Innovative Protection Against a New Era of Threats: Highlights from The Convergence of AI + Cybersecurity, Season 3

Season 3 of The Convergence of AI + Cybersecurity has come to a close! In chapters 7-9, we delved into some of the most pressing topics shaping the future of cybersecurity—from the dangers of deepfakes to the evolving role of AI in SOCs and the importance of transparency in AI decision-making.

Attendees got the chance to learn from AI ethics pioneers, machine learning experts, and seasoned security leaders about the real-world applications and challenges of AI in cybersecurity.

From understanding how deepfake technology is being weaponized in cyberattacks, to exploring the ways AI is enhancing SOC efficiency, to breaking down the "black box" of AI systems—this season offered invaluable insights for those looking to stay ahead of emerging cyber threats.

If you missed any of the sessions, no worries! Below are key takeaways from each webinar. You can also watch each of the webinars (along with chapters 1-6) in our Resource Center.

Deepfakes are redefining the future of cybercrime, and the risks are real.

In Chapter 7, Abnormal CISO Mike Britton and cybersecurity expert Tyler Cohen Wood explored the alarming rise of deepfakes and how this technology is being weaponized for cyberattacks.

The webinar emphasized that deepfake technology has evolved rapidly since its early days. It now poses significant risks in spear phishing and business email compromise (BEC) attacks, with attackers using audio or video deepfakes to impersonate executives or trusted individuals. Tyler walked through just how easy it is to create realistic audio deepfakes using publicly available tools, showing a simple example of using AI to replicate her voice for fraudulent purposes. Tyler and Mike discussed how these sophisticated scams are already being used in real-world attacks, including a $35 million fraud case in the UAE where deepfake audio impersonated a bank director.

As we move into an era where seeing is no longer believing, organizations need to prepare for a future where deepfakes will play a central role in cybercrime.

Key Takeaways:

• Deepfakes are becoming more sophisticated and are being weaponized to enhance social engineering attacks like BEC and spear phishing.

• Verifying identity through non-digital methods (e.g., a phone call) is critical to ensure authenticity and avoid deepfakes.

• Companies should implement security policies, like using unique code words, to mitigate risks and detect deepfake fraud.

"AI is very good at doing analysis, but it's also very good at changing someone's photo or video. And it's pretty scary right now because these people are very good at what they do…The best way to fight AI is with AI. These threats are sophisticated, and we have to use technology to counter them effectively."
—Tyler Cohen Wood

"Attackers are leveraging technology that used to require expensive infrastructure and expertise. Now, anyone can sign up for a trial, load a video, and create a deepfake in minutes…Just like with traditional social engineering, this adds that extra layer of credibility. It’s not just an email anymore—it’s a voice or video that sounds or looks real, and that’s what makes them so dangerous."
—Mike Britton

AI is undeniably impacting the SOC. But one question remains: is AI elevating it or eliminating it?

In this session, Abnormal Field CISO Mick Leach and Dave Kennedy, founder of Binary Defense and TrustedSec, discussed the future of SOC operations in an AI-driven world.

These seasoned SOC experts explored how AI is enhancing human intelligence and helping SOC teams manage the increasing volume of sophisticated threats. Rather than replacing SOC analysts, AI is acting as a force multiplier—filtering out the noise, reducing false positives, and enabling faster, more accurate threat detection by processing massive amounts of data and identifying anomalies in real-time. By augmenting their capabilities, AI reduces the need for SOC analysts to sift through irrelevant alerts and allows them to focus on more sophisticated threats.

Chapter 8 emphasized that AI isn’t here to take jobs away from SOC teams, but rather to help them handle increasingly sophisticated attacks at a larger scale, which would be impossible to manage with traditional methods.

Key Takeaways:

• AI enhances SOC efficiency by reducing false positives and allowing analysts to focus on real threats.

• AI-driven automation is essential for detecting new, more complex attacks at scale and handling the increased volume of alerts.

• SOC teams will need AI to continue operating effectively in a rapidly evolving cyber environment.

“The exponential growth of AI is allowing us to analyze data in ways we never thought possible…What’s critical now is leveraging AI to help analysts focus on what really matters. It's not about replacing humans; it's about amplifying their ability to handle the ever-growing volume and sophistication of attacks.”
—Dave Kennedy

"AI is truly a rising tide. It's elevating every part of the security team—from the blue team in the SOC to the red team in penetration testing. The more we integrate AI, the more it's becoming a force multiplier across the board…AI isn’t going to replace SOC analysts, but people who know how to use AI effectively will be the ones in demand. The key is learning how to partner with AI to make faster, better decisions."
—Mick Leach

AI is transforming the way we defend against cyber threats—which makes understanding the systems behind it absolutely crucial.

In Chapter 9, Abnormal’s Head of Machine Learning, Dr. Dan Shiebler, and AI ethics pioneer Dr. Rumman Chowdhury broke down the "black box" of AI decision-making in cybersecurity.

Dr. Shiebler discussed Abnormal’s efforts to improve transparency by decomposing AI decisions into more interpretable parts, which allows security teams to understand why a system flagged something as malicious. Dr. Chowdhury emphasized the importance of understanding the ethical implications of AI and building models that not only make accurate decisions but are also explainable. She also delved into red teaming, a method of stress-testing AI systems to identify vulnerabilities, and emphasized the need for continuous evaluation and refinement to prevent AI from being exploited.

This session underscored the fact that while AI is powerful, human expertise is still essential to guiding, interpreting, and fine-tuning AI models and ensuring they operate ethically and effectively.

Key Takeaways:

• Implementing interpretable AI models allows security teams to better understand why specific actions or threats are flagged, which in turn enhances trust in the system.

• Ethical considerations and transparency are paramount in AI-driven cybersecurity to ensure trust and effectiveness.

• As cyber threats increase in complexity and volume, scalable AI systems that are both transparent and robust will be key to future-proofing cybersecurity strategies.

“We need to understand AI’s role not just in isolation but in the broader context of how humans interact with these systems…It’s not enough to think about AI as a technical solution. We need to ensure human agency in the decision-making process and build systems that keep people in the loop…AI isn't going to replace human decision-making. What it's going to do is augment and scale our ability to respond to increasingly sophisticated threats.”
—Dr. Rumman Chowdhury

“The challenge in cybersecurity isn’t just detecting threats, but detecting new threats that don’t follow known patterns. AI is giving us the tools to shift from reactive defenses to proactive protection…The future of cybersecurity lies in the integration of AI to handle scale, but also in making sure those AI systems are transparent and accountable to the people using them.”
—Dr. Dan Shiebler

This recap provides just a glimpse into the in-depth insights shared throughout Season 3. Each chapter offers a wealth of knowledge on how AI is reshaping both cyberattacks and defenses, as well as practical guidance on leveraging AI to stay ahead of emerging threats.

If you’re looking to dive deeper, all nine chapters of The Convergence of AI + Cybersecurity series are available on demand, with each session eligible for ISC2 credits. Stay tuned for even more discussions on the evolving role of AI in cybersecurity in future seasons!