Deepfakes and Recruiting

What if you suddenly could control what people say and get them to say things they never actually did? Would you use your newfound superpowers for good or evil? Would it be hard to draw the line between what’s funny and offensive? What if I told you this superpower exists?

Watch this video of U.S. President Barack Obama and ask yourself whether he is actually saying these words. It looks like him, sounds like him, but it isn’t him actually speaking.

Scary, huh?

This kind of technology is called a “deepfake” which is a combination of the words ‘deep learning’ and ‘fake’ and refers to an AI-based technology marries video and audio editing with artificial intelligence to create a remarkably authentic-feeling but totally fake video representation. While this technological feat makes for hilarious spoofing (check out @deeptomcruise on Tiktok), it’s also a massively scary trend for information security and identity theft.

How do deepfakes play in the recruiting world?

AI Expert Jarno Duursma describes the potential of deepfakes on his blog by saying, ‘The application can be used in many ways, manipulating opinions, blackmailing people or damaging reputations. We are entering an online era where we can no longer trust our eyes and ears.’

While “deepfaking” online job interviews would be cumbersome and extremely hard to actually fool a hiring manager, a likely nefarious use of deepfake technology in the hiring world could be personal or company sabotage. If deepfake technology can make it appear that politicians said things they did not say, imagine what someone’s enemies might make them say. Rejected candidates could get revenge by creating a deep fake of the hiring manager or CEO of your company.

However far-fetched these crimes may seem, companies like Accenture are already putting into place a plan for dealing with deepfakes. They suggest integrating a response plan for technological attacks like deep fakes into your standard incident management or crisis response process. This includes:

1. Training your employees to be aware of such technology and to spot a fraudulent representation in video, audio, or image form.
2. Implement a Detection Model: Many start-ups are currently working on software that can detect false media. If your business is particularly sensitive to this kind of technology, it’s important to stay across developments.
3. Have a Response Plan: Having a strategy in place and mean swift action in times of crisis.

An example of a comprehensive plan according to Accenture would be, “the communication department will issue a press statement that exposes the malicious deepfake, including evidence from the software-based detection model provided by the IT team.

Other Information Security Concerns for Recruitment

Recruitment agencies beware. Due to the bounty of personal information required and stored for hiring purposes – including bank accounts numbers, passport details, and credit check info – cyber attacks on recruitment agencies are increasingly common. Further the most detrimental cause of cyber attacks is not their frequency or ferocity, it’s untrained employees who accidentally unleash cyber warfare on their company’s IT systems.

Since 90% of cyber-attacks start because of human error, training regarding phishing, malware, cyberware, DDos Attacks should be given to all employees no matter how tech savvy they are. This training must be continuously updated to reflect the constantly changing cyber landscape.

While deepfakes may not directly affect the recruiting world, their extremely damaging potential should serve as an alert to address potential cyber weakness in your business, especially with regard to training employees to spot malicious cyber activity. This one way to level up your technology to make your business more future proof.