Description

In this episode of BHIS Presents: AI Security Ops, Bronwen Aker and Dr. Brian Fehrman break down some of the top AI security concerns being discussed by researchers, security firms, and government agencies this year.

As AI capabilities rapidly expand, so does the attack surface. From agentic AI systems being used by attackers, to deepfakes at industrial scale, to the persistent challenge of prompt injection, security teams are trying to understand what risks are real, what’s hype, and where defenders should focus first.

We dig into:
- Why agentic AI is emerging as a major security concern
- How attackers could weaponize autonomous agents to scale operations
- The risk of malicious agent skills and AI supply chain attacks
- Why overly broad permissions make agent-based systems dangerous
- AI-assisted phishing campaigns and social engineering at scale
- The rise of deepfakes and corporate fraud driven by generative AI
- Why humans still struggle to reliably detect deepfake media
- The economics of deepfake fraud and real-world incidents
- Prompt injection attacks and why they remain difficult to solve
- Whether future models may autonomously discover and exploit jailbreaks

This episode looks at the practical security implications of today’s AI ecosystem — where the biggest risks are coming from, how attackers may leverage AI systems, and what defenders should be thinking about as these technologies continue to evolve.

📚 Key References

Agentic AI Threats
- CrowdStrike 2026 Global Threat Report — https://www.crowdstrike.com
- IBM X-Force 2026 Threat Intelligence Index — https://www.ibm.com/security/x-force
- Cisco State of AI Security 2026 — https://www.cisco.com/site/us/en/products/security/state-of-ai-security.html#tabs-9da71fbd27-item-1288c79d71-tab

Deepfakes & AI-Driven Fraud
- WEF Global Cybersecurity Outlook 2026 — https://www.weforum.org/publications/global-cybersecurity-outlook-2026/
- International AI Safety Report 2026 — https://www.internationalaisafetyreport.org

AI Security & Infrastructure Risk
- CISA Joint Guidance on AI in OT — https://www.cisa.gov/news-events/news/new-joint-guide-advances-secure-integration-artificial-intelligence-operational-technology

Prompt Injection & LLM Exploitation
- Schneier et al., “The Promptware Kill Chain” — https://www.lawfaremedia.org/article/the-promptware-kill-chain
- Palo Alto Unit 42 — “Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild”
https://unit42.paloaltonetworks.com/indirect-prompt-injection-ai-agents/

• (00:00) - Intro & Episode Overview
• (02:18) - Agentic AI as a Security Threat (CrowdStrike 2026 Global Threat Report, IBM X-Force Index)
• (03:46) - Malicious Agent Skills & AI Supply Chain Attacks (Cisco State of AI Security)
• (04:58) - How Agent Skills Actually Work
• (07:47) - Permissions & Guardrails for AI Agents (CISA AI in OT Guidance)
• (09:57) - AI-Generated Phishing Campaigns (CrowdStrike / IBM Threat Reports)
• (13:58) - Deepfakes at Industrial Scale (WEF Global Cybersecurity Outlook)
• (15:38) - Corporate Fraud & Deepfake Incidents (International AI Safety Report)
• (17:21) - Why Humans Struggle to Detect Deepfakes
• (21:13) - Prompt Injection Attacks Explained (Schneier – Promptware Kill Chain)
• (24:35) - AI Models Jailbreaking Other Models (Palo Alto Unit 42 Research)
• (28:59) - Final Thoughts & Wrap-Up

Black Hills Information Security 

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Click here to view the episode transcript.