AI Will Heighten Cybersecurity Risks for RIAs

As technology advances, so do the threats posed by cybercriminals. The wealth management industry in particular is facing amplified risks due to the introduction of generative AI. Steven Ryder, Chief Strategy Officer at Visory, warns that advisors need to be prepared for the new challenges posed by AI in cybersecurity.

Scammers are leveraging generative AI to create sophisticated attacks that target advisors and their clients. These attacks go beyond traditional phishing scams, introducing new threats like deepfakes and malicious chatbots. For instance, hackers can use AI to fine-tune phishing attacks by imitating thousands of scammers simultaneously. They can even use public data and social media information to create highly targeted and convincing attacks that impersonate clients.

One concerning example shared by Lee W. McKnight, an associate professor at Syracuse University, involves receiving a phone call from a client asking to move money. The voice sounds authentic, but it turns out to be an artificial voice generated by scammers who have scraped the client’s personal details. McKnight emphasizes the urgency of addressing these risks, stating that the wealth management industry holds high-value data on high-value targets.

The advent of generative AI also raises concerns about deepfake technology. Attackers can manipulate audio, visual, and video content to impersonate clients, creating deceptive attacks. While the current quality of deepfakes may not match Hollywood standards, the technology is evolving rapidly, making it easier for cybercriminals to deceive advisors and compromise sensitive information.

To protect against these risks, experts recommend adopting a strong defensive posture and implementing privacy-minded practices. This includes using cybersecurity software, employing multi-factor authentication, and leveraging technologies that monitor and detect unusual activity. Advisors should also educate themselves and their clients about phishing threats, be cautious when inputting sensitive data into shared AI platforms, and stay informed about vendors’ data protection policies.

The Securities and Exchange Commission (SEC) has also proposed new rules on cybersecurity, which will require advisors and firms to create policies and procedures for protecting clients’ information and disclosing cyber incidents. These proposed rules highlight the growing recognition of the need for increased oversight and regulatory measures in the face of AI-powered cybersecurity risks.

Stay ahead of the evolving cybersecurity landscape and safeguard your clients and your business from AI-enabled scams. By implementing robust security measures and staying informed about emerging threats, you can navigate the risks posed by generative AI and protect your clients’ trust in your services.

Read the full article here.