Black Hat 2025: Understanding the Threat of Hyper Personalized Attacks

At Black Hat 2025, David Spark of the CISO Series spoke with Bobby Ford, field CTO at Doppel (opens in new tab), about the new reality that AI has fundamentally changed social engineering attacks. What used to take hours of manual research per target now happens in seconds across thousands of victims. The human defense of traditional security awareness training is failing because "you can't recognize what's suspicious from what's legitimate with the naked eye."

Unlike traditional tools that only monitor email, Bobby highlighted how Doppel tracks attacks across multiple channels, email, social media, phone calls, and help desks, then connects the dots through a threat graph. When they identify an impersonation account on social media, they can trace it to associated phone infrastructure and take down the entire operation. Organizations need to stop asking if they're susceptible to social engineering (they are) and start measuring their susceptibility score as a metric that improves over time.

A huge thanks to our sponsor, Doppel https://www.doppel.com/platform