Lunchtime Tech Sessions by Canterbury Tech - November 2025

LUNCHTIME TECH SESSIONS brought to you by Canterbury Tech - With Stephen Kho (Director, Offensive Security for Avast) as he presents "Cybersecurity and Deepfakes, AI vs AI."

Artificial intelligence is no longer just a productivity amplifier — it’s now weaponized at scale. Attackers are fusing AI-generated personas, synthetic voices, and real-time video deepfakes into social-engineering playbooks that bypass traditional awareness and technical controls.

From Gen Digital’s research on 'scam-yourself' attacks to infiltration attempt by a North Korean fake IT worker and the recent Hong Kong deepfake heist, these incidents demonstrate how trust channels — not firewalls — have become the new battleground.

This session is designed for IT professionals seeking to harden their defenses against AI-driven deception. Areas we will cover include:

• How modern adversaries operationalize AI to craft persistent, cross-channel personas — fake recruiters, executives, and influencers — that evade detection.

• How to identify key technical indicators of deepfake-driven compromises, such as browser process anomalies, clipboard injection, synthetic speech signatures, and endpoint telemetry irregularities tied to 'scam-yourself' flows.

• Detection engineering insights: mapping deepfake and social-engineering vectors to MITRE ATT&CK, using anomaly-based EDR/UEBA analytics, and embedding real-time content integrity and liveness checks into conferencing and authentication systems.

• Actionable mitigations: enforce signed-binary policies, restrict browser self-updates, integrate out-of-band verification for payments, and embed AI-liveness validation into recruitment and executive workflows.

About Stephen:
Stephen is the Director of Offensive Security, for Avast. He joined Avast in November 2020, and is responsible for leading a team that undertakes penetration testing on software systems to identify vulnerabilities and facilitate the development of secure infrastructures against potential threats.

Stephen is a security professional with over 20 years of security industry experience across multiple business sectors including finance and telecommunications. Prior to working at Avast, he was Technical Customer Success Manager at software and IT firm Micro Focus where he worked with the top 50 ASX listed Australian financial and telecommunications companies as well as federal government departments in Canberra to implement cyber security monitoring and application security programs. Before that, Stephen held the deputy CISO/Ethical Hacker role at Dutch telecommunications company KPN. Earlier, he held security consultant positions in the telecommunications and IT space, including at Verizon Business and Siemens. His knowledge in the areas of penetration testing, security technologies and risk management is extensive; arising from his network engineering, security consultancy and hands on penetration testing background.

Stephen holds a Bachelor of Computer Systems Engineering with an Honours from the University of Queensland.

Feel free to bring any questions to this session.

When - Tuesday 18 November 2025

Time - 12:30pm - 1:30pm (NZT)

Where - Online via this Zoom - the link will be included in an email closer to the time.

Cost - This is a free event