HAVE you ever watched a video that looked and sounded real, only to discover it had been manipulated using artificial intelligence (AI)? If so, you have most likely encountered a deepfake: videos, audio recordings or images that are often unrecognizable as having been digitally altered using AI to present a fake event. As AI algorithms and technology rapidly advance, deepfakes are becoming deliberately pervasive, posing threats to individuals and businesses. Imagine seeing your face plastered onto another person's body, a recording that mimics your chief executive officer's (CEO) voice, or a video about your business sharing controversial information. Deepfakes can happen to anyone. The World Economic Forum's Global Risks Report 2024 identified misinformation and disinformation as the top global risk in the next two years. Since AI no longer requires specialized skills to operate and is accessible to almost anyone, this has led to an outburst of false information and synthetic content. Deepfakes represent a serious and escalating threat. For businesses, the potential impacts include financial loss, stock price manipulation, reputational damage and legal consequences. The stakes are high and the cyberthreats are real. Businesses must take proactive steps to safeguard their businesses and their people. One of the most common deepfake-related threats is the robocall scam. You receive a call from an unknown number. You answer but there's no response from the other end. What you may not realize, however, is that your voice and voice patterns are being recorded — enough audio captured can create a convincing mimicry of your voice. Your synthesized voice can then be used in malicious ways, from fraudulent phone calls to falsifying consent in business transactions. It is important to think twice whenever you answer a call. Are you expecting a call from an unsaved number? Do you need to answer the call? And while detection tools are essential in identifying deepfakes, businesses must be also cautious with their use — they may also be used to harvest sensitive information. The use of third-party AI imaging apps on social media, such as those where you voluntarily submit a photo of your face to generate AI images, can also be used as a source for future deepfakes. If you continue to utilize these apps, it may put you and your businesses at risk. You must always ensure that your detection tools are official, certified and regularly updated.Additionally, refrain from uploading your photos and personal information for the sake of amusement without considering the potential consequences. Cybersecurity awareness should be an ongoing process. At P&A Grant Thornton, we use a system called Vigil@nt to keep training our people, especially since we are in the professional services firm. Regardless of what industry, this is an imperative. The training includes recognizing phishing emails, understanding the importance of strong authentication processes and consulting with experts on what to do when incidents happen or are about to happen. A people-focused cybersecurity strategy is key to strengthening the business and maintaining a positive outlook for the future. In times of crisis, like a CEO or a board member being a victim of a deepfake or false information, an outdated crisis management plan that does not consider how to deal with the issue can aggravate the situation. It is crucial to keep crisis management plans updated at all times, especially as new threats like deepfakes emerge and technology continues to adapt and evolve. This responsibility does not lie solely with the cybersecurity or IT team — everyone has a shared responsibility. Human resources must address staff concerns, marketing and communications should manage public messaging and every team member must remain vigilant yet alert. People are often the weakest link in information security. It is time to change that narrative by making people the strongest line of defense. If you notice something suspicious, whether it's a phishing email, a strange phone call or unusual activity, you must report it immediately to the IT department or your immediate manager. Collective vigilance can make all the difference in preventing an attack. The threat of deepfakes is already here and growing. It is time to take our awareness of cybersecurity seriously, especially since we are integrating our lives digitally. By staying vigilant and proactive, businesses and individuals alike can protect themselves from the potentially devastating consequences. Stay informed, stay secure and always be on the lookout for the next wave of cyberthreats. Leonard Duque is the chief information officer and technology services group head at P&A Grant Thornton. One of the leading audit, tax, advisory and outsourcing firms in the Philippines, P&A Grant Thornton is composed of 29 partners and 1,500 staff members. We'd like to hear from you! Connect with us on LinkedIn and like us on Facebook at P&A Grant Thornton and email your comments to pagrantthornton@ph.gt.com. For more information, visit our website at www.grantthornton.com.ph.
Disclaimer : Mymoneytimes implements extreme caution and care in collecting data before publication. Mymoneytimes does not liable for the adequacy, accuracy or completeness of any given information. Hence we are not liable for any kind of direct or indirect loss caused by the use of such information.