Episode 3

Öykü Işık on Cybersecurity, AI Risk & Governance

How to protect your organization in an era of deepfakes, generative AI, and data regulation.

Listen wherever you get your podcasts

The digital threat landscape is expanding – and so is your responsibility. In this episode, cybersecurity professor Öykü Işık shares why AI is both your best friend and worst enemy, and how to build real resilience in 2025.
  • Listen on Spotify
  • Listen on Apple Podcasts
  • Watch on YouTube

Episode Summary

Cybercrime-as-a-service. AI-generated deepfakes. Jailbroken LLMs. In this urgent conversation, cybersecurity expert and IMD professor Öykü Işık helps us make sense of the new threat landscape facing every organization.

From how attackers exploit generative AI to the hidden risks of fine-tuning your own LLM, we unpack the new realities of governance, regulation, and digital trust. Whether you're a CIO, CISO, or simply trying to make smarter AI decisions, this episode offers essential guidance to stay ahead of the risks.

What We Cover

  • • Cybercrime-as-a-service is growing fast – ransomware and phishing are now available on-demand to attackers without coding skills.
  • • Deepfake threats are evolving – including high-stakes impersonation of CEOs and CFOs in real-time Zoom calls.
  • • The biggest vulnerability is human behavior – and awareness isn’t enough. Culture change is the best ROI.
  • • AI is both weapon and defense – attackers use it, but so should defenders, especially with real-time detection and pattern recognition.
  • • Trust and governance are essential – many organizations underestimate the risks of bias, hallucination, or proprietary IP leakage in LLMs.
  • • The EU AI Act is coming – and will enforce strict rules by risk level. Transparency, data sourcing, and audit trails will become mandatory.
  • • Executives must rethink resilience – it’s not about preventing every breach, but about reacting well when they happen.

About Öykü Işık

Öykü Işık is a Professor of Digital Strategy and Cybersecurity at IMD Business School. Her teaching and research focus on cybersecurity, AI governance, and digital ethics. With a background in advising global companies like MasterCard and BNP Paribas Fortis, she helps executives navigate complex challenges at the intersection of data protection, regulation, and responsible technology use. At IMD, she leads programs that equip senior leaders to treat cybersecurity not just as a technical issue, but as a core strategic and business imperative.

Full Transcript

Expand below to read the full transcript