Interview Questions for Darren Thomson, Chief Strategist of Cyber Security at CyberCube

Interview Questions for Darren Thomson, Chief Strategist of Cyber Security at CyberCube

In today's digital age, cyber risk presents a significant opportunity for insurers, marking a milestone not seen in over a century. One company at the forefront of this shift is CyberCube, a SaaS technology company born from the world's leading cybersecurity company, Symantec. CyberCube aims to build the leading platform for powering profitable cyber insurance growth.

The cyber threat landscape is a complex and ever-evolving entity, with software supply chains and "single points of failure" posing particular concerns. On the offensive side, cybercriminals are leveraging Generative AI (GenAI) to craft highly persuasive, personalized phishing emails, voice cloning for phone scams (vishing), and Agentic AI for multi-step social engineering campaigns. These techniques significantly boost click-through rates compared to human-written messages.

AI also plays a pivotal role in the ongoing battle against social engineering threats in cybersecurity. However, it is not all doom and gloom. On the defensive side, AI-driven threat detection systems analyze massive datasets in real-time to identify anomalies and indicators of compromise, enabling faster, more accurate threat detection and response at scale. Machine learning models are widely employed to detect novel and evolving threats, allowing cybersecurity teams to anticipate and mitigate attacks before they cause damage.

The insurance industry, which relies heavily on personal data and financial transactions, benefits from AI-powered fraud detection techniques. AI assists insurers by monitoring claims and transactional data in real time to detect anomalies indicative of fraud stemming from social engineering. It also applies behavioral analytics to flag suspicious user interactions and potential insider threats, thereby protecting policyholder data. Enhanced customer verification through AI-driven biometrics or voice recognition further prevents impersonation scams.

However, the power of data and analytics is not fully understood or appreciated by many, including in the insurance industry and enterprises. The cyber risk landscape is evolving rapidly, with emerging threat actor types and attack models. Insurance businesses and enterprises need to invest in research and modelling capabilities to stay abreast of these trends. Multi-disciplinary experts across various fields will play a role in understanding the psychology and motivations behind social engineering approaches.

As society grapples with these challenges, it's clear that a collaborative approach is needed to combat society-impacted cyber threats. Learning from the collaboration within the criminal fraternity, we must work together to develop robust defenses and stay resilient against evolving social engineering attacks.

Role of AI in Social Engineering Threats (Offense Side)

• Cybercriminals leverage Generative AI to craft flawless, persuasive phishing emails with perfect grammar and multi-language support, boosting click-through rates significantly compared to human-written phishing messages (54% vs. 12%).
• AI is used to clone voices for phone scams (vishing) and mimic writing styles for spear phishing, making detection by humans or automated systems much harder.
• Attackers use Agentic AI to autonomously execute multi-step social engineering campaigns, including cross-platform reconnaissance, real-time tailored responses, and creation of synthetic identities to infiltrate target systems, including insider threats.
• Social media scraping and AI chatbots enable highly personalized and scalable attacks tailored to specific individuals or organizations, increasing the likelihood of success.

Role of AI in Combatting Social Engineering in Cybersecurity (Defense Side)

• AI-driven threat detection systems analyze massive datasets (network traffic, endpoint activity, user behavior) in real-time to identify anomalies, abnormal patterns, and indicators of compromise that traditional methods would miss.
• Machine learning models (supervised, unsupervised, and reinforcement learning) are widely employed to detect novel and evolving threats, allowing cybersecurity teams to anticipate and mitigate attacks before they cause damage.
• AI automates routine security tasks, reduces human errors, and allows security teams to focus on investigation and incident response, which is critical given the scale and velocity of social engineering attacks.
• The insurance industry, which relies heavily on personal data and financial transactions, benefits from AI-powered fraud detection techniques to identify suspicious activities and prevent social engineering-based fraud before it affects claims or underwriting processes.

Summary Table

| Role of AI | Description | Example in Social Engineering | |---------------------------|---------------------------------------------------------------------------------------------|---------------------------------------------------| | Offensive (by attackers) | Generative AI for phishing, voice cloning, real-time chat manipulation, synthetic identities | Phishing emails with 54% click-through, voice phishing | | Defensive (by cybersecurity) | AI threat detection via anomaly detection, ML-based prediction, automated defense | Behavioral anomaly detection, fraud spotting in insurance claims |

1. Cybercriminals utilize Generative AI to produce highly convincing, personalized phishing emails with flawless grammar and multi-language support, resulting in significantly higher click-through rates (54%) compared to traditional human-written phishing messages (12%).
2. AI is employed to create voice clones for phone scams (vishing) and mimic writing styles for spear phishing, making detection by humans or automated systems challenging.
3. Attackers use Agentic AI to autonomously execute multi-step social engineering campaigns, including cross-platform reconnaissance, real-time tailored responses, creation of synthetic identities, and infiltration of target systems, including insider threats.
4. Social media scraping and AI chatbots enable highly personalized and scalable attacks targeted at specific individuals or organizations, increasing the likelihood of success.
5. AI-driven threat detection systems analyze massive datasets in real-time to identify anomalies, abnormal patterns, and indicators of compromise that traditional methods would overlook.
6. Machine learning models (supervised, unsupervised, and reinforcement learning) are commonly used to detect novel and evolving threats, enabling proactive anticipation and mitigation of attacks before they cause damage.
7. The insurance industry takes advantage of AI-powered fraud detection techniques to identify suspicious activities, prevent social engineering-based fraud before it impacts claims or underwriting processes, while also applying behavioral analytics to flag potential insider threats and safeguard policyholder data.

Read also: