Phishing Scores Will Be Gone in 18 Months: The Future of Social Engineering

Would tracking phishing click-scores become an obsolete security metric in the next within the next 12 to 18 months? We spoke to Bobby Ford whose been a CISO at various organizations and now is a Chief Strategy & Experience Officer at Doppel.

We spoke about why the age of recognizable, generic phishing emails is over and what the future of social engineering defense looks like in a world powered by AI.

We explored how generative AI has created a new class of hyper-personalized, multi-channel attacks that happen at a speed and scale never seen before. We discuss why traditional security awareness training employees to spot a suspicious email is failing when you can no longer trust your own eyes and ears.

Bobby shares a new blueprint for defense, arguing that it now "takes AI to defeat AI". Learn about the shift from measuring phishing clicks to understanding your organization's overall "social engineering susceptibility" and why the ultimate goal is the preventative takedown of malicious infrastructure before it ever reaches an employee.

Questions asked:

• Introduction
• Who is Bobby Ford? Soldier, Philosopher, CISO (opens in new tab)
• Social Engineering in 2025: When You Can't Trust Your Senses
• The New AI Attack: Hyper-Personalized & Multi-Channel
• Why Phishing Scores Will Be Obsolete in 18 Months
• Are Executives Still the Target? The Pivot Point Strategy
• Why Traditional Social Engineering Defenses Are Failing
• Scattered Spider: The "Not One Size Fits All" Attack
• The New CISO Metric: Social Engineering Susceptibility
• A New Defense: Preventative Infrastructure Takedowns
• Beyond "Check the Box": Holistic Security Awareness
• Gaining Visibility Across All Channels (Including SMS)
• Final Questions: From Scraping Stickers to Michelin Stars