CIA Director John Ratcliffe this week described AI as akin to digital nuclear weapons. What that means for enterprise security teams is more specific and more manageable than the headline suggests.
CIA Director John Ratcliffe made headlines this week with his assessment of AI as a national security risk. That assessment is grounded in something concrete. The question for enterprise security teams is straightforward: what has changed about how organizations get targeted, and what does a prepared one look like?
The answer starts with cost. Fred Heiding, a cybersecurity research fellow at Harvard Kennedy School's Belfer Center, published research earlier this year showing that automating social engineering attacks with AI can reduce spear phishing costs by up to 99 percent at scale. The tools that make that possible, powering deepfake voice calls, AI-generated phishing emails, and real-time persona impersonation, are now open source, run locally, and require no specialized expertise. The FBI's 2025 Internet Crime Report logged $893 million in losses from AI-enabled fraud, the first year the agency tracked it as a formal crime category. BEC losses topped $3 billion over the same period. Security leaders are already seeing the volume in their inboxes and their incident reports.
What Enterprise Security Leaders Are Seeing
Adaptive Security surveyed 181 CISOs at leading U.S. companies in late 2024. AI-powered social engineering ranked as their top concern, averaging 8.6 out of 10 on severity. One security leader at a major entertainment venue said the attacks their team was seeing were "much higher in sophistication and harder for our employees to detect." That was eighteen months ago. The assessment has only grown more accurate.
Email security has spent two decades accumulating defenses: DMARC, behavioral filtering, sandboxing. Attackers know it. Michael Siegel, director of Cybersecurity at MIT Sloan, has been direct on what that means: "AI-powered cybersecurity tools alone will not suffice." Phone calls, SMS, and video conferencing have far fewer standardized controls, and that is exactly where AI-powered social engineering has moved. When an employee gets a voice call that sounds like their CFO asking to confirm a wire transfer, there is no spam filter making that call for them. It comes down to judgment, made quickly, under apparent authority. The organizations closing this gap fastest are the ones building controls specifically for those channels.
How Prepared Organizations Are Building Ahead
The security teams making the most meaningful progress have a plan: defined priorities, measurable outcomes, and a consistent path to improving how their workforce responds to these attacks.
- The first investment is visibility into exposure. Siwei Lyu, a computer science professor and director of the Media Forensic Lab at the University at Buffalo, wrote in Fortune last December that voice cloning has crossed what he calls the "indistinguishable threshold" A few seconds of audio now suffice to generate a convincing clone. Open-source intelligence tools surface exactly the kind of material that makes that possible: phone numbers, voice recordings from podcasts or public videos, headshots, social media activity. A short clip of an executive on a webinar is enough starting material to build a voice persona. Knowing what is out there is the foundation for every mitigation that follows.
- The second is simulation. Lorrie Cranor, director of Carnegie Mellon's CyLab and a co-founder of phishing simulation as a discipline, argued at RSAC in March 2026 that as AI-generated attacks grow more convincing, generic awareness training is no longer enough. Security teams that run AI-powered voice, SMS, and email simulations against their workforce learn something traditional phishing tests cannot surface: how employees respond when an attack sounds completely legitimate. Those simulations identify the specific channels and behaviors that need attention, and they build a documented risk profile that grounds the leadership conversation in data. Organizations that run these programs consistently report measurable improvement in employee recognition rates over time.
- Third is a verification layer on high-stakes actions. Any request involving a financial transaction, credential change, or sensitive access requires confirmation over a second channel using a contact method already on file. John Geronimo, Executive Director and Fraud Strategy Director with JPMorgan Chase Commercial Banking, identifies the underlying gap: "It's all about having internal controls and being able to deploy them effectively. Many companies aren't testing their controls and, as a result, employees aren't following them correctly or at all." This single process control interrupts the majority of AI-powered fraud attempts without adding meaningful friction to day-to-day operations. It removes the condition that makes the attack work: the assumption that one convincing communication is sufficient.
- A fourth step costs nothing to implement. Researchers studying AI-enabled fraud have documented that criminals need only a few seconds of publicly available audio to build a convincing voice persona. A podcast appearance, a video interview, a recorded call: the material is often already out there. Having employees replace personal voicemail greetings with the default robotic voice removes one of the most accessible sources of that raw material. Replacing it takes thirty seconds and raises the cost of targeting that individual. Small friction for the defender, meaningful friction for the attacker.
Emerging technical controls are advancing quickly as well. AI-generated content detection, voice authentication systems, and behavioral analytics that flag anomalous communication patterns are all maturing. They are not yet at the reliability level that email security tools have achieved, but incorporating them into a forward-looking roadmap positions organizations to benefit as the technology matures.
The Board Conversation This Moment Opens
Director Ratcliffe's statement has generated significant coverage, and that coverage is creating a specific opportunity. Boards and executives who have been aware of AI risk in broad terms are now asking pointed questions. Dr. Herb Lin, senior research scholar for cyber policy and security at Stanford University, has observed that security leaders "must be able to speak about risks and potential solutions in terms that other board members can easily grasp." Security teams that walk into those conversations with a defined program, measurable risk data, and a clear investment thesis are in a strong position to get the resources and alignment their organizations need.
The framing that resonates with non-technical leadership is direct: AI has made social engineering attacks faster, more targeted, and more convincing. Organizations that simulate those attacks and build awareness and controls to recognize them are measurably more resilient. Here is where we stand, here is what we are building, and here is how we will measure progress. That conversation is easier to have right now than it was six months ago.
What Comes Next
The organizations furthest ahead on AI-powered social engineering are the ones that made it a permanent discipline rather than a one-time initiative: consistent simulation, ongoing training, and controls that hold up when an attack sounds completely convincing. Alex O'Neill, an emerging technology and cyber threats researcher at Harvard Kennedy School's Belfer Center for Science and International Affairs, captured the stakes directly: "responsible actors can take steps to prepare for its arrival, before it is too late." The threat is well-defined. The defenses are available. The gap between prepared and unprepared organizations is closing, and it closes fastest for teams that move with intention.
Director Ratcliffe's language will generate more headlines. What matters more is what security teams build in the weeks that follow. The organizations that use this moment to advance their programs will have something more valuable than awareness of the threat: a workforce equipped to recognize these attacks and the controls in place to stop them.
Adaptive Security works with enterprise security teams to simulate AI-powered social engineering attacks and build the awareness and controls that reduce risk before attackers find the opening. Learn more at adaptivesecurity.com.




Contents










