In this episode of our BryghtCast edition of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser and Consultant Bray Wheeler take a look at three current risks and upcoming events:

Hong Kong’s protests evolve into a general strike on Monday

India revokes the special status of Kashmir

Iran seizes yet another oil tanker in Gulf, warns of increase in nuclear tech, and the US & UK team up on maritime task force

Episode Transcript

Bryan Strawser: Hello, and welcome to the Managing Uncertainty Podcast. This is Brian Strawser, principal and CEO here at Bryghtpath.

Bray Wheeler: Hi, this is Bray Wheeler, Consultant at Bryghtpath.

Bryan Strawser: This is our BryghtCast edition of the Managing Uncertainty Podcast, where we break down two or three interesting developments around the world and talk about what that may or could mean for the private sector and other organizations. This week we’re going to start off by talking yet again about developments in the city of Hong Kong.

Bray Wheeler: Again.

Bryan Strawser: Hong Kong, the special administrative region of China, continues to have disruption. We’ve now evolved, today, we’re recording this podcast on Monday, August 5th, today there was a general strike in Hong Kong that paralyzed transportation networks during rush hour, forced the cancellation of hundreds of flights, and shut down scores of business and restaurants after another chaotic weekend of protest across several parts of the city.

Bryan Strawser: It’s interesting now that this is evolving from protest to a general strike, which I think portends a much more difficult path for the Hong Kong government, and the Chinese government for that matter, and the demonstrators are getting more savvy. They’re using tactics deliberately to outsmart the police. They’re using lasers and lights in order to disrupt facial recognition. That was one example.

Bray Wheeler: That was a big concern here kind of over the last week that they were afraid they weren’t going to be able to make much more progress in terms of the protest based on the fact that China was going to use this facial recognition to start rounding folks up.

Bryan Strawser: Identify people. Yeah. Yeah. It looks like tens of thousands of people participated in the protest including airline pilots, airline crews, baggage handlers, bus drivers, financial planners and others who declined to show up to work. In fact, transportation networks, the train system, primarily, train and bus system across Hong Kong, which is normally quite efficient in the financial hub, were suspended or delayed, including the airport express train that links downtown Hong Kong to the airport. More than 200 flights were delayed or canceled at Hong Kong’s International Airport.

Bryan Strawser: The protests have now been going on since June, and I think they’ve solidified now on kind of what their demands are. Of course, they’

In this episode of our BryghtCast edition of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser and Consultant Bray Wheeler take a look at three current risks and upcoming events:

* Hong Kong’s protests evolve into a general strike on Monday

* India revokes the special status of Kashmir

* Iran seizes yet another oil tanker in Gulf, warns of increase in nuclear tech, and the US & UK team up on maritime task force

Episode Transcript

Bryan Strawser: Hello, and welcome to the Managing Uncertainty Podcast. This is Brian Strawser, principal and CEO here at Bryghtpath.

Bray Wheeler: Hi, this is Bray Wheeler, Consultant at Bryghtpath.

Bryan Strawser: This is our BryghtCast edition of the Managing Uncertainty Podcast, where we break down two or three interesting developments around the world and talk about what that may or could mean for the private sector and other organizations. This week we’re going to start off by talking yet again about developments in the city of Hong Kong.

Bray Wheeler: Again.

Bryan Strawser: Hong Kong, the special administrative region of China, continues to have disruption. We’ve now evolved, today, we’re recording this podcast on Monday, August 5th, today there was a general strike in Hong Kong that paralyzed transportation networks during rush hour, forced the cancellation of hundreds of flights, and shut down scores of business and restaurants after another chaotic weekend of protest across several parts of the city.

Bryan Strawser: It’s interesting now that this is evolving from protest to a general strike, which I think portends a much more difficult path for the Hong Kong government, and the Chinese government for that matter, and the demonstrators are getting more savvy. They’re using tactics deliberately to outsmart the police. They’re using lasers and lights in order to disrupt facial recognition. That was one example.

Bray Wheeler: That was a big concern here kind of over the last week that they were afraid they weren’t going to be able to make much more progress in terms of the protest based on the fact that China was going to use this facial recognition to start rounding folks up.

Bryan Strawser: Identify people. Yeah. Yeah. It looks like tens of thousands of people participated in the protest including airline pilots, airline crews, baggage handlers, bus drivers, financial planners and others who declined to show up to work. In fact, transportation networks, the train system, primarily, train and bus system across Hong Kong, which is normally quite efficient in the financial hub, were suspended or delayed, including the airport express train that links downtown Hong Kong to the airport. More than 200 flights were delayed or canceled at Hong Kong’s International Airport.

Bryan Strawser: The protests have now been going on since June, and I think they’ve solidified now on kind of what their demands are. Of course, they’re demanding the complete withdrawal of the current suspended bill that started this, the bill that allowed extradition to mainland China for trial of individuals that were arrested in Hong Kong. They want the resignation of Hong Kong’s chief executive, they want an independent investigation of the police, and they want the protestors that have been arrested and charged with crimes, fake crimes, as they’re describing them, to be freed or the charges dropped,

We’ve talked on several previous episodes about the need for a single, defined crisis management framework in an organization.

In Episode #59 of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser and Consultant Bray Wheeler go deeper into this need – and talk about the need to integrate all of an organization’s various incident management processes into a single unified crisis management framework.

Relevant previous episodes about the Crisis Management Framework:

#1 – Shouldn’t we have a plan for alien invasion?

#23 – Crisis Management is not a pickup game

Other Resources

Journal Article:  From crisis prone to crisis prepared: a framework for crisis management (1993)

Journal Article: Crisis management: an extended reference framework for decision-makers (2013)

Episode Transcript

Bryan Strawser: Hello and welcome to the Managing Uncertainty podcast. This is Bryan Strawser, principal and CEO here at Bryghtpath.

Bray Wheeler: Hi, this is Bray Wheeler, consultant at Bryghtpath.

Bryan Strawser: And today we’re going to be talking about having a single, unified crisis management framework. And I guess I’ll sum the problem up because Bray and I were talking about this on the ride back from lunch today as we were struggling to figure out what to talk about on the podcast. And one of the things that we hit on is that we often see the issue in organizations that organically, for all the reasons that seem like the right reason at the time, a lot of companies wind up having siloed incident and crisis management processes that are totally rooted in the kind of problem that a single organization and the company has to deal with.

Bray Wheeler: Yes.

Bryan Strawser: And, over time they come to realize that they need other teams involved in that process. So what happens is, and I’m just going to pick on my two favorite people to pick on, physical security or corporate security and information security or cybersecurity, that they probably have in most companies, separate incident management processes, and then almost are definitely going to have separate crisis management processes. And generally, they won’t have a crisis management framework.

Bray Wheeler: Most likely.

Bryan Strawser: And let’s say that both things happen in the same week. So the physical security, the corporate security team is dealing with a homicide, the cybersecurity team is dealing with some type of data breach. They’re probably sending out two different communications that are not coordinated, that have different templates, that have different people at the table to make decisions, maybe not the right people, and not everyone is being informed in a consistent manner. And at the top of that food chain is a CEO who is getting one set of comms from here about one incident and a different set of comms from here about a different incident, and says the infamous WTF, w

We’ve talked on several previous episodes about the need for a single, defined crisis management framework in an organization.

In Episode #59 of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser and Consultant Bray Wheeler go deeper into this need – and talk about the need to integrate all of an organization’s various incident management processes into a single unified crisis management framework.

Relevant previous episodes:

* #1 – Shouldn’t we have a plan for alien invasion?

* #23 – Crisis Management is not a pickup game

Episode Transcript

Bryan Strawser: Hello and welcome to the Managing Uncertainty podcast. This is Bryan Strawser, principal and CEO here at Bryghtpath.

Bray Wheeler: Hi, this is Bray Wheeler, consultant at Bryghtpath.

Bryan Strawser: And today we’re going to be talking about having a single, unified crisis management framework. And I guess I’ll sum the problem up because Bray and I were talking about this on the ride back from lunch today as we were struggling to figure out what to talk about on the podcast. And one of the things that we hit on is that we often see the issue in organizations that organically, for all the reasons that seem like the right reason at the time, a lot of companies wind up having siloed incident and crisis management processes that are totally rooted in the kind of problem that a single organization and the company has to deal with.

Bray Wheeler: Yes.

Bryan Strawser: And, over time they come to realize that they need other teams involved in that process. So what happens is, and I’m just going to pick on my two favorite people to pick on, physical security or corporate security and information security or cybersecurity, that they probably have in most companies, separate incident management processes, and then almost are definitely going to have separate crisis management processes.

Bray Wheeler: Most likely.

Bryan Strawser: And let’s say that both things happen in the same week. So the physical security, the corporate security team is dealing with a homicide, the cybersecurity team is dealing with some type of data breach. They’re probably sending out two different communications that are not coordinated, that have different templates, that have different people at the table to make decisions, maybe not the right people, and not everyone is being informed in a consistent manner. And at the top of that food chain is a CEO who is getting one set of comms from here about one incident and a different set of comms from here about a different incident, and says the infamous WTF, what’s going on here?

Bray Wheeler: Yep. They look different.

Bryan Strawser: They look different.

Bray Wheeler: They talk differently. They’re using different language.

Bryan Strawser: Maybe one informed me and maybe one didn’t.

Bray Wheeler: Asking me things or not asking me things.

Bryan Strawser: And I don’t know, what’s my role supposed to be?

Bray Wheeler: Yep.

Bryan Strawser: You can’t see me because I’m raising my arms up in the like, “What?”

Bray Wheeler: He’s gesticulating.

Bryan Strawser: What? What’s going on? So, how do we solve this problem? What do we want companies to do?

Bray Wheeler: I think the big thing is, it’s not inherently bad to have different response systems to, as we’re picking on physical security and ...

In this episode of our BryghtCast edition of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser and Consultant Bray Wheeler take a look at three current risks and upcoming events:

China’s plan to conduct military exercises off the coast of Taiwan

China’s rare public statement on Hong Kong

The shooting at the Gilroy Garlic Festival and what it means for major event planning & physical security strategy

Episode Transcript

Bryan Strawser: Hello and welcome to the Managing Uncertainty podcast. This is our BryghtCast edition for the week of July 29th, 2019.

Bryan Strawser: This is Bryan Strawser, Principal and CEO here at Bryghtpath. With me is-

Bray Wheeler: Bray Wheeler, Consultant with Bryghtpath.

Bryan Strawser: As a reminder, the Bryghtcast episode is where we take a few recent events in the news and talk about their connectivity to the private sector and issues that organizations may want to be prepared with.

Bryan Strawser: We’re going to start with an announcement this morning that China’s military is holding exercises this week in waters off the coast of Taiwan. This was announced by China’s Maritime Safety Agency and came just days after the government in Beijing reiterated that it was ready to fight if there was any move towards independence for the self-ruled island of Taiwan. Of course, to the Chinese, they often refer to it as the wayward province of Chinese Taipei, which is how Taiwan is referred to in international terms at conferences and such, where both countries are present.

Bryan Strawser: China claims that it is stepping up military drills in recent years, including even flying what Beijing calls Island Encirclement Exercises, and sending warships into surround international waters.

Bryan Strawser: Bray, what does this mean for companies that operate in Taiwan?

Bray Wheeler: Well, it certainly means that Taiwan is back in the news.

Bryan Strawser: Yeah, it’s been a while.

Bray Wheeler: For China, it’s been a bit quiet. Hong Kong has dominated a lot of the discussion as it relates to China, as well as some of the trade stuff, so Taiwan has been a bit under the radar here, at least for the last month or two.

Bray Wheeler: Really, for companies that are in Taiwan, probably not anything direct or immediate, however, the fact those exercises are going on, [South] China Sea is still a thing that’s important. We have other activity in other important straits within the Maritime world. The fact that these are happening definitely could impact, could disrupt, could delay Maritime shipping, commerce in those areas should these escalate, be prolonged, or something happens, an accident or whatnot.

Bryan Strawser: Taiwan had its own military exercises in May, both air, land, and sea. Or, I guess that’s all three, not both. They vowed to defend themselves against China’s growing threat to their independence.

Bryan Strawser: China also has reiterated that it would be ready

In this episode of our BryghtCast edition of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser and Consultant Bray Wheeler take a look at three current risks and upcoming events:

* China’s plan to conduct military exercises off the coast of Taiwan

* China’s rare public statement on Hong Kong

* The shooting at the Gilroy Garlic Festival and what it means for major event planning & physical security strategy

Episode Transcript

Bryan Strawser: Hello and welcome to the Managing Uncertainty podcast. This is our BryghtCast edition for the week of July 29th, 2019.

Bryan Strawser: This is Bryan Strawser, Principal and CEO here at Bryghtpath. With me is-

Bray Wheeler: Bray Wheeler, Consultant with Bryghtpath.

Bryan Strawser: As a reminder, the Bryghtcast episode is where we take a few recent events in the news and talk about their connectivity to the private sector and issues that organizations may want to be prepared with.

Bryan Strawser: We’re going to start with an announcement this morning that China’s military is holding exercises this week in waters off the coast of Taiwan. This was announced by China’s Maritime Safety Agency and came just days after the government in Beijing reiterated that it was ready to fight if there was any move towards independence for the self-ruled island of Taiwan. Of course, to the Chinese, they often refer to it as the wayward province of Chinese Taipei, which is how Taiwan is referred to in international terms at conferences and such, where both countries are present.

Bryan Strawser: China claims that it is stepping up military drills in recent years, including even flying what Beijing calls Island Encirclement Exercises, and sending warships into surround international waters.

Bryan Strawser: Bray, what does this mean for companies that operate in Taiwan?

Bray Wheeler: Well, it certainly means that Taiwan is back in the news.

Bryan Strawser: Yeah, it’s been a while.

Bray Wheeler: For China, it’s been a bit quiet. Hong Kong has dominated a lot of the discussion as it relates to China, as well as some of the trade stuff, so Taiwan has been a bit under the radar here, at least for the last month or two.

Bray Wheeler: Really, for companies that are in Taiwan, probably not anything direct or immediate, however, the fact those exercises are going on, [South] China Sea is still a thing that’s important. We have other activity in other important straits within the Maritime world. The fact that these are happening definitely could impact, could disrupt, could delay Maritime shipping, commerce in those areas should these escalate, be prolonged, or something happens, an accident or whatnot.

Bryan Strawser: Taiwan had its own military exercises in May, both air, land, and sea. Or, I guess that’s all three, not both. They vowed to defend themselves against China’s growing threat to their independence.

Bryan Strawser: China also has reiterated that it would be ready to go to war against those who try to split Taiwan from the country, and accused the United States of undermining global stability and denouncing our arms sales to the island.

Bryan Strawser: Taiwan primarily uses US equipment.

Bray Wheeler: It does.

Bryan Strawser: That’s purchased from us.

Bray Wheeler: It does.

Bryan Strawser: Or, purchased from our companies.

Bryan Strawser: I was at the Aspen Security Forum two weeks ago,

In this episode of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser takes a look at using physical security penetration testing order to improve and mature the physical security of a facility or organization.

Topics discussed include physical security penetration, red teaming, authorizations, tools, techniques, and more!

In addition to this episode, this article from our blog providing an overview of Physical Security Penetration Testing may also be valuable.

Episode Transcript

Bryan Strawser: Hello, and welcome back to the Managing Uncertainty Podcast. This is Bryan Strawser, principal and CEO at Bryghtpath, and I’ll be solo on today’s episode where we’re going to be talking about physical security penetration testing or red teaming, and I want to give a little bit of background as we get into this topic.

What we’re really talking about here is understanding the physical security vulnerabilities of a facility or an organization kind of writ large, looking at multiple facilities. As we think about how to protect locations like this, a lot of security breaches, even information security breaches, occur when attackers take advantage of some type of physical security deficiency or vulnerability that lets them gain unauthorized access. This is really common with disgruntled ex-employees or sophisticated crime rings or some other nefarious entities who will employ sophisticated attack techniques and methods to exploit those vulnerabilities, those deficiencies, to gain unauthorized access to a company’s assets and facilities.

Bryan Strawser: Once they’ve breached into that trusted environment, they can then steal hard assets, so physical objects, cash, other remittance capabilities. They can take intellectual property, they can install equipment that acts as an advanced persistent threat in a physical sense, and it can otherwise cause serious disruption to your organization. When we think about the physical security of a facility, we often don’t always realize the misconceptions that might be in place. For example, large manufacturing and distribution organizations, facilities rather, often have fencing, and on that fencing, they may install surveillance equipment, CCTV or something similar, but if that feed is not monitored and those alerts are not reacted to, then it is very easily and quickly able … You’re very quickly and easily able to penetrate that facility because what you have instead is a record of what has happened rather than a tool that has helped you keep the bad guy out of your facility.

Bryan Strawser: A lot of organizations, it’s astonishing, but many organizations are just not aware of the blatant flaws in their physical security approach until something happens.

Bryan Strawser: So that’s what we want to talk about today is how physical security penetration testing can help you detect vulnerabilities in your security systems and your approach to defense in depth from a physical standpoint and how we’re able to use physical security penetration to test and probe that.

Bryan Strawser: So the objective of physical security penetration testing is to assess the ability of current physical security controls to prevent penetration by bad actors and then t

In this episode of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser takes a look at using physical security penetration testing order to improve and mature the physical security of a facility or organization.

Topics discussed include physical security penetration, red teaming, authorizations, tools, techniques, and more!

In addition to this episode, this article from our blog providing an overview of Physical Security Penetration Testing may also be valuable.

Episode Transcript

Bryan Strawser: Hello, and welcome back to the Managing Uncertainty Podcast. This is Bryan Strawser, principal and CEO at Bryghtpath, and I’ll be solo on today’s episode where we’re going to be talking about physical security penetration testing or red teaming, and I want to give a little bit of background as we get into this topic.

What we’re really talking about here is understanding the physical security vulnerabilities of a facility or an organization kind of writ large, looking at multiple facilities. As we think about how to protect locations like this, a lot of security breaches, even information security breaches, occur when attackers take advantage of some type of physical security deficiency or vulnerability that lets them gain unauthorized access. This is really common with disgruntled ex-employees or sophisticated crime rings or some other nefarious entities who will employ sophisticated attack techniques and methods to exploit those vulnerabilities, those deficiencies, to gain unauthorized access to a company’s assets and facilities.

Bryan Strawser: Once they’ve breached into that trusted environment, they can then steal hard assets, so physical objects, cash, other remittance capabilities. They can take intellectual property, they can install equipment that acts as an advanced persistent threat in a physical sense, and it can otherwise cause serious disruption to your organization. When we think about the physical security of a facility, we often don’t always realize the misconceptions that might be in place. For example, large manufacturing and distribution organizations, facilities rather, often have fencing, and on that fencing, they may install surveillance equipment, CCTV or something similar, but if that feed is not monitored and those alerts are not reacted to, then it is very easily and quickly able … You’re very quickly and easily able to penetrate that facility because what you have instead is a record of what has happened rather than a tool that has helped you keep the bad guy out of your facility.

Bryan Strawser: A lot of organizations, it’s astonishing, but many organizations are just not aware of the blatant flaws in their physical security approach until something happens.

Bryan Strawser: So that’s what we want to talk about today is how physical security penetration testing can help you detect vulnerabilities in your security systems and your approach to defense in depth from a physical standpoint and how we’re able to use physical security penetration to test and probe that.

Bryan Strawser: So the objective of physical security penetration testing is to assess the ability of current physical security controls to prevent penetration by bad actors and then testing those controls to determine their efficacy, how well do they work. We do this by this red team concept of using trained and experienced individuals who know how to infiltrate secure environments, employing the kinds of tactics and techniques that accomplished attackers use. So what we’re doing here is you’re having red team members, which could be a consulting organization like ours or it could be an internal red team who real...

In this episode of our BryghtCast edition of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser and Consultant Bray Wheeler take a look at three current risks and upcoming events:

Audio Deepfakes:  Axios reveals recent information released by Symantec where audio deepfakes were used to swindle money out of large organizations.

Iran’s seizure of a UK Tanker in Gulf as a major escalation between Iran and Western Powers

Boris Johnson wins the race to be Tory Leader and becomes UK Prime Minister

 

Episode Transcript

Bryan Strawser: Welcome back to the Managing Uncertainty podcast. This is Bryan Strawser, Principal and CEO at Bryghtpath. And with me today is the one and only Bray Wheeler.

Bray Wheeler: Good morning.

Bryan Strawser: This is our Bryghtpath episode for the Week of July 22nd. We did not have episodes last week due to some travel and poor planning on our part, but we’re back now in that we’re back in our usual rhythm of two episodes a week – the Bryghtcast episode focused on current events and what they mean for your business, and a deeper dive episode, which will come out later this week.

Bryan Strawser: So we’re going to start by talking about an article that was in Axios’s newsletter on July 19th in an article by Jennifer Kingson about the coming deep fake threat to business. I’m just gonna read the opening paragraph and then tie this back to something I heard last week at a conference that I was at.

Bryan Strawser: So from the article, “In the first signs of a mounting threat, criminals are starting to use deep fakes, starting with artificial intelligence and generated audio to impersonate CEOs and steal millions of dollars from companies which are largely unprepared to combat them. Why does this matter? Nightmare scenarios abound as deep fakes grow more sophisticated. A convincing forgery could send a company’s stock plummeting or soaring, extract money, or ruin its reputation in a viral instance. For example, imagine a convincing fake video or audio clip of Tesla CEO Elon Musk disclosing a massive defect the day before a big Tesla launch. The company’s share price would crumble. For all the talk about deep fake videos, it’s deep fake audio that has emerged as the first real threat to the private sector.”

Bryan Strawser: The article goes on to describe an incident that Symantec identified, and last week I was at the Aspen Security Forum at the Aspen Institute in Aspen, Colorado. One of semantics lead security architects described the scenario that’s highlighted in the article that they saw. They have seen three successful deep fake audio attacks on businesses, and not small businesses, big business. In each of these, a company’s CEO called a senior financial officer to request an urgent money transfer except it wasn’t the CEO. It was deep fake audio generated by sampling the CEO’s voice from earnings calls, investor presentations, interviews on the news.

In this episode of our BryghtCast edition of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser and Consultant Bray Wheeler take a look at three current risks and upcoming events:

* Audio Deepfakes:  Axios reveals recent information released by Symantec where audio deepfakes were used to swindle money out of large organizations.

* Iran’s seizure of a UK Tanker in Gulf as a major escalation between Iran and Western Powers

* Boris Johnson wins the race to be Tory Leader and becomes UK Prime Minister

 

Episode Transcript

Bryan Strawser: Welcome back to the Managing Uncertainty podcast. This is Bryan Strawser, Principal and CEO at Bryghtpath. And with me today is the one and only Bray Wheeler.

Bray Wheeler: Good morning.

Bryan Strawser: This is our Bryghtpath episode for the Week of July 22nd. We did not have episodes last week due to some travel and poor planning on our part, but we’re back now in that we’re back in our usual rhythm of two episodes a week – the Bryghtcast episode focused on current events and what they mean for your business, and a deeper dive episode, which will come out later this week.

Bryan Strawser: So we’re going to start by talking about an article that was in Axios’s newsletter on July 19th in an article by Jennifer Kingson about the coming deep fake threat to business. I’m just gonna read the opening paragraph and then tie this back to something I heard last week at a conference that I was at.

Bryan Strawser: So from the article, “In the first signs of a mounting threat, criminals are starting to use deep fakes, starting with artificial intelligence and generated audio to impersonate CEOs and steal millions of dollars from companies which are largely unprepared to combat them. Why does this matter? Nightmare scenarios abound as deep fakes grow more sophisticated. A convincing forgery could send a company’s stock plummeting or soaring, extract money, or ruin its reputation in a viral instance. For example, imagine a convincing fake video or audio clip of Tesla CEO Elon Musk disclosing a massive defect the day before a big Tesla launch. The company’s share price would crumble. For all the talk about deep fake videos, it’s deep fake audio that has emerged as the first real threat to the private sector.”

Bryan Strawser: The article goes on to describe an incident that Symantec identified, and last week I was at the Aspen Security Forum at the Aspen Institute in Aspen, Colorado. One of semantics lead security architects described the scenario that’s highlighted in the article that they saw. They have seen three successful deep fake audio attacks on businesses, and not small businesses, big business. In each of these, a company’s CEO called a senior financial officer to request an urgent money transfer except it wasn’t the CEO. It was deep fake audio generated by sampling the CEO’s voice from earnings calls, investor presentations, interviews on the news.

Bray Wheeler: Even TED Talks they were saying, too, right?

Bryan Strawser: TED Talks. That’s right.

Bray Wheeler: YouTube videos. Anything.

Bryan Strawser: Anything you think about the number of times that a Fortune 500 CEO is on audio or video somewhere where that video could be extracted and then reassembled using AI machine learning.