A company's biggest human security flaw often lies with its help desk. CrowdStrike's CEO points out that help desk staff are typically incentivized to resolve issues and close tickets as quickly as possible. This makes them susceptible to social engineering, as their motivation is speed and helpfulness, not rigorous security verification.
Related Insights
Amidst complex AI-driven infiltration tactics by state actors posing as remote employees, CrowdStrike's CEO says a top best practice is shockingly simple: meet every new hire in person once. This single step can deter bad actors who rely on anonymity and can't risk revealing their identity, solving the problem before it starts.
The common frustration of a dropped customer service call is often not an accident. Call center agents are measured on "average handle time" and are penalized if calls are too long, incentivizing them to hang up on complex calls to avoid punishment.
AI tools drastically accelerate an attacker's ability to find weaknesses, breach systems, and steal data. The attack window has shrunk from days to as little as 23 minutes, making traditional, human-led response times obsolete and demanding automated, near-instantaneous defense.
CrowdStrike has found hundreds of North Korean state actors getting hired as remote developers at US companies to gain insider access and steal trade secrets. They are so effective that one manager asked if they had to fire the operative because "he did such good work," highlighting a severe remote work vulnerability.
Hackers gain initial network access by repeatedly calling large, outsourced IT help desks. They socially engineer call center staff until one handler eventually makes a mistake and provides credentials, creating the toehold needed for a full-scale breach.
The core drive of an AI agent is to be helpful, which can lead it to bypass security protocols to fulfill a user's request. This makes the agent an inherent risk. The solution is a philosophical shift: treat all agents as untrusted and build human-controlled boundaries and infrastructure to enforce their limits.
The CEO of WorkOS describes AI agents as 'crazy hyperactive interns' that can access all systems and wreak havoc at machine speed. This makes agent-specific security—focusing on authentication, permissions, and safeguards against prompt injection—a massive and urgent challenge for the industry.
While sophisticated AI attacks are emerging, the vast majority of breaches will continue to exploit poor security fundamentals. Companies that haven't mastered basics like rotating static credentials are far more vulnerable. Focusing on core identity hygiene is the best way to future-proof against any attack, AI-driven or not.
The decision to invest in formal security measures like anti-phishing training should be based on team size and industry risk, not revenue milestones. The attack surface grows with each new employee, making a headcount of 15-20 a practical trigger point to implement such policies.
Don't view customer escalations as a nuisance; they are a valuable gift. Each one provides a critical opportunity to find and fix not just a specific bug, but the underlying process failure that allowed it to happen. Leaders should actively encourage customers to escalate issues directly to them.
