The Human Element: AI, Deepfakes, and the Evolving Threat Landscape with Perry Carpenter

Perry Carpenter, Chief Human Risk Management Strategist at KnowBe4, is a multi-award-winning author, podcaster, and speaker with a lifelong fascination for deception and technology. With over two decades at the forefront of cybersecurity, Perry has explored how cybercriminals exploit human behavior—and how organizations can build resilience against these attacks.

In this episode, Perry shares insights on the dual nature of AI, why deepfakes will soon be undetectable, and how organizations should shift from blaming “the weakest link” to building security culture. His perspective challenges conventional wisdom about security awareness and offers practical strategies for the AI era.

You can read the complete transcript of the episode here >

How did you get into cybersecurity?

Perry’s journey into cybersecurity wasn’t a straight path. As he puts it: “It was not a straight, well-thought-through route. It’s been fumbling my way into the position that I am now.”

His advice for those starting their cybersecurity journey is refreshingly honest: You don’t have to have it figured out at the beginning.

Take the jobs you can get, integrate your interests into whatever role you have, and let opportunities unlock other opportunities. Career development is like an escape room—one small thing unlocks another possibility, which unlocks another.

This perspective offers encouragement to those who feel they need to know everything before entering the field. You can’t figure it all out until you get your hands dirty and embrace a beginner’s mindset.

What does a day look like as Chief Human Risk Management Strategist?

Perry’s role spans multiple domains, making it impossible to describe a typical “day”—you have to look at a week or month instead:

• External evangelism: Media engagement, LinkedIn presence, presentations, and thought leadership
• Research leadership: Leading and contributing to research initiatives using KnowBe4’s unique behavioral security data
• Product development: Translating market trends for internal teams and helping focus products
• Marketing collaboration: Crafting messaging that communicates value, not just features

The “last mile” of Perry’s work is critical: ensuring potential customers understand not just what a product does, but the problems it solves and the value it delivers.

How is AI changing the security landscape?

AI has been around since the 1950s, but the emergence of generative AI in recent years has fundamentally changed the game. The 2017 paper “Attention Is All You Need” from Google DeepMind introduced the transformer model—the backbone of generative AI.

The critical difference: Generative AI can simulate human creativity in ways previous AI couldn’t. It can write, create images, generate video and audio, and do it all in remarkably human-like ways.

This opens a Pandora’s box of both opportunities and dangers:

The Good

• Unlocking creativity: Creators have access to capabilities previously out of reach
• Overcoming writer’s block: No more staring at a blinking cursor
• Rapid prototyping: Generate images, videos, and audio from text descriptions
• Breaking language barriers: Communicate effectively in languages you don’t speak

The Dangerous

• Amplifying scams: Scammers can operate at unprecedented scale and precision
• Deepfakes: Creating convincing fake videos and audio of real people
• Sophisticated phishing: Generating perfectly crafted messages in any language
• Narrative manipulation: Creating compelling false narratives with supporting “evidence”

Perry emphasizes that every tool molds to the hands and intentions of the person who picks it up. A hammer can build a house or tear one down. Fire can warm a home or burn it down. AI is no different.

Does AI introduce new threats or amplify existing ones?

Perry’s perspective is clear: AI doesn’t create fundamentally new threats—it provides new and innovative ways to execute age-old schemes.

Scammers have always been after one of two things:

1. Money: Tricking people into giving up financial resources
2. Minds: Influencing people to believe things or take actions that benefit the scammer

What generative AI changes is the scale and precision:

• Language barriers disappear: Scam someone in a language you’ve never learned
• Perfect targeting: Create diverse content for different population segments
• Emotional precision: Generate the perfect hook for each target’s psychology
• Supporting evidence: Create convincing images, videos, and documents

The fundamental motives remain constant. The execution has become exponentially more sophisticated.

How should organizations defend against deepfakes?

Perry doesn’t advocate for trying to detect deepfakes by looking for visual or auditory anomalies. Why? Because the technology will become perfect.

If a scammer is lazy, you might spot weird fingers or hair artifacts. But if they roll another generation or use slightly better technology, those tells disappear. We’re also already conditioned to deal with compression artifacts and grainy video—our minds wash that out.

Instead, Perry recommends assuming the technology will fool anyone and implementing old-school security controls:

Process-Based Defenses

• Dual-based processes: Require secondary authentication for sensitive actions
• Behavioral analysis: Look for patterns in speech, word choice, and common references
• Verification protocols: Establish ways to authenticate identity beyond appearance and voice
• Workflow gates: Add friction and checkpoints before high-risk actions

Authentication Techniques

• Shared memories: Ask about common experiences only the real person would know
• Secret ingredients: Reference personal details scammers wouldn’t have
• Speech patterns: Listen for unique phrases and terminology, not just voice texture
• Secondary channels: Verify requests through a different communication method

The key principle: If someone can trick you well enough, they shouldn’t be able to click a button and send $25 million.

How can AI augment security operations?

AI offers significant promise for improving security operations, but Perry emphasizes understanding its limitations and different flavors.

When evaluating AI-powered security tools, ask:

• What type of AI is this? Glorified decision trees? Computational algorithms? Generative reports?
• What are the limitations? Where can it hallucinate or make errors?
• What’s the human role? Where does human verification become critical?

The Smart Intern Analogy

Perry likens AI to “a really, really smart intern”—someone with a master’s degree who doesn’t yet know all the intricacies of your business.

A smart person making assumptions can be more dangerous than someone you don’t trust, because they use terminology and inferences that sound plausible. When AI hallucinates, it does so convincingly.

The solution: Always have a human in the loop. Verify factual assertions. Understand that AI can save hours of work, but those hours need to be redirected to verification, not eliminated entirely.

What skills do security professionals need in the AI era?

The most important skill is understanding AI itself—both its capabilities and limitations.

Perry’s key insight: AI won’t replace our jobs. What will replace our jobs is someone who embraces AI and uses it to work at a higher capacity level than someone who shuns it.

Security professionals need to understand AI in two areas:

1. Core technology: How do ChatGPT, Claude, and similar tools work? What are their strengths and weaknesses?
2. Domain integration: How does AI get woven into security products and workflows? What unique opportunities and threats does it bring?

The goal is a “best-of-all-worlds approach” where AI helps humans be better than they are, and humans help AI be better than it would be naturally.

Why do people still fall for scams despite awareness?

The answer is simple but profound: We’re emotion-driven machines.

Cybercriminals prey on emotions like:

• Fear: “Your account will be closed!”
• Authority: “This is your CEO…”
• Curiosity: “You won’t believe what happened…”
• Urgency: “Act now or lose access!”

When these emotions are triggered, we react rather than process. We’re stimulus-response machines, not careful analyzers. Only when something triggers our gut instinct do we slow down and think critically.

Generative AI makes this worse by wrapping emotion in plausible stories with the right images, videos, voices, and language. When emotion is packaged in a narrative that aligns with someone’s worldview or expectations, it becomes even more powerful.

Are humans really the weakest link?

Perry challenges this common security trope with a powerful reframing:

If a scammer has made it through your secure email gateway and landed in front of a human, the email gateway was already weak.

If a human clicking something takes down the organization, then every other security control failed too:

• The email gateway that let the phishing email through
• The application sandbox that didn’t contain the threat
• The endpoint protection that didn’t detect the malware
• The network segmentation that didn’t limit the blast radius

Blaming Bob for clicking a link ignores that you’re paying for multiple security layers that all failed.

Perry’s perspective: Humans aren’t the weakest link—they’re a critical link or critical layer within a security stack. If we’re going to blame end users, we need to be more introspective about why every other control failed.

Moreover, humans are just following design patterns:

• Every link in an email was explicitly made to be clicked
• Every USB drive was made to be plugged in
• The ecosystem is fundamentally insecure—that’s not the human’s problem

How should organizations strengthen the human layer?

Perry advocates for a multi-layered approach that goes beyond traditional training:

1. Traditional Training and Awareness

Establish baseline knowledge and mindsets around security best practices.

2. Simulations and Muscle Memory

Use phishing simulations and other exercises to build behavioral patterns through repetition.

3. Process Controls and Gates

Implement workflows that require secondary authentication for sensitive actions, regardless of whether the human was tricked.

4. Media and Digital Literacy

Teach people how scams work, how emotions are weaponized, and how narratives are manipulated.

5. Role-Playing Exercises

This is Perry’s secret weapon: Put people in the position of a scammer.

Ask them to:

• Write a phishing email that would trick them
• Create a piece of disinformation they’d believe
• Design the perfect scam for someone they know

Once people go through this exercise, they view the world differently. They scroll social media differently. They look at email differently. It breaks them out of stimulus-response mode and makes them feel empowered rather than scared.

How should organizations measure security awareness?

Perry starts with what NOT to measure:

Don’t measure:

• Number of people who completed a training module
• Attendance at security presentations
• “Butts in seats” or “eyeballs on screens”

These metrics only tell you if you can force people to open something or attend something. They don’t measure whether people care or will behave differently.

Do measure:

• Behavior-based outcomes: Click rates on phishing tests, reporting rates, use of shredding bins
• Before and after: Establish baselines, implement programs, measure change
• Creative proxies: For shredding behavior, measure weight of shredded paper; for tailgating, use badge swipe data

The key is identifying behaviors that lead to security outcomes (positive or negative) and building KPIs around those behaviors.

Focus on impact and outcomes, not participation.

How can organizations protect data confidentiality with AI?

This challenge isn’t new—we’ve been dealing with SaaS, multi-tenant architectures, and cloud storage for 20 years. The solution is similar:

Official Pathways

• Provide corporate AI accounts: Give employees vetted, contracted AI tools
• Establish data protections: Ensure contracts include appropriate safeguards
• Make it the easy path: The corporate way should be easier and more productive than shadow AI

Shadow AI is Inevitable

If you don’t provide an official way to use AI, employees will find their own ways. The goal is to make the corporate path the easiest and most effective option.

Paid Subscriptions

Most AI providers (OpenAI, Anthropic, Google) include data protections in paid subscriptions. Legal teams can review terms and conditions to ensure compliance.

The principle: Make the corporate way of doing it easier and more productive than the private way employees might use ChatGPT on their own.

People Also Read

• Building Security Using Generative AI
• AI Code Remediation: From Detection to Resolution
• The Human Firewall: Designing for Behavior in Modern Security
• Role of AI in Identity and Access Management
• Unlocking Secure Development in AI Era
• Inherent Cybersecurity Risks and Human Factors