Five Key Takeaways from Our Deepfake Defense Event with Dune Security

On October 20th, Reality Defender and Dune Security brought together cybersecurity leaders at Cooley LLP for an evening focused on one of the fastest-growing synthetic media threats facing enterprises. The energy in the room was palpable — from audible gasps during our deepfake detection game to the packed Q&A session that followed, it was clear this topic has moved from theoretical concern to urgent priority for security teams.

Reality Defender CTO Alex Lisle and I joined Dune Security CEO and Co-Founder David DellaPelle and Co-Founder and CTO Michael Waite for a wide-ranging discussion about how deepfakes are reshaping the threat landscape. Our panel quickly evolved into a frank conversation about real attacks happening now — from deepfaked job candidates infiltrating companies to nation-state actors targeting critical infrastructure. The questions from attendees reflected a shift we're seeing across the industry: security leaders aren't asking "if" deepfakes will impact their organizations, but "are we prepared?"

Here are five key insights from the evening that every security leader should consider.

Three Forces Are Accelerating the Deepfake Crisis

Alex opened with a sobering reality check: we've reached an inflection point where deepfake attacks have transitioned from rare, sophisticated operations to commoditized, everyday threats. Three converging forces are accelerating this shift. First, the commoditization of tools and hardware means that tasks which once required expensive GPU clusters can now run on consumer hardware. Second, cybercriminals are using AI to amplify proven social engineering tactics. Third, and most concerning, large language models (LLMs) enable attackers to automate thousands of personalized attacks simultaneously, where only a 1-2% success rate delivers results.

As Alex noted, deepfakes are no longer the payload, but now integrated components of sophisticated attack chains, used for reconnaissance, initial access, and privilege escalation.

Trusted Verification Methods Are Now Attack Vectors

One of the most unsettling revelations from the panel: verification methods we've relied on for years are now vulnerable. Alex shared an example from a large security company that would use Zoom calls with a manager to verify failed biometric authentication. That "foolproof" verification is now an exploitable attack vector.

Seeing is no longer believing, and hearing is no longer believing. Our judicial system records police interviews as evidence. Video conferencing has become the default for remote work authentication. These trust anchors — built into the fabric of how we operate — have been compromised.

Consider the hiring process. One cybersecurity company conducted 10,000 interviews last year. 6,000 were deepfaked. That's not an exception—it's becoming the norm.

Multi-Channel Attacks Are Overwhelming Traditional Defenses

David from Dune Security made a crucial point: attackers aren't just coming through email anymore. They're launching coordinated assaults across every communication channel: encrypted messaging, SMS, voice calls, and video conferencing.

Yet most enterprises have limited or zero visibility into off-channel, encrypted communications. They've successfully locked down the inbox, but attackers have simply moved to channels where detection capabilities are limited or nonexistent.

This is where the concept of distributed threat actors becomes particularly concerning. Groups like Scattered Spider have evolved from loosely organized hackers to well-architected organizations with global footprints, launching attacks with tools that are increasingly accessible and devastatingly effective.

Detection Works, But Only If You Understand the Fundamentals

During the Q&A, someone asked the question on everyone's mind: can detection actually keep up with the pace of innovation in generative AI?

Alex's answer provided some much-needed clarity. Generative AI models aren't designed to perfectly replicate reality; they're designed to fool humans. That's where the detection advantage lies.

Foundational models contain inherent artifacts and patterns that detection systems can identify. These aren't surface-level tells that humans might notice; they're deeper structural signatures in how AI generates content. While a foundational model purpose-built for fraud could theoretically evade detection, the computational cost would be astronomical.

Reality Defender's approach focuses on these fundamental patterns, which is why new models often don't require retraining to detect. The differential between AI-generated content and the "messiness" of the analog world remains exploitable.

Defense Requires Both Detection and Human Resilience

Perhaps the most important takeaway: technology alone isn't enough. Michael from Dune emphasized that enterprises need to fundamentally rethink human risk management beyond checkbox compliance.

The traditional "tick the box" approach — showing employees a 10-minute video once a year — won't cut it against sophisticated deepfake attacks. Organizations need:

• Risk-based training tailored to individual roles and vulnerabilities
• Hands-on experience with deepfake technology (Dune's voice cloning module was a revelation for their internal team)
• Verification protocols that account for the erosion of trust in audio and video
• Adaptive security controls for high-risk users

As Alex put it: training provides the pause, but you need verification to complete the security loop. That's where the partnership between Reality Defender and Dune Security creates true defense-in-depth.

Building Layered Defense Against Synthetic Media

The evening reinforced what we've seen across our customer base: deepfake threats require a coordinated response that addresses both technical detection and human preparedness.

Reality Defender's real-time detection stops synthetic media across multiple modalities via an API-native platform threats before they reach employees — scanning voice calls, video conferences, and digital content across communication channels. Yet even the strongest technical controls are no match for the least secure and/or trained employees.

This is why our partnership with Dune Security creates comprehensive protection for the user layer. While Reality Defender reduces the volume of threats reaching your workforce, Dune identifies which employees are most vulnerable and ensures they're prepared to recognize and respond to the sophisticated attacks that get through.

Synthetic media threats aren't slowing down, but with the right combination of detection technology and human readiness, organizations can stay ahead of them.

Interested in seeing how Reality Defender and Dune Security work together to protect your organization? Request a demo to learn more about our integrated approach to synthetic media defense.