Categories
Podcast Transcripts

AI Cybersecurity Threats: Complete Security Playbook

Transcript of Aakash and Jack Hirsch’s conversation.

Check out the conversation on Apple, Spotify, YouTube, and Substack.

Here’s the transcript:

Introduction: The Rising Threat of AI-Powered Cyberattacks (00:00:00)

Aakash: Okta has been making huge waves. You guys probably get one of the best views into what is happening in cybersecurity out there. What are the wildest AI cybersecurity threats you’ve seen?

Jack: The DPRK is basically planting workers into many of the organizations that you might be familiar with, going through full interview loops, virtual backgrounds, ship laptops, and then there are inside threats.

Yeah, there’s another one around help desk scenarios. People calling in saying, I need to reset my password. I no longer have access to my corporate email. And then suddenly you’ve got someone that’s come in through a help desk. But ultimately it all comes down to the human element, which is always the weakest link.

Aakash: Some reports are saying cybersecurity threats are up 40% compared to last year. AI is really enabling these hackers to do more.

Jack: Yes, I think 40% is probably a low estimate. Identity actually has become the primary threat vector. Before it was devices, networks, now they’re going after the identity.

I wrote myself a little phishing kit based on the Okta SDKs. That’s when I realized if we’re not careful, the wheels are going to come off the bus.

Aakash: Okta is one of the world’s largest cybersecurity companies with a market cap of $15 billion. Jack Hirsch is the product leader behind it. He leads all of Okta’s core products, including their AI products.

Today, we’re going to break down what you need to know about AI cybersecurity threats, how to secure yourself against them, and how to build products in this AI age. If you’re somebody who’s building AI products or building products, there’s going to be something for you.

Jack, welcome to the podcast.

Jack: Thanks for having me. Great to be here.


The Current AI Cybersecurity Landscape (00:01:59)

Aakash: You guys probably get one of the best views into what is happening in cybersecurity out there. What are the wildest AI cybersecurity threats you have seen?

Jack: That’s a great place to start. I will say that the threat landscape has changed quite a bit in the past few years. I think just jumping straight to the wildest, the DPRK is basically planting workers into many of the organizations that you might be familiar with.

What they’re doing is going through full interview loops. They will have virtual backgrounds. They will be using AI interview tools. They will get onboarded. They will mail their devices to device farms somewhere in whatever country, whether it be the United States, places in Europe, places where they receive laptops and they’ll ship them over to DPRK. And then there are inside threats inside.

There’s another one that’s also just as fun, not quite as nefarious, but really needs focus around help desk. So things like MFA resets. People calling in saying, hi, I’m Aakash. I need to reset my password. Can you just go ahead and reset my password? Oh, I don’t have access to my corporate email address anymore. Sign me in, reset my MFA, reset my password and then suddenly you’ve got someone that’s come in through a help desk.

Oftentimes those get really sophisticated. They will impersonate voices. They will go in via Slack. There’ll be threat actors that move laterally and again use all the tools in the AI toolkit. We’re all talking about voice generation for generating small clips of video. There are some really sophisticated threat vectors when you’re combining all these audio and video generation tools, voice changers, et cetera.

But ultimately it all comes down to, often it comes down to the human element, which is always the weakest link. So exciting times in the world of cybersecurity.

Aakash: I think some reports are saying that this year cybersecurity threats are up 40% compared to last year. So it seems like AI is really enabling these hackers to do more.

Jack: Yes, I think 40% is probably a low estimate by what we’re seeing at Okta. But I will say that one of the things that is most interesting for us at Okta is that identity is actually becoming, has become over the past few years, the primary threat vector.

So before it was devices, networks, and people who are attacking systems. Poor coding practices. Now they’re going after the identity, whether that be the physical identity in DPRK cases or digital identities. So identity really is the center of modern cybersecurity. Very interesting times, exciting times to be at Okta, exciting times to be working in identity security.


The Moment Everything Changed (00:05:03)

Aakash: So what was the first moment you realized AI is going to change security forever?

Jack: I pulled up a vibe coding tool. That’s not one of the big ones. It was one of the early movers. And I wrote myself a little phishing kit based on the Okta SDKs. So look like Okta, felt like Okta.

And since then, we actually just published a report that sure enough, threat actors have figured this out themselves. But that’s when I realized, if we’re not careful, the wheels are going to come off the bus.

Aakash: Because the vibe coding tools are crazy good at replicating any design.

Jack: Absolutely. I mean, especially when the designs themselves, they’re SDKs. They don’t necessarily have to be that good. You just pick a domain name that’s one or two letters off of what your target is. You assume they’re using insert your identity provider, insert your SSO provider, grab those SDKs and start building. And then it’s all about finding your targets and doing the last mile of social engineering to get there. But it’s pretty wild out there.

Aakash: Being an employee is like scarier than ever. Like those little phishing tests that companies send you, they could just easily catch you now.


Why Traditional Cybersecurity Can’t Stop AI Attacks (00:06:28)

Aakash: Why can’t traditional cybersecurity stop AI attacks?

Jack: The reality is traditional cybersecurity typically focuses on defense in depth strategy. There’s some combination of device security, network security, and of course, identity security.

Identity used to be considered like an IT thing. Like, oh, it’s SSO, it’s MFA. The IT folks will take care of that. It is very much a security game as of the past five, 10 years.

The thing that needs to change is that we need to start thinking about identity as the final frontier and the first frontier in terms of stopping cyber threats. So I think that’s probably the biggest thing to keep in mind.


How AI Agents Change the Security Equation (00:07:13)

Aakash: How do AI agents change the security equation?

Jack: AI agents change the security equation in a couple of different ways. One is they present a threat vector in and of themselves and their capabilities. But I think more interestingly and sort of more nefariously and kind of flying under the radar is that we’re deploying AI agents en masse in every single modern organization.

And we’re not thinking about them as identities that we need to manage that are being granted access to critical resources inside of the organization.

And so it was just a couple months ago, the CISO, Chief Information Security Officer of JPMorgan Chase, put out an open letter to the SaaS ecosystem, basically calling out SaaS vendors for not taking this seriously. And there was a hint that AI agents were just making this worse.

This idea that we’re collapsing authentication and authorization, we’re taking these AI agents, we’re bringing them into our corporate boundaries, we’re giving them unfettered access to our customer data, our user data, and frankly, with little control, little visibility, little oversight, little security.

That is probably the most clear and present danger today. There’s obviously external AI agent threats to modern organizations, but I think the real scariest thing is the fact that security teams and IT teams don’t want to be hindering their organization’s adoption of AI tools, so they have to let them in. The business always wins and security is always playing catch up, frankly.


Underrated AI Security Threats (00:08:59)

Aakash: AI agents and MCP, I feel like people have been at least talking about security in the circles I come to. What are the underrated things? What are the security threats that nobody is talking about within AI that they should be?

Jack: Well, I think as context windows are getting bigger and bigger, you can just slurp in an entire API surface and look for various combinations of access patterns and look to go in.

What used to be the hard way used to be someone had to be very, very smart, keep a lot of context in their head, understand how different access functions at an API surface fundamentally function. And then now you can just jam that all in an LLM, tell it that you want in, tell the agent to go and they will go.

If you think about how APIs get built at large organizations and API security, there are dozens, hundreds of teams that are building various bits and pieces of API surface. How often are they actually cross-checking different access patterns across those teams? Everyone is so siloed. AI is not siloed. AI will take it all in. AI will find the vulnerabilities and we’ll go after them very, very easily.

You do not have to be a sophisticated actor to go after those. So especially a lot of the vibe coded tools that are out there on the market, I would recommend you build some sort of red teaming concept LLM and turn it loose on whatever application you’re vibe coding, especially if you’re bringing any sort of sensitive information into it.

Aakash: I like that. So is the state of the art then to basically train an LLM to red team against you and act as that agent so that you can follow those threat vectors?

Jack: I mean, I don’t know about state of the art necessarily, but I feel like I would be remiss if I didn’t recommend people do that. I mean, you think about a really robust software development lifecycle. You’re definitely having security review things before they go out the door.

If you don’t have a security team, what are you going to do? We all talk about having these AI board of advisors. Well think about your software development life cycle. Who are the personas that you want involved in that life cycle? You might have a legal review, but you definitely want a security review. And so training an LLM to review the code that you’re publishing…

There’s so many stories about some vibe coded app getting hacked. And frankly, much of that could have been dealt with if you just would have thought adversarially for a beat before you pushed it out.

Aakash: So as you’re pushing these things out, add that adversarial beat in just like you would have if you weren’t vibe coding it.


The Most Dangerous AI Threat Vectors (00:12:12)

Aakash: So there’s so many other AI threat vectors we haven’t even talked about yet, right? AI generated identities, deepfakes, synthetic fraud. What are these are the most dangerous and why?

Jack: Deep fakes are very, very dangerous. I think on a human level, I think we’re seeing, I saw Pennsylvania state Senator, I think speaking about how his physical identity was compromised because of a deep fake.

People are, and this is pretty common. I mean, not pretty common, but I think this has made out of the sort of technosphere and into the general news cycle where you’ll have, I think the person in question I’m thinking about, their son had some YouTube recordings up, and so they scraped the son’s YouTube, grabbed a bunch of their audio, faked their audio, called their dad, who happened to be a Pennsylvania state senator, and basically said hey I’m in jail, help me get out, I need money.

And it was a real-time conversation that they had with their son. So I think those things when you extrapolate them out into the software world, if I were a help desk representative and I got a call from the CEO, I might reset the CEO’s password if the CEO called me and said, hey, I need you to reset my password. I’m locked out. That’s a really easy way into an organization, unfortunately.

And so in security circles, locking down those critical access flows from support desks, that’s also a major area of focus.


Okta’s AI Threat Detection System (00:14:14)

Aakash: So hopefully people got the picture. AI, cybersecurity. If you haven’t been hearing about it on the news yet, you should be because it’s a serious issue. You guys are at the center of this all. You need to secure your own systems from these types of crazy attacks that you’ve just been talking about. What is your own AI threat detection system? Walk us through it.

Jack: So actually, I’ll maybe take this in two angles. One is the same threat vectors of credential stuffing, like push bombing MFA. So basically sending MFA pushes through some phishing site over and over and over again until a user relents and just says, like, we need to guard against that.

And so at Okta, we have bot detection, fraud detection built into the standard auth flows. And that’s evolved quite a bit. It’s taking in a bunch of new signal types. But that is sort of business as usual, I would say. It’s just evolving with the times.

The second part, which I think is actually more interesting, frankly, is the assumption now that identities are effectively compromised. Everyone’s identity is compromised. I think the stat that I last saw was somewhere between two and four billion credentials and session tokens and cookies were stolen just in the past year.

And I think that was just from the fortune 1000 alone. So if you think about this, the front door is wide open. So you need to ready your defenses. We used to say in an enterprise context oh it’s all about SSO and MFA and securing the point of access. Well we’ve all had that experience where you’re MFAing over and over and over again. It’s exhausting.

That’s exhausting. And then over time, over those mission critical systems, if you’re in a finance system, they might force you to re-auth every few hours or once a day, it’s exhausting. So how do you maintain that session security over time? Because that session security naturally degrades over time. You create the session, you cut the cookie, create the token, just by the very fact that that thing exists out in the wild means that there’s more likelihood that someone’s going to compromise that.

And so a huge area of focus for us at Okta has been how do we maintain session security over time while keeping the user experience as good or better than pushing MFA all the time.

We’ve taken an approach of an open ecosystem approach using open standards like shared signals framework, which is effectively security vendors will share risk signals with each other. So for example, CrowdStrike or Zscaler or Palo Alto networks will share risk signal on behalf of Aakash and say like, hey, your identity may have been compromised, but CrowdStrike may have detected it. So what remediations can we take on the identity side to be complementary to device or network security?

And so I think how we do that in a seamless way, that’s been really exciting. So maintaining that session security over time and as an end user, I think we don’t think about it because ideally the ideal experience is you’re not MFAing all the time, you’re just seeing continuous access and what’s happening in the background is we’re continuously re-verifying all of the signal that we have about you. Has your device posture changed? Has your network environment changed? Have you immediately magically traveled around the world to Azerbaijan in one step? And did we recognize that? We have first party detections? Did a third party recognize that? And how we orchestrate remediation around the security ecosystem, that’s been probably the second area of focus and I think that’s new as of the past couple years.


Personal Security: Protecting Yourself from AI Cybersecurity Threats (01:26:45)

Aakash: I want to circle back to our topic right at the beginning. As we’ve told people, AI cybersecurity attacks, they’re crazy, and they’re going to continue to get more and more sophisticated. We walked through the playbook companies must have. Let’s end on the personal angle. Let’s say my identity gets breached tomorrow by some AI cybersecurity threat. What’s the one thing I can do to save myself?

Jack: Number one, so your physical identity, your social security number, your credit score, all of that is very easy to breach, like trivial to breach. Lock your security reports. Like, it’s so easy. Just go to the major credit bureaus, TransUnion, Equifax, just go to them. There’s online flows. They’ll try to get you to pay for them. You don’t have to pay. Go lock your credit reports.

That means that anytime someone tries to open a checking account in your name, a credit card, sign up for a phone, file an insurance claim, or sign up for insurance, file an insurance claim against your current insurance, all of that stuff, effectively gets blocked while your credit report is frozen.

So I think your physical identity is this horrible vestige that we need to be securing. So I think that is number one. And it can be absolutely ruinous if you have had this happen to you. I have actually had my physical identity compromised when I was buying a house. So I had to unlock my credit report. There was paper that I got, mail stolen. I hadn’t locked. I didn’t know that I had mail stolen. And then I found out that people had used, someone had used my social security number.

So locking your credit report is number one. Then there’s digital security. So I think physical security, so easy to breach. Lock it down. Digital security. Goodness gracious, please, please, please, please use a password manager. Use strong passwords. Use different passwords for every site. Use passkeys.

If you haven’t used a passkey, it’s magical. Pass keys, actually we can get into why they’re so magical and why they’re so awesome and why they’re so secure. You’re not using a password. You are just using a biometric, some sort of biometric marker for yourself. And that’s a multi-factor in and of itself because you’re using a possession factor and an inheritance factor. Your possession of your device and something that is inherent to you like your fingerprint or your face ID.

So password manager, pass keys, please. And then last one, last bonus, lock your phone number. So oftentimes you will get, you know, probably if you don’t use a super modern bank, you’ll get MFA codes via SMS. SMS is really easy to breach.

And so make sure that your phone number is locked with your provider. So I can speak confidently in the United States. Every single phone provider gives you the option to give you some sort of a pin code or secondary security lock that makes it so that you can’t steal the phone number and transfer it to another third party SIM.

So stealing someone’s effectively, their phone number means that if they do happen to get your password, your MFA is compromised. So SMS is a really bad second factor, it turns out. So it’s not phishing resistant.

And so I would say that’s probably good. So physical identity with your credit reports, use a password manager, use pass keys. That’s probably a great start.

Aakash: This was a masterclass, not just in security, but building AI products, using AI to build products. Thank you so much, Jack.

Jack: Thanks for having me.

Aakash: All right. Bye everybody.

By Aakash Gupta

15 years in PM | From PM to VP of Product | Ex-Google, Fortnite, Affirm, Apollo

Leave your thoughts