To counter these emerging threats, Kaushik emphasizes the importance of awareness and understanding how our information can be used against us. He underscores the necessity of adopting a multi-front approach that includes upgrading technology, raising awareness, and establishing compliance-driven processes. He further suggests that AI can be used to combat AI-induced threats, helping identify plausible ways a threat actor can infiltrate organizations under various conditions. They also explore mobile phone security and the need for continuous monitoring and health checks of apps.
Kaushik stresses that a healthy level of paranoia is beneficial in his role as a CISO and that the core principles of physical and cybersecurity are fundamentally the same.
-
The “In Security” podcast brings you conversations and thoughts on the shifting landscape of security, Governance, Risk, and Compliance (GRC), technology, and beyond. Featuring insights from industry executives and leaders in cybersecurity and GRC, we explore the crucial strategies, trends, and stories shaping our ever-evolving digital world
Subscribe to our newsletter for the latest in Security, GRC and GTM: