Defending Against Deepfakes with Identity-First Security

Deepfake technology is now a frontline threat, enabling impersonation attacks that can bypass traditional defenses and manipulate trust. From executive impersonation to fraudulent account access, AI-generated media is a growing vector for identity fraud and social engineering. To stay ahead, organizations must integrate digital identity, verification, and risk-aware authentication into their security posture. Strengthening identity-first security is essential to restoring digital trust and mitigating deepfake threats.

CISOs in our Dallas Community gathered recently for a Town Hall to discuss the growing challenge of deepfakes and their impact on identity and trust, as well as strategies for integrating digital identity and risk-aware authentication. Loren Russon, Senior Vice President of Product & Technology at Ping Identity, moderated the discussion. Gartner Dallas CISO Community Members Jon Murphy, CISO at American Campus Communities, Eric Puleo, CISO at Commercial Metals, and Rick Velasquez, CISO at Paradigm, led the peer discussion groups.

Russon set the stage for the discussion, citing a Ping Identity survey of 700 security leaders, which revealed that only 52% feel fully confident in their ability to detect deepfakes. He noted that organizations are facing increasingly sophisticated and organized cyber attacks, driven by new forms of deception. Artificial intelligence is powering a new strain of malware, making it harder than ever to determine whether you are interacting with a real person or a convincing fake.

These threats are not limited to a single area; they impact employees, vendors, third parties and customer interactions. Deepfakes can be injected into video calls to deceive remote parties, leading to bait-and-switch employment applications, executive impersonation, privileged access abuse, partner onboarding fraud, contractor screening challenges, and customer-facing scams.  Russon’s introduction highlighted how organizations must address these vulnerabilities across every facet of their operations.

Here are three highlights from the Town Hall discussion:

1. Primary Risks of Deepfakes for CISOs

CISOs discussed that one of the main risks of deepfakes is financial exposure. Their organizations are vulnerable to financial losses if their processes are not mature enough to detect and prevent deepfakes. An additional threat is the “single point of failure,” as one security leader noted, meaning that if any critical process is compromised by a deepfake, it creates a significant vulnerability.

Security leaders also shared that processes involving third parties are especially at risk, as external partners may lack robust defenses against deepfakes. Fake job applications are also increasing, according to Russon. He shared a statistic from one study that showed up to 25% of applicants may be fraudulent by 2027, highlighting the scale of the threat.

Overall, CISOs agreed that deepfakes undermine traditional trust assumptions, making this a business problem that requires process and policy solutions, not just technological fixes.
 

1. Practical Takeaways for Defending Against Deepfakes

CISOs shared ideas with their peers in the discussion groups, including how to leverage both old and new technologies to defend against deepfakes. Some security leaders recommended adopting multi-modal verification, using things like biometrics, voice recognition, and other methods to verify identity. Others have developed secure, offline methods, such as safe words, or created trusted groups for sensitive communications. They recognized the potential to combine traditional verification methods with modern tools.

CISOs also said that it is necessary to update internal processes, ensure human governance and enhance training for employees. Several security leaders suggested that deepfake awareness training had to be engaging and effective, “not mundane, where associates are just checking a box,” as one CISO noted. They also said training should be provided to all associates, help desk staff and executives. A few CISOs mentioned reviewing their hiring practices or implementing new processes, such as requiring applicants to use separate systems for verification.

They agreed that defense against deepfakes required a combination of updated processes, layered verification techniques and leadership involvement.
 

1. Leveraging Identity-First Security

Security leaders discussed how identity-first security centers on leveraging existing resources and identity attributes within their ecosystems to create a comprehensive view of user and network behavior. Instead of focusing solely on access controls, it emphasizes decision-making anchored in variable identity and contextual risk. As one CISO said, “At its essence, this is about decision making, not merely the technicalities of granting access or taking an action.” 

CISOs agreed that internal processes must evolve, including things like implementing rigorous checks for sensitive actions like wire transfers, creating heightened watch lists for new or high-risk employees, and flagging unusual requests from remote workers. Security leaders could use conditional access controls based on risk and context. As one CISO pointed out, many of the suggestions are “low friction, but high engagement tactics.”

Ultimately, protecting against deepfakes requires a balanced approach that includes technology and organizational culture. By embracing identity-first security strategies, organizations can restore trust and move toward a future of verified trust, in which every access, action, and interaction is confidently authenticated.

To collaborate with your CISO peers on identity and access management and other security issues, apply to join a CISO community. If you are already a community member, sign in to the app to find upcoming opportunities to connect with your peers.