A finance employee joined a video call with his CFO and colleagues. $25 million were lost to scammers. He recognized every face. He heard familiar voices. He approved a $25 million wire transfer.
The problem? None of the people on the call were real. They were AI-generated deepfakes.
This week, the European Commission published its Code of Practice on Transparency of AI-Generated Content, reinforcing how organizations should identify, label, and manage AI-generated content under the EU AI Act: https://ec.europa.eu/newsroom/dae/redirection/document/129555
Why this matters?
AI is rapidly eroding one of the most important controls in cybersecurity: Trust.
For years, security focused on protecting systems. Deepfakes and Synthetic Identities now target people. A cloned voice bypasses suspicion. A synthetic face bypasses instinct. A familiar identity bypasses judgment.
These are some of the actions every organization should take now:
- Verify high-risk requests through a separate trusted channel
- Require independent approval for sensitive actions
- Train employees on deepfake-enabled fraud scenario
- Leverage standards such as ISO 42001 to Govern, Manage, and Control AI responsibly across its lifecycle.
But there’s a deeper challenge emerging: How do you securely adopt AI without losing control over identity, trust, and governance?
That’s where organizations are struggling today.
At TeKnowledge, we help enterprises safely adopt AI by strengthening:
- AI security and governance aligned with the EU AI Act and ISO 42001
- Identity and access controls to resist synthetic identity attacks
- Detection and response capabilities for AI-driven fraud
- Awareness and resilience programs for leadership and SOC teams
So organizations can innovate with AI without exposing themselves to its new attack surface.
How is your organization adapting identity and trust controls in the age of AI-generated content?
