FBI: strengthen authentication, run tabletop exercises and use AI defensively

Leatherman, Blanchard and Bridal urged organizations to adopt phish-resistant multifactor authentication, train staff against AI-enabled impersonations, and practice incident response with tabletop exercises that include legal and law-enforcement partners.

"We definitely encourage organizations to move away from SMS," Blanchard said, recommending hardware tokens such as YubiKey or RSA and platform-backed device keys where available. Leatherman added that authenticator apps are preferable to SMS when hardware keys are not feasible.

Panelists warned that AI is being used to scale phishing and produce realistic impersonations. "We're currently working investigations in which nation state adversaries are using LLMs and other AI platforms to generate very realistic phishing emails," Blanchard said. They recommended scoped defensive uses of AI—such as targeted perimeter scans for CVEs and anomaly detection on privileged-authentication logs—to act as force multipliers for defenders.

Speakers emphasized operational preparedness: include counsel in pre-incident planning to clear legal sharing of indicators, assign clear ownership for third-party risk, and rehearse crisis communications. Bridal highlighted CISO Academy and executive summits as venues where industry can learn what the FBI does and how shared information is handled.

"I would argue you're also doing tabletop exercises with them in advance," Leatherman said, adding that pre-incident relationships help speed evidence preservation and reduce revictimization when incidents occur. The panel directed listeners to IC3, CISA advisories and FBI Cyber Division channels for published guidance and alerts.