Social Engineering Is About to Be the Only Game in Town

AI is hardening every other layer of the security stack at machine speed, shrinking the traditional attack surface and pushing motivated adversaries toward the last dependable entry point: the user.

For decades, attackers relied on unpatched vulnerabilities, misconfigurations, exposed credentials, supply‑chain weaknesses, application flaws, protocol gaps, and human error. Defenders improved across nearly all of those areas. Human behavior was the exception.

Now, vulnerability discovery and remediation are no longer limited by human speed. Agentic AI systems can inspect code, test hypotheses, surface flaws, and increasingly help patch them far faster than manual teams. Where attackers once found new bugs about as quickly as defenders patched old ones, defenders are starting to pull ahead. The technical attack surface is collapsing.

When attackers’ favorite vulnerabilities start closing faster than new ones surface, attackers do not retire. They pivot to whatever still pays. As Jason Calacanis put it on the All‑In Podcast this month, “the remaining attack vectors are just going to be human factors,” pointing to the user with a sticky‑note password and the executive whose habits make the next breach engineerable. When software resilience improves at machine speed, the weak link snaps back into focus: the user.

The User Is the Only Reliable Point of Entry

The real attack surface has always been the user. For years, the vast majority of security incidents have stemmed from user interactivity. Social engineering has been the dominant entry point in enterprise breaches for as long as the industry has measured it. Software was an issue too, and software got real defense. The User Layer got security awareness training – a fake solution to a problem that has produced an outsized share of the damage.

Meanwhile, AI is hardening software at machine speed. Anthropic’s Claude Mythos reportedly found thousands of high‑severity zero‑days across major operating systems and browsers, including a 27-year-old bug in OpenBSD. OpenAI has rolled out agentic security tooling that identifies, validates, and patches vulnerabilities inside real codebases. What used to take research teams years is starting to happen in weeks.

Attackers have AI of their own, and they're using it to improve both software exploitation and human exploitation. The difference is that software defenses are compounding faster. Organizations can harden code, patch vulnerabilities, and automate technical controls in ways that materially shrink the traditional attack surface.

Users are different. Trust cannot be patched. Judgment cannot be standardized. Behavior cannot be hardened with the same reliability as software.

As technical defenses improve, the relative value of manipulating the user goes up. Attackers can run real‑time campaigns tailored to specific roles and employees across the workforce, using deepfakes, synthetic identities, and voice clones that sound like a trusted executive. User risk is rising, not shrinking. The User Layer is the most dynamic and vulnerable layer in any organization – and it remains the one that most reliably pays off for determined adversaries.

The pattern is already visible in major incidents:

• A deepfake video call impersonating a CFO and colleagues cost Arup’s Hong Kong office ~$25 million.
• A vishing campaign by Scattered Spider against MGM Resorts’ IT help desk contributed to more than $100 million in losses.
• At Retool, a smishing campaign paired with a deepfake voice impersonating IT staff compromised 27 customer accounts, including ~$15 million stolen from one victim.

Different industries. Different channels. Same layer.

As The Wall Street Journal put it: “Companies have spent billions of dollars trying to reduce cyber threats, but hackers continue to find new ways to exploit human vulnerabilities.”

The Modern Social Engineering Playbook

A modern social engineering attack no longer looks like a single phishing email landing in a single inbox. It looks like a coordinated campaign: multi‑channel, machine‑orchestrated, calibrated to a specific target inside a specific role, and delivered across every communication channel employees rely on.

1. Reconnaissance at machine speed

An agent scrapes the target’s LinkedIn, public posts, press mentions, and prior breach data. Within minutes it has a working dossier: communication style, direct reports, travel calendar, vendors, and the finance team’s wire‑approval workflow. The same pipeline runs across thousands of targets and ranks them by how engineerable they are.

2. Voice and video synthesis from public material

From a few minutes of public audio – a podcast, webinar, or keynote – the agent builds a real‑time voice clone good enough to pass internal verification. Add a few photos and it generates a deepfake video that holds eye contact, mirrors expressions, and survives a Zoom call.

3. Multi-channel attack delivery

The campaign opens with a calendar invite from the “CFO’s executive assistant,” domain spoofed convincingly. A Slack message from a trusted colleague reinforces it. Then the “CEO” calls the target’s mobile phone with a synthesized voice and a five‑sentence pretext naming the project, vendor, and urgency. Each channel looks independent. None of them are.

4. Credential or wire extraction

By this point, the user has almost no reason to refuse. Whether the goal is a wire transfer, MFA reset, or internal access, the request has been corroborated across every channel they checked. No static training overrides that level of corroboration. The wire goes out. The MFA prompt is approved. Lateral movement begins before telemetry surfaces an anomaly.

Why Most CISOs Aren’t Ready

Most CISOs are unprepared for the shift already underway because the User Layer never made the transition that every other part of the security stack completed years ago: the move from static, calendar‑based programs to continuous, signal‑driven, dynamic defense.

Networks evolved from firewalls to NDR, analyzing traffic continuously.

Endpoints evolved from antivirus to EDR, detecting behavior in real time.

Identity evolved from passwords to ITDR, monitoring anomalies as they occur.

Data evolved from regex rules to behavioral DLP, adapting to context.

Every layer modernized by replacing one‑size‑fits‑all controls with systems that learn, adapt, and respond dynamically. The User Layer is the only layer still running an outdated operating model: annual training, quarterly phishing simulations, click‑rates, and uniform content delivered to a workforce with wildly different risk profiles.

A finance lead, a junior engineer, and a remote contractor face radically different levels of exposure – yet they receive the same training, the same simulations, and the same expectations for vigilance. Meanwhile, attackers are running multi‑channel, AI‑orchestrated campaigns tailored to each user’s role, habits, and emotional state.

The attack surface is moving from silicon to psychology, and it is moving faster than most security programs are built to track. CISOs who treat this as a future problem are already behind, because the same AI that is hardening the software stack is the AI calibrating the social engineering attacks targeting their workforce – and both are operating at machine speed.

What It Takes to Outpace Modern Social Engineering

Preventing social engineering and insider threat across every channel demands a dynamic approach to measuring, prioritizing, and reducing User Risk.

Dune Security’s User Adaptive Risk Management platform treats user risk the way a bank treats credit risk. Rather than relying on outdated metrics like training completion or phishing click rates, Dune continuously analyzes behavioral and contextual signals to generate a real-time risk score for every user.

That score is built from five core inputs:

1. Business Impact: Each user’s role, level, and function, used to calculate the potential breach impact on the organization.
2. Attack Simulation Agent: Social engineering tests across spear phishing, SMS (smishing), voice call (vishing), and encrypted-channel attacks.
3. Training Agent: User engagement and sentiment across just-in-time compliance, role-based, and org-specific training.
4. External Security Integrations: Unlimited signals from your security stack (IAM, SEG, EDR, DLP, HRIS, and more), correlated into a single, continuously updated view of each user’s real-world exposure.
5. Flexible Weights: Security teams control how attack activity, training, signals, and business impact weight each user’s risk score.

Security leaders gain actionable insights through automated and executive reporting and exposure prioritization. Effort concentrates on the users who truly drive risk, while employees benefit from tailored interventions that protect without unnecessary friction:

• Low-risk users (~70%) experience minimal disruption and can focus on their work.
• Moderate-risk users (~25%) receive targeted training and coaching to reduce risk.
• High-risk users (~5%) face maximum escalations via the Remediation Agent - performance management paths, restricted access enforcement step-ups, including performance management pathways, restricted access enforcement, and intensified training.

The User Layer can be defended like the rest of the stack. Or it can keep paying out for attackers. The teams who win will be the ones who treat the User Risk with the same rigor every other Layer receives.