AAISM · Question #243
How can an organization BEST protect itself from payment diversions caused by deepfake attacks impersonating management?
The correct answer is D. Implement resilient payment approval processes. AAISM's risk management framework stresses that the most effective defense against deepfake- enabled fraud, such as payment diversion, is resilient payment approval processes. This includes multi-step verification, segregation of duties, and independent confirmations for high-val
Question
How can an organization BEST protect itself from payment diversions caused by deepfake attacks impersonating management?
Options
- ARequire mandatory deepfake detection training for all employees
- BMandate that payments be sent only once per week
- CIssue a security policy on deepfakes
- DImplement resilient payment approval processes
How the community answered
(17 responses)- B12% (2)
- C6% (1)
- D82% (14)
Explanation
AAISM's risk management framework stresses that the most effective defense against deepfake- enabled fraud, such as payment diversion, is resilient payment approval processes. This includes multi-step verification, segregation of duties, and independent confirmations for high-value transactions. Employee training, policies, or limiting payment frequency may reduce exposure, but they cannot guarantee prevention. Only process-based controls enforce structural safeguards that prevent fraudulent instructions from being executed, even if a deepfake impersonation attempt is successful.
Topics
Community Discussion
No community discussion yet for this question.