GRC Viewpoint

Governments are incapable of preventing deepfakes – so executives must double their investment in verification systems to protect against them, says cybersecurity expert

IN BULLETS 

  • Michael Marcotte, previous Global CIO, Global CDO and President (Hughes Cloud Services) at EchoStar, the multi-billion-dollar satellite communications company, is calling on executives to double their investment in developing proactive deepfake verification systems
  • A recent open lettersigned by leading entrepreneurs and academics calls for stronger government legislation to ‘disrupt the deepfake supply chain’
  • Marcotte, current CEO of artius.iD, a digital ID and authentication firm, and co-founder of the National Cybersecurity Intelligence Center (NCC), is arguing that faith in governments is misplaced
  • Instead, corporates need to double their investments in developing proactive deepfake verification systems like biometric signatures, detection AI and forensic media tools, making them more widespread and accessible

FULL RELEASE  

March 19 2023, Washington D.C. – Michael Marcotte, previous Global CIO, Global CDO and President (Hughes Cloud Services) at EchoStar, the multi-billion-dollar satellite communications company, is calling on executives to double their investment in developing proactive deepfake verification systems like biometric signatures, detection AI and forensic media tools.

This intervention comes in the wake of the recent ‘Disrupting the Deepfake Supply Chain’ open letter signed by leading entrepreneurs, politicians and scientists such as Steven Pinker, US politician Andrew Yang and the ‘godfather’ of AI, Yoshua Bengio (Reuters). FBI Director Christopher Wray has also warned recently at the Munich cybersecurity conference that the upcoming US election will be more at risk from generative AI-enabled threats (The Record).

Michael Marcotte, current CEO of artius.iD, a digital ID and authentication firm, and co-founder of the National Cybersecurity Intelligence Center (NCC) is arguing that, although the aims are commendable, the letter is a kneejerk reaction and blind faith in the ability of governments is not a viable solution to the problem.

Marcotte said: “Deepfakes should be on everyone’s radar right now. This year over half of the world’s population will head to the ballot box and deepfakes have the potential to distort and disrupt democracy at a time when it is, in many places, already in a fragile position.

“Within that context, the aims of this letter are admirable – we need action now in order to safeguard democratic society. But the letter places its hope in the willingness and capability of governments to regulate deepfakes out of existence. This is fundamentally misguided for a number of reasons.

“Reactive criminalization has consistently failed to prevent undesirable behaviors – that’s been the case from Prohibition to today. Delegating responsibility to governments also means trusting that all states will police deepfakes to the same extent. In the current state of acute geopolitical tension, trusting the CCP to prevent Chinese hackers from deploying deepfakes in the US is delusional.”

The proliferation of deepfakes has been spurred on by the emergence of easily accessible generative AI tools such as Midjourney. The number of deepfake videos online has been increasing at an estimated annual rate of about 900% (The World Economic Forum).

This has put corporations in the firing line. Deepfakes have become a potent tool to use in corporate fraud, being deployed to gain unauthorized access to sensitive data, financial information, or intellectual property. One finance worker recently paid out $25 million after a video call with a deepfake ‘chief financial officer’ (CNN).

There are also significant reputational risks for senior executives. Regardless of whether they are used to gain access to company assets, deepfake videos of management figures can hurt consumer and investor confidence. These damages could then be used to short stocks and profit from market manipulation (FT). Despite these risks, Kapersky research highlights how 25% of management teams acknowledge that they underfund cybersecurity.

Marcotte continued: “The stakes are too high to rely on the government to deal with the problem. Corporates are the ones with the finances and capabilities to develop proactive deepfake defenses. Executives need to double their investment in these verification systems such as biometric signatures, detection AI and forensic media tools.

“Biometric signatures like facial recognition can be deployed to authenticate the identity of the person in the video. Deepfakes can fool humans, but they may fail to replicate intricate details that can be picked up by facial recognition tools. If this genuine biometric data is stored, it can then be matched up against that in the video, proving the existence of a deepfake.

“AI can also be rolled out to help identify deepfakes. AI systems can be trained to recognize unusual facial movements, inconsistent lighting and shadows, or mismatched audio and lip movements and then flag these. Forensic media tools can examine the metadata embedded in image or video files like timestamps, device information, and editing history. Original content can also be hashed or watermarked to guarantee authenticity.”

“These technologies are not plucked out of science fiction. They are ready to be rolled out today to help combat the threat of deepfakes. Corporations need to step up and double their investment in these systems. They can’t rely on the government to do their jobs for them.

“With proper funding, these technologies will become widespread and accessible, blunting the potency of deepfakes as a tool for corporate fraud and election manipulation. Executives just need to start allocating funding that’s proportional to the grave threat that deepfakes pose to both their own companies and wider society.”

About Michael Marcotte

Michael Marcotte is one of the world’s pre-eminent experts in digital identity, cybersecurity and business intelligence technology. He joined EchoStar, the multi-billion-dollar satellite communications firm in 2006, and was Global CIO, Global CDO and President (Hughes Cloud Services). He was one of the very first people to serve as Chief Digital Officer in a major international corporation. Mike left in 2014 and has applied his expertise at a range of firms in technology, cybersecurity and venture capital. He is also co-founder of the National Cybersecurity Intelligence Center (NCC) and was founder and chairman of the NCC’s Rapid Response Center Board. He has been a senior advisor for several heads of state and US Senators.

Related Articles

Latest Articles