Close
    Share
    Facebook Facebook icon Twitter Twitter icon LinkedIn LinkedIn icon Email
    Deepfake-Detected-Featured

    Artificial Intelligence

    The deepfake CEO: Why leadership teams may have a false sense of security

    by Öykü Işık Published May 22, 2026 in Artificial Intelligence • 5 min read

    Effective defense against deepfakes depends on how CEOs shape behavior, communication, and decision-making under pressure, says Öykü Işık.

    Generative artificial intelligence (GenAI) can now produce highly convincing audio and video that can impersonate senior C-suite and board members, potentially creating chaos with fabricated instructions. Research into identity fraud found that, in 2024, a deepfake attempt occurred every five minutes.

    Executive impersonation used to trigger urgent payments or extract credentials has long been a favored tactic in areas such as financial fraud. GenAI lowers the cost, increases the credibility, and expands the scale on which this tactic can be deployed. In 2024, it emerged that criminals had attempted to use AI-generated audio to impersonate the CEO of WPP, the global advertising company, demonstrating that scammers now have many tools to impersonate those in authority.

    Organized criminal groups use deepfakes to enable fraud and extortion. Ideologically motivated groups deploy disinformation to damage reputations or disrupt markets. Nation-states use similar techniques for espionage or political destabilization. Motives differ, but the mechanism is consistent: exploiting trust in senior leadership and often generating a sense of urgency to reduce time for consideration.

    Leadership as a line of defense

    Deepfake attacks succeed not simply because the technology is convincing, but because organizations are conditioned to respond quickly to senior authority. A request from the CEO (particularly if it is urgent or confidential) will typically be met with haste to comply, rather than questioning with skepticism.

    This is where leadership behavior can become a practical line of defense. Employees should be conscious of how senior leaders usually operate: how they communicate, whether they are prone to making unpredictable requests, and how they expect people to respond under pressure. The clearer those patterns are, the easier it is to spot when something does not fit.

    An incident at Ferrari illustrates this dynamic. An executive received messages and calls, apparently from the CEO, urging rapid action on a confidential transaction.

    The impersonation was highly convincing. What prevented a costly mistake was not a detection tool, but judgment shaped by experience: the executive recognized that the request was out of character and paused to verify it using personal details only the real CEO could provide.

    More than simply individual alertness, this response reflected an environment in which caution and verification were encouraged as responsible behavior. In a more opaque or rigidly hierarchical organization, it might have seemed riskier to delay the response.

    Tone at the top and permission to verify

    For employees, the key question in moments of pressure is not whether a policy exists, but whether their leaders permit them to slow things down.

    That permission must be explicit. Employees need to know that questioning unusual requests (even those that appear to come from the CEO) is acceptable and encouraged. They need to know that seeking verification, even if it delays matters, will not negatively affect their career prospects. Training and controls help, but they are reinforced only when leaders consistently signal that accuracy and security matter more than speed.

    Where senior leaders fail to articulate their expectations around security, the resultant uncertainty among employees plays into the hands of impersonators. Where leaders make it clear that verification is an important and expected safeguard, deepfake attacks become harder to execute.

    Scenario-based exercises help close this gap.

    Preparedness through rehearsal

    Most organizations have incident response plans, but far fewer have stress-tested how a deepfake or executive impersonation attempt would unfold in practice.

    In real incidents, payments are often authorized, or confidential information shared, hastily, with confirmation only sought afterwards (if at all). This is where it can be dangerous if people are conditioned to focus on the speed of response.

    Scenario-based exercises help close this gap. Rehearsing realistic situations, such as urgent calls involving unexpected instructions, allows teams to practice stopping, verifying, and escalating before exposing organizational security. It also highlights where protocols are unclear or impractical.

    Preparedness is reinforced by repetition. Organizations rarely perform well in situations they have never rehearsed.

    In an era of convincing digital impersonation, silence at the top can dangerously amplify vulnerability.

    A governance issue, not just a cyber-risk

    Deepfakes sit at the intersection of cyber-risk, financial risk, and reputational risk, meaning responsibility should not rest solely with IT or security teams.

    Boards should be asking the difficult questions: not only whether controls exist, but whether leadership behavior reduces or amplifies risk; whether escalation paths are credible; and whether scenarios have been thoroughly practiced, rather than merely documented. Effective oversight relies on the vigilance of the entire workforce. As such, it depends as much on internal dialogue and trust as on formal reporting.

    In an era of convincing digital impersonation, silence at the top can dangerously amplify vulnerability. Leadership presence, clarity, and engagement are no longer peripheral to risk management. Rather, they are central to it.

    Authors

    Öykü Işık

    Professor of Digital Strategy and Cybersecurity at IMD

    Öykü Işık is Professor of Digital Strategy and Cybersecurity at IMD, where she leads the Cybersecurity Risk and Strategy program and co-directs the Generative AI for Business Sprint. She is an expert on digital resilience and the ways in which disruptive technologies challenge our society and organizations. Named on the Thinkers50 Radar 2022 list of up-and-coming global thought leaders, she helps businesses to tackle cybersecurity, data privacy, and digital ethics challenges, and enables CEOs and other executives to understand these issues.

    Related

    Learn Brain Circuits

    Join us for daily exercises focusing on issues from team building to developing an actionable sustainability plan to personal development. Go on - they only take five minutes.
     
    Read more 

    Explore Leadership

    What makes a great leader? Do you need charisma? How do you inspire your team? Our experts offer actionable insights through first-person narratives, behind-the-scenes interviews and The Help Desk.
     
    Read more

    Join Membership

    Log in here to join in the conversation with the I by IMD community. Your subscription grants you access to the quarterly magazine plus daily articles, videos, podcasts and learning exercises.
     
    Sign up
    X

    Log in or register to enjoy the full experience

    Explore first person business intelligence from top minds curated for a global executive audience

    Register NowSign in