The moment digital trust broke for everybody, it's the rules fundamentally change when we move from static, a fake email, to real-time synthesis. A live call, right? A live video call. Think about that. The death of trust happened the moment we can no longer rely on your eyes and ears to verify identity. That is the problem. When seeing is no longer believing, the social contract of digital communication is essentially voided. Think about that. I will tell you what they're going to learn if you come is you're going to learn some key protocols that you can do to protect your business. We're going to talk a lot about the human firewall. You're going to walk away with a couple of PDFs that will help your business structure and build those protocols within your environment, which I think is key. Before we dive back into today's conversation, I want to share something important. This episode includes a paid partnership with BetterHelp, a platform designed to make starting therapy easier. I know from my own journey as a leader and entrepreneur that life can sometimes feel overwhelming. There are seasons where stress, uncertainty, and pressure build up, and you need a safe space to process it all. That's where therapy comes in. Therapy isn't only for people facing clinical challenges. It's a space to reflect, grow, and find better ways to manage stress, relationships, and personal goals. It takes courage to seek help, but it's also one of the smartest investments you can make in your mental and emotional well-being. That's why I'm proud to highlight BetterHelp. With BetterHelp, you simply fill out a short questionnaire and get matched with a credentialed therapist in just a couple of days. If the first match doesn't feel like the right fit, you can easily switch therapies at no extra cost until you find someone who truly connects with you. Inside the platform, you'll also find tools like journaling and group sessions on different topics that can support your growth. And with over 7,000 reviews and a 4.5 trust pilot rating, BetterHelp is a platform you can rely on. So if you feel like you'd benefit from talking to a therapist, visit betterhelp.com forward slash King Dames. That's betterhelp.com forward slash King Dames to get 10% off your first month of therapy. Once again, this is a paid partnership with BetterHelp, and I encourage you to take that first step if you've been thinking about it. Sometimes the best investment you can make is in yourself. Welcome to the King Dems podcast, where we share the stories of extraordinary people and dissect hot, relevant topics that shape our world. From visionary leaders to trailblazing creatives, we uncover the mindset, strategy, and grit behind greatness. Whether it's business, culture, or personal growth, we ask the real questions. This isn't just conversation, it's transformation. The King Dems Podcast. Your next breakthrough starts here. Music licensing reimagined. We're live, ladies and gentlemen. You once again welcome to the King Dems Podcast. And I've got with me a triple VIP coming in for the second time. Make welcome fighting out of the United States of America, Michelle, the cybersecurity expert, Novak. How are you, Michelle? I am fantastic today. What an introduction. Wow, that's fantastic. Wow, yeah, we've given you the combat sport introduction. And of course, let's give you the corporate style introduction. So, ladies and gentlemen, today's conversation is not about theory. It's about reality. In the last 12 months alone, organizations have lost tens of millions of dollars to AI-driven deep fake attacks that bypassed traditional security, fooled experienced executives, and collapsed trust in real time. Our guest today has been warning leaders about this shift long before it made the headlines. Michelle Novak is a cybersecurity author, authority, and executive advisor who works at the intersection of technology, human behavior, and organizational risk. Her work focuses on how AI, deep fakes, and synthetic identity threats are redefining fraud, compliance, and leadership making a decision making. So what sets Michelle apart is this. She does not just talk about tools. She focuses on protocols, culture, and human systems, the elements that fail first when technology outpaces policy. She has advised leaders on how deepfake fraud actually works in the real world, why verify with a call is no longer enough, and how organizations can build a human firewall that protects assets, identity, and trust in an era where seeing and hearing are no longer believing. Today, Michelle is here to break down why AI-powered deepfakes represents the number one corporate threat of 2026 and what leaders must do now, not later, to stay ahead. Michelle Novak, you once again welcome. It's a pleasure to have you with us again today. Whoa! Your work is actually very, very important. It was an introduction. You deserve it because your body of work is a mouthful. And I can say it's also a globeful because this is a global threat we are dealing with here. You've actually spent years at the intersection of cybersecurity, leadership and risk. So from what you are seeing globally right now, why are AI deepfakes no longer a future concern but a present-day executive threat? Yeah, that's a great question, right? We've moved from CGI era to the real-time era. That's what I like. Previously, deep fakes were labor-intensive and easy to spot. Today, the demonetization of compute power means a teenager can clone a CEO's voice for $10. That's the truth. For executives, this is a present-day threat because your identity is now your most vulnerable, unpatched API. It can be you. They don't need to hack your firewall. They just need to ask for the keys. So think about that. Wow. Thinking about that, your upcoming or forthcoming webinar, right, is going to address a lot of these issues. But when I saw that webinar and I saw the details that are going to be discussed on the webinar, something stood out for me. And it is the now infamous $25 million Zoom call incident. Why was this case so dangerous? Like, not just because of the money lost, but because of what it revealed about human behavior and verification processes. So why is this a serious issue? Yeah, why? Yeah. You know, let me say this, right? The Hong Kong Zoom incident was terrifying. terrifying because the employee did have doubts but those doubts were overridden by the presence of his colleagues on the screen what he didn't know is that every colleague on that screen was a deep fake it revealed that social engineering scales perfectly with ai and that's what these hackers are using today. It wasn't a failure of tech. It was a hack of human need for social validation. And that's what you got to think about, right? It proved that if the boss is on the screen, humans are wired to obey not to audit and question And that the why right The human aspect of this and that what these hackers are you know dependent on They know the psychology and they building these tools to do it You know, you talk fondly about why verify with a call no longer works. So many firms still teach staff to verify with a call. What is that advice that you would give right now? And of course, why is the old advice now outdated and in some cases actively dangerous? So there's two parts to that, right? The advice is now a liability. And I'll tell you why and why I think that, you know, if you can clone your voice with a 30 second clip from a YouTube keynote, a phone call is just another playground for those attackers to work. And that's what they're doing, right? There's a couple of different techniques that they're doing out there that we have to be very diligent and be aware of. And that's my message to everybody today. Know what's out there, know the tools they're using and understand that. Telling staff to just call gives them a false sense of security, right? You need to go deeper than that. And that's what I teach in my webinar, the things that you can actually do that will help you go a little bit deeper than just saying, hey, is this real? In the deep fake era, an unverified voice is just a sophisticated script. And these tools that they're using sound just like me on this call right now, right? That's how scary it is. Absolutely scary. Intelligent people are off. Sorry about that. Yeah. And it is scary. You know, it is. You were talking about intelligent people. What is it with intelligent people? You know, deep fakes can bypass smart people. That's what I like to say, right? You and I are both very intelligent, but intelligent people are often the easiest to manipulate because they rely on the contextual logic. Attackers use linguistic mirroring and high pressure scenarios that hijack, right, the prefrontal cortex. Your brain is a human computer. I talk about this through all my books and everything else and how we process information, right? And that's all. They figured out a way how to psychology, psychologically, sorry, hack that, right, by using these tools. High performers are also fixers. They want to be helpful and efficient. AI exploits that, right? They exploit the bias towards the action, turning an executive productivity against them. And that's just the truth of the matter. Wow. So I've actually had a couple of neuroscientists on the podcast and particularly we've had a neuroscientist from Stanford University. And I think what most of them agree about is the fact that the prefrontal cortex is like the CEO of the brain, right? So with smart people being tricked into making schoolboy errors, it's really alarming. And, you know, we have this rise of the authentic scams. So your briefing actually talks about authentic scams, AI systems that can negotiate, argue, build trust autonomously. So why is this a fundamentally new category of threats that most boards are not prepared for? You know, most scams right out there are one and done. You know, I'll say that. Eugenic scams are different. They're AI systems with a goal, capable of navigating a conversation. There's the difference, right? They can be trained. And again, with the neural aspect of it, they can pivot. If you ask a difficult question or play the long game over weeks to build rapport, boards aren't ready for a threat that can argue, negotiate, and wait for the right moment to strike. They're not prepared for it, right? So they need to invest in the deep training, the human element of it, and understanding how these egenic AIs are targeting people and what they're using to target. I think that's the key. Speaking of investing, right? A lot of businesses do not really see that value in investing in cybersecurity, but I think they get to pay for it very, very heavily, right? So you argue that software will always be one step behind AI. Why does the future of defense shift from tools to human protocols? You know, cybersecurity to human security, let's say that, right? Software is reactive. It hunts for known signatures, right? But AI generates zero-day content every second. You know, we cannot out-code the speed of synthetic reality. And I think that's the key there. You know, when you're taking a look at defense, right, everything is moving at a rapid pace. And we talk about software versus egenic AI. We're also talking about quantum computing that's coming. It's going to be massive over the next couple of years what these tools can do. Right. The cybersecurity world right now, right, every agency, every country are driving to build proactive instead of reactive ways to protect, right? Therefore, the defense must shift to human protocols. We have to shift. We need to focus on how humans make decisions under pressure rather than just hoping the spam filter catches the bait or the phishing email. You know what I'm saying? Like you have to incorporate your people and train them fundamentally so they are aware, especially in larger corporations. It's so easy. You know, we talk about whaling. There's so many different type of scams out there and things that can be done. But whaling is one of the biggest, right? You know, when you go back to the Hong Kong event, there's not only that, there's tons of them. I just had, and I'll just share with you, right? Just had one of my clients have what they call a BEC attack, right? where their email was intercepted, sent an invoice to redirect, to pay an invoice to a hacker. They got into the system, $40,000. Think about that. Now, if you would train those employees and they used, right, they verified. They verified through email. Is this the right amount? Is that? Everything was a green light. They still got hacked. So I would say the human element is more important than anything else right now, especially, especially. Okay, so are you able to walk us through the human firewall concept? And why is it more resilient than traditional cybersecurity controls in a world of real-time deepfakes? Yeah, you know, the human firewall framework is kind of the way you need to go with AI and the attacks that are happening out there today, right? Traditional controls are no. Again, we all have systems to protect us. They can pick up everything. They can monitor as much as they want. But the human firewall is a behavioral bypass. right it's a culture where trust but verify is replaced by verified to trust you know what i'm saying it's kind of the reverse psychology of it it's about building a standard operating for identity that doesn't rely on biological senses but a cryptographic or procedural certainty and i think the human firewall when i talk about it in my webinar it's key things that you need to look for, right? When you are on a call or you're getting engaged with a voice or phishing, whatever it might be. And it's critical that you kind of transcend that at this point. People have to use the human firewall because as I said earlier it so important the human security in this is going to be the key to protecting your business even more and more Interesting Now we seeing more reasons why people should attend this webinar right? So talking about the three channel rule, right? Seems simple but powerful. Why does forcing verification across voice, video, and text dramatically reduce the risk of fraud? You know, That's a great question. You know, I'm going to go back to verify to trust, right? It's about breaking the attacker's scene. If you're talking to me on a video like we're doing right now, right, channel one, I will send you a code to your encrypted Slack channel and you must read it back to me. That's where the human firewall comes in. If it's a deep fake, the attacker likely doesn't have access to your internal authenticating messaging in real time unless they've hacked your system. It forces the synthetic actor to interact with the physical or authenticated reality that they don't control. So think about that, right? That's where these AIs break down. And we talk about that in my webinar and how to spot that. And that's why it's important to use the three-channel rule, right, to protect yourself even further than what we're actually doing right now. It's not just about MFA and having that protection. This goes deeper than that and shifting the way your business operates to protect yourself. It's interesting the way the world is evolving. We're moving from two-factor authentication to three-channel rule. So speaking of internal deep fakes and the liar's dividend, one of the most unsettling ideas you raised is the liar's dividend, where leaders themselves can plausibly deny reality. So why is this an internal cultural risk as much as a security risk? You know, the liar's dividend is a nightmare for governance. Let's face it. Okay. I mean, risk governance is very difficult to begin with. It's the idea that a liar caught doing something wrong can simply claim that was a deep fake. This creates a vacuum of accountability. And that's what the problem is here. If we can't prove what is real, we can't hold anyone responsible. It erodes the very fabric of corporate culture. Think about that, right? Think about what that can do to your organization. If your employees get an email from you, right, or it's sent from a disgruntled employee and they think it's the CEO of your corporation and they don't know any better, will they follow that directive, right? You got to make sure that you're monitoring all facets, right? The liar's dividend is don't lie to yourself, right? Be honest with what you have in place and what you don't have in place. And I don't care how big or how small you are. This applies to anybody, even on a personal end, right? How do you protect yourself in a world of AI today? Great question. There's a lot of unintended consequences. And, you know, with accountability and responsibility being attacked, the stakes are very, very high. But speaking of the board level accountability, if you were briefing a board tomorrow, what are the three non-negotiable questions every director should be asking management about deep fake readiness? You know, I share this now with all of my clients, right? Whether you're at a board level, a director's level, it doesn't matter. So like at a director's level, you should ask, do you have a proof of life protocol for high value transactions? Number one, right? Because we know fraud, wire fraud is very big right now with using the AI eugenics and scams. You know, how is our crisis management plan adapted for an identity takeover scenario? Do you have a plan in place? Do you even know how to spot it? What protocols are you following? Do you have an incident response plan? Do you have a backup plan for your reputation? Most important, I would say. What is our zero trust architect for human to human communication? I think that's the number one question that you should refer to in anything that you're doing today, especially in the cybersecurity world, right? We have zero trust for everything else protecting our systems, right? But what is it for the human to human communication? I think those would be my three questions that I throw out to everybody. Trust will verify, verify. Then before trusting back, it's now becoming a loop, right? But what are most companies still missing? Verify to trust. You know, despite all the headlines, what critical mistakes do you still see organizations repeatedly making when it comes to AI-enabled fraud defense? I think most companies are still missing the fact that they're still treating this as an IT problem. Okay, it's not an IT problem. It is an operations and culture problem. You know, companies spend millions on firewalls, but zero on training their executives how to handle FaceTime call from a kidnapped, you know, Zoom meeting. Which is how these attackers are often gaining leverage, right? It's not about the ransomware attacks anymore. You have systems in place to protect you on that, right? This is different. It's not an IT problem. Step back, look at it, go through your pyramid, however you have your company organized, structured in the compliance and risk end, and ask those hard questions. Where are the gaps, right? We call it, you know, I always call it a TOC, right? That's what I use in my business every day. Identify the bottlenecks and clean them up. Clean up those processes. It's very important. Speaking of cleaning up, right, Let's talk about immediate executive actions. So for the leaders, for the founders listening to us today, what are the actions they should take in the next 30 days to reduce their exposure to deepfake driven fraud? I think number one step should be to sign up for your webinar. And what other steps should they take? Listen, the advice I give today will probably change three months from now or 12 months from now, right? But as of today, I think the most important thing is to establish a safe word, especially on any kind of transactional thing that you're doing within your environment. It's most important, whether that's personal or through business, establish those safe words. So if you do need to call somebody to verify something, only that person's going to know that safe word, right? It creates a non-digital phrase for your family and your direct reports. reports. Number one thing I think is very important today, right? And then audit your digital footprint. If you haven't done this, you better, right? Especially with now everything changing to AI and how all of these platforms and these search engines are going to be, you know, promoting your businesses. The shift in all of that is very critical, right? Know what audio video of you is public, I think it's very important. Audit it, right? We're all on these podcasts. It doesn't mean one of these tools can't take what you and I are discussing, mimic my voice and get on a platform and make something different because that's what they're doing. Let's talk about the reality of it. So that's critical. And then normalize the friction, right? Tell your team, normalize it, right? Tell your team that you will never be offended if they challenge your identity on a call. Let them know that it's okay. That you're not comfortable. And there's tools that you can put on these calls today that can spot if there somebody else on that call that shouldn or if it a deep fake If you have the money and you can afford it use them Use them Otherwise you lose it Yeah. Use it or lose it. Right. Can you afford, I'm going to just throw this out there. Can you afford to lose $100,000 today? I tell everybody that when I speak to them about, right, the AI, you know, pandemic, I like to call it. The 2026 pandemic of the deep fake. Can you afford to lose $100,000? Think about it. Not many people can afford that. Not many people can afford that. I, for one, cannot afford to lose that. You know, let's take this personal right now. On a personal level, your personal perspective, how has your understanding of deep fakes changed how you communicate or verify information in your own life? Well, you know, I hate to be a cynic, right? But absolutely, I've become a digital cynic. I no longer take any inbound communication at face value. I don't. You have people reaching out to you on all different types of platforms, trying to introduce themselves, sell you their services, you know, want to collaborate with you. You don't know who's real and who's not. Making job offers, it could be anything. You know, I think it's critical, right, that you no longer take any communication at face, regardless of how familiar the voice sounds. I'm going to just say that. I've implemented myself the three-channel rule with my own family, my own business. just paranoia. It's digital hygiene. And that's the way I look at it, right? You got to clean up and control what you can control because there's many things out there you can't control. You're never going to be able to control and stop the hackers from getting better and better and, you know, training these tools to do what they have to do. I'm anxious to see what comes out next, you know, after this whole nuts, nutty thing that's going on. But that's what I would probably say, right? Do what you can do to protect your space and your business. And if you don't know. Protect yourself at all times. There's plenty of webinars out there in Google line. Yeah, at all times, right? There's plenty of information out there how to do this, you know, do it, you know, invest in it, invest in the time to do this for yourself and your business. Wow. Quick plug, guys, invest in Michelle's forthcoming webinar. Looking into the future, I know you're not a futurist, you're not a Nostradamus, but you are an expert. You are the pro, I am the Joe. So if we look ahead into 2027 and beyond, what will separate the organizations that survived this pandemic, the pandemic era, as you call it, right? Of synthetic reality from those that do not survive it. What's going to be the disaggregation factor? I think this virus will be like protocol-driven organizations. I think that's the key, if I had to say it, right? They're going to do the work. They're going to figure out the bottlenecks in their compliance. They're going to implement and change how their employees interact, send money, right? The biggest thing. But I think those who rely on gut feeling or familiar voices will be dismantled. Again, it's shifting from trust to verify to verify to trust. You can no longer just rely on what you think you know. I'm not above that, right? The future belongs to leaders who understand that in a world of synthetic reality, because that's what we're in, the only thing that cannot be faked is a pre-agreed, out-of-band protocol. That's the bottom line. If you drive protocols and make them simple, don't make them complicated, right? We're all neurologically learning. And the simpler you keep it for your employees and keep it for your organization, for them to remember, it's going to be critical, right? We all have on our desktop the ability to put... The tone at the top is important. It's top down. It's always been top down. That's how you build your culture, your mission, and everything else. And people who work under other people, I've worked for large corporations. You know, did I believe in their mission? Of course, because that was the culture that they actually drove. Have I worked for corporations that they say a mission? and it wasn't what they followed. Absolutely. So don't be one of those is what I'm going to say. Interesting stuff. So we know Michelle is actually a very, very busy expert. But before you go, I have just one more question for you. Why should the business leaders, the founders, the professionals, you know, everyone and their mom listening to the podcast today, why should they attend your webinar? And what is the, the value they are going to gain. What are the details? Well, thank you for sharing my webinar with everybody today. And I really do hope that they sign up and they come, right? I think the moment digital trust broke for everybody, it's the rules fundamentally change when we move from static, a fake email to real time synthesis, a live call, right? A live video call. Think about that. The death of trust happened the moment we can no longer rely on your eyes and ears to verify identity. That is the problem. When seeing is no longer believing, the social contract of digital communication is essentially voided. Think about that. I will tell you what they're going to learn if you come is you're going to learn some key protocols that you can do to protect your business, right? We're going to talk a lot about the human firewall. You're going to walk away with a couple of PDFs that will help your business structure and build those protocols within your environment, which I think is key, right? This is not just about me talking. This is about me showing and telling you and taking a look at what this looks like in live sense, discussing the statistics and where we're going with it. So I do appreciate you giving me this platform today to kind of share my thoughts, but also giving an opportunity to others out there to please come join, right? I think it's essential that you do this training and help yourself. But those are some of the key things that we're going to be doing on our webinar. An attitude of gratitude is good attitude. When a person shares their time with you, they share their life with you because It's the SI unit for measuring life is time. So thank you very much for sharing your life and your time today on the podcast. And thank you for helping me to achieve my goals. My goals are to educate and to motivate. And with that, I think my job is done. So I am privileged to have the best and the brightest minds of my generation to help me to achieve, you know, the two goals that I set out to achieve. So it's love and, of course, respect to you. Do you want to leave a shout out to anybody before you leave? Listen, my shout out is back at you, right? The work that you are doing fundamentally across the global stage is so valuable. And the people that you bring, I never do that, right? But the people that you bring onto your platform to share, just like me, I've listened to some of these podcasts and speakers that you've had. Valuable. Like if anybody needs to get real life direction, it's your podcast. And I don't just say that because, you know, you and I have done podcasts together. I say it because it's true. So thank you so much for giving me the open opportunity to speak today, share my current situation with everybody. And hopefully you and I will see each other in the future again. Thank you very much. It means a lot to me when people appreciate the body of work because people don't see what goes on behind the scenes. a lot of hard work, a lot of effort, a lot of investment, you know, financially, not financially, but it's always great to have that appreciation. Thank you very much once again. And of course, the audience, conceive, believe, strive to thrive and achieve. Always go for something in your life. And of course, till I come your way again, keep winning. God bless, guys.
