Technology

Igor Bederov: "Mature Cyber Defense Starts with a Simple Thought: We Are a Target"

11 de julio de 2026Diego Herrera9 min

Today's cyberattacks increasingly target not only infrastructure but also management. A single incident can simultaneously impact IT security, public relations, legal teams, contractors, top management, and critical business processes. In a recent interview, Igor Bederov, Chairman of the Council for Counteracting Technological Offenses at the Russian National Security Council, discusses how to leverage Large Language Models (LLMs) without losing control over decisions, protect against deepfake attacks, use OSINT to seize initiative, and why businesses need incident response exercises that transform not just software versions but the entire system's behavior.

Where do LLMs provide real value in SOCs today?

LLMs are already helping Security Operations Centers (SOCs) work faster and more efficiently. One of the most laborious tasks in a SOC is processing the immense flow of alerts from SIEM, EDR, network sensors, and other systems. Many of these are false positives, but each requires verification. LLMs assist here by classifying alerts by incident type, identifying key Indicators of Compromise (IoCs), and drafting initial reports based on raw logs. This allows analysts to receive structured summaries with hypotheses rather than just raw data, enabling them to focus on truly complex cases. LLMs also automate reports for management or regulators.

Another crucial task solved by LLMs is accelerating investigations through natural language processing. This lowers the entry barrier for new employees, allows quicker hypothesis testing, and reduces errors from syntax typos. Analyzing reports and open sources with LLMs also becomes more effective by summarizing data and identifying mentions of new techniques.

Furthermore, LLMs can generate or adapt playbooks (response algorithms) on the fly for specific incidents or staff training. This is particularly valuable given the shortage of experienced SOC analysts, as the model acts as a "smart assistant" offering best practices.

What new risks do LLMs in SOCs create?

While LLMs can process queries and data faster than humans, their conclusions aren't always accurate. LLMs trained on general data may lack a nuanced understanding of cybersecurity. This can lead analysts to either become complacent due to constant noise or, more dangerously, blindly trust the model's outputs.

For effective operation, LLMs require continuous training on up-to-date data, including internal SOC sources. However, if a model is trained on data containing details of real attacks, attackers could extract this information via prompt injection or other methods. Moreover, adversaries can inject biased data into the training set to force the model to ignore specific attack types.

Many commercial LLMs function as black boxes, meaning their decision-making logic is opaque. Consequently, an analyst cannot understand why a model classified an event as a threat. Without this transparency, verifying the output and making an informed decision is impossible. If a decision is based solely on an LLM's "opinion," substantiating its validity becomes nearly unfeasible.

Attackers are already employing LLMs. If a SOC relies on LLMs without considering this threat, it risks falling behind as the speed and scale of attacks could overwhelm defense capabilities.

How does AI integration change decision-makers' responsibilities?

Modern AI-powered systems can process vast amounts of data in real-time. For instance, they can analyze logs from hundreds of servers and network devices, detect anomalies that a human analyst might miss amidst data "noise," classify incidents by criticality using machine learning algorithms, automatically perform routine actions like isolating infected nodes, blocking suspicious IP addresses, or initiating backups, and predict attack evolution based on historical data and IoCs.

Crucially, the responsibility of managers and specialists does not diminish; it shifts, emphasizing strategic and oversight functions. Ultimately, even the smartest system is merely a tool in the hands of an experienced captain who charts the course and bears responsibility for the vessel.

Deepfake threats and mitigation for businesses

Just a few years ago, deepfakes were seen as amusing technology for creating viral videos. Today, they are a powerful tool for cybercriminals, no longer exotic but a real threat to businesses. This threat encompasses various forms of voice and video fraud, reputational attacks, insider manipulation in financial markets, next-generation social engineering and phishing, and the compromise of negotiations and transactions.

To mitigate these risks, companies should review and strengthen several processes, including multi-factor authentication, continuous cybersecurity training for employees, robust technical protection measures, vigilant monitoring, regular auditing, comprehensive incident response plans, and strict internal communication protocols.

Underestimated risks when AI is an attack target

Cybersecurity often focuses solely on protecting servers and networks, with AI logic frequently regarded as a "black box" that doesn't require additional protection.

One of the most insidious and underestimated attack vectors is the substitution or distortion of training data for a model. The danger lies in the fact that consequences might only surface months later, as the model will operate normally in most cases but will malfunction or execute a malicious command under specific, predefined conditions. Detecting such an infection is challenging because it masquerades as statistical noise.

The second risk involves evasion attacks, where the goal is to deceive an already trained model by feeding it specially modified data. A classic example is subtle changes in an image that cause a neural network to misidentify a panda as a gibbon.

Thirdly, there's model extraction, where an attacker "copies" someone else's AI system by repeatedly sending queries and analyzing responses. This risk grows with the proliferation of API access to models. Often, owners fail to monitor anomalous query patterns, presuming an open access point is inherently secure.

Other risks include data inversion, supply chain attacks, and novel forms of social engineering.

The practical perimeter of AI and ML system protection

The protection perimeter for AI and ML systems is currently formed across multiple layers, encompassing the entire lifecycle of models—from data collection to operational deployment. This includes the data itself and dataset preparation, model development and training, deployment and operation, infrastructure, and supply chains, and finally, incident response.

Notably, new requirements for AI system security in the public sector will come into effect in Russia on March 1, 2026. These mandate protection against unauthorized data access, prevention of system interference, prohibition of using confidential government data for model training, and control over user interaction with AI, including restricting data input/output and verifying the veracity of responses.

Signs of an effective Security Awareness program

It's crucial to understand that Security Awareness is a continuous process, not a one-time training event. A direct indicator of success is a significant drop in the percentage of employees falling for phishing attempts after program implementation (e.g., from 30% to 5%). Concurrently, employees begin actively reporting suspicious emails, links, or calls to the IT security department. People not only know the rules but actively follow them. Top management participates in training and sets an example for adhering to IT security rules. Finally, program materials are regularly updated to reflect new threats.

Interacting during an information attack

Success in such a situation hinges on one factor: the speed of decision-making based on verified data. Management must instantly delegate authority to a small group or a specific individual (e.g., the Director of Communications or COO). Avoid convening large meetings where everyone tries to assert their own agenda. The optimal interaction structure is as follows: IT security presents the facts, legal outlines the red lines, PR drafts communications within those boundaries, and management authorizes the specific course of action without deviation.

What must be avoided? Conflicts between PR and legal, independent actions by IT security, and a complete disregard for legal opinions. During an information attack, chaos often arises precisely from the disconnect between these three functions. To prevent this, interaction should be structured like a clear assembly line, not a meeting of equals.

The practical value of OSINT for corporate security

Many still perceive OSINT (Open Source Intelligence) as something from the realm of espionage or individual data extraction. In practice, for corporate security, OSINT is primarily a self-diagnostic tool. Its practical value is enormous, but it lies not in finding zero-day vulnerabilities, but in analyzing the perimeter you may not even be aware of.

Its value comes from the ability to see yourself through the attacker's eyes before they even act. We constantly discover corporate email leaks in public dumps, forgotten code repositories on GitHub, insider information on forums, or, even worse, active employee sessions exposed on open darknet markets.

If a security service doesn't monitor these vectors, it's not just blind; it's ignoring the fact that someone has already bypassed the perimeter and is quietly waiting inside for the opportune moment. The practical value of OSINT today is the ability to seize the initiative. It's about proactive defense, not merely reacting to an already accomplished fact.

Useful pentests vs. formal checks

The market is saturated with "penetration testing" offers, and most companies settle for formal checks. A formal pentest is like an exam where the student knows the answers. The company receives a PDF, files it, and carries on until next year.

A truly useful pentest or Red Team exercise is a sparring match. It's not just a vulnerability check; it's a test of people and processes. A good Red Team won't simply bash against the firewall. They'll start with phishing attempts targeting accounting staff, searching for open RDP sessions on the dark web, or analyzing physical and digital trash bins. They won't just try to breach a wall; they'll look for an unlocked door or try to persuade a secretary to open it.

You merely read a formal report, but after a beneficial exercise, your interaction protocols with contractors change, employees stop opening suspicious emails, and administrators start using two-factor authentication for RDP. It's the system's behavior that changes, not just the software version.

The most impactful incident response drill scenario

To truly shake up not just the IT security department but also development, finance, and production directors, the scenario must hit finances and reputation hard. Today, a scenario built around a supply chain incident or the compromise of a critical business process or outsourced service would yield the maximum practical effect.

For example, imagine attackers compromising not your headquarters, but your logistics partner through whom all customer shipments flow. Or they alter blueprints in a cloud service used by your design bureau. Trucks are stalled at the border, factory machines produce defective goods, and the security service doesn't even know where to begin because it's not their software or their servers.

This forces business stakeholders to consider for the first time that IT security risks are their risks. Such a scenario immediately exposes all vulnerabilities in contractor interactions, the legal integrity of contracts, and real disaster recovery efforts when there's no access to "someone else's" server holding your data.

The most dangerous self-deception in cyber defense

The most dangerous self-deception I encounter in companies is simply: "This won't affect us; we're not interesting to anyone." Under this premise, people cut corners on protection, neglect software updates, fail to train employees, and purchase the cheapest antivirus.

However, today's attacks operate like an assembly line. Attackers aren't hunting for you personally. They automatically scan the internet for any open RDP ports, any unpatched vulnerable servers, or any leaked passwords. You become a victim not because you are interesting, but because you are accessible. Mature cyber defense begins with the simple thought: "We are a target." If only because we are connected to the Internet.