Across the globe, financial hubs are facing a new class of cyber threat: deepfake as a service. What began as crude impersonations has evolved into industrialised deception with AI-generated voices authorising fraudulent payments, synthetic executives joining video calls and cloned identities breaching onboarding systems.
The attackers are no longer lone operators; they are running agentic AI systems capable of probing, adapting and scaling faster than any human team can respond. This new security reality boils down to agent versus agent.
“Human analysts simply cannot keep pace with AI-powered adversaries anymore. The only viable defence is to meet bad AI with good AI, in the form of autonomous, governed, enterprise-grade agents that work at machine speed,” says Cliff de Wit, Chief Innovation Officer at Accelera Digital Group (ADG).
In response to this rapidly evolving threat landscape, models like Anthropic’s Claude Mythos can autonomously discover thousands of zero‑day vulnerabilities and generate full working exploits within hours. It can even chain vulnerabilities together and reverse‑engineer closed‑source binaries, capabilities that previously required elite human expertise.
The threat landscape has shifted to machine speed
The Google Cloud AI Agent Trends 2026 report highlights the alarming fact that security teams are drowning in data. Eighty-two percent of security operations centre (SOC) analysts fear that they are missing real threats due to alert overload.
Attackers exploit this fatigue with AI agents that can generate polymorphic malware, craft personalised phishing and execute multi-step intrusions without human intervention.
Deepfake as a service is the latest evolution. Criminal networks now offer subscription-based impersonation kits, complete with cloned voices, synthetic documents and real-time video puppeteering, specifically targeting banks, insurers, fintechs and regulators.
“These aren’t just deepfakes, they’re automated fraud engines. They run reconnaissance, generate synthetic identities and adapt their tactics in real-time. A human-only SOC is outmatched before the fight even begins,” says De Wit.
Why automation is the modern CISO’s lifeline
Google Cloud’s Agent Trends report says AI agents are transforming security from alerts to action. Unlike traditional security, orchestration, automation and response (SOAR) tools, agentic systems can reason, act, observe and adjust, closing the loop autonomously.
As such, AI agents are increasingly being harnessed to help with tasks like vulnerability discovery, as well as alert triage and investigation.
“CISOs are no longer measured by how many analysts they hire, but by how much risk they can eliminate per dollar. AI agents give them leverage, creating true defensive scale,” comments De Wit.
Ideally, modern enterprises’ approach to security should mirror the agentic SOC model described in the Google Cloud report, where specialised agents collaborate across the security life cycle. The report notes that 46% of organisations with AI agents already use them for security operations.
“Think of it as a digital security team that never sleeps, never gets fatigued and never misses a pattern. Humans remain the strategists, while AI becomes the shield,” says De Wit.
Why financial hubs must act now
Regional financial centres around the globe are uniquely exposed. They operate high-value transaction flows, complex identity ecosystems and cross-border regulatory obligations. Deepfake as a service exploits all three.
The Google Cloud report warns that AI is expanding the enterprise attack surface and that security teams must become deeply bilingual in both AI and security. The organisations that adopt agentic defence early will set the regional standard for trust, compliance and resilience.
“Unfortunately, this is not a future problem; it’s a right-now problem. We have seen that the attackers have already automated, so the defenders must do the same,” De Wit emphasises.
Human-only security is no longer viable. CISOs must orchestrate a hybrid defence that consists of human judgment amplified by autonomous agents capable of matching adversaries at machine speed.
The CISO’s role is no longer to manually defend every perimeter, but to orchestrate intelligent agents that detect, decide and act faster than attackers can adapt. This is the new equilibrium, and the winners will be those who embrace automation not as an efficiency upgrade, but as the foundation of cyber resilience.
Share
ADG
ADG is a global strategic technology firm that helps organisations scale intelligently, efficiently and securely. With teams across Africa, the Middle East and Europe, and recognised as Google Cloud Partner of the Year for Africa (2025), the company combines world-class engineering with deep business understanding.
ADG operates through three integrated models: Advisory, Implementation and Managed Services. Each can stand alone, but together they deliver the greatest impact by shaping strategy, executing with precision and sustaining long-term value.