![](\"https:\/\/fortune.com\/img-assets\/wp-content\/uploads\/2026\/06\/55308872820_0d5bc93f86_o-e1780355598669.jpg?w=2048\")
<\/p>\n<\/p>\n
When Savannah Guthrie\u2019s 84-year-old mother was abducted in Arizona earlier this year, the FBI issued an unusual warning: in the age of AI, even a proof-of-life video can\u2019t be trusted. A kidnapper now needs little more than a LinkedIn photo and a voicemail to manufacture a convincing deepfake. The old rules of crisis response no longer apply.<\/p>\n
It was, said Sid Kosaraju, president of global security firm Crisis24, exactly the kind of threat corporations have been slow to take seriously. A hush came over the room at the Fortune COO Summit in Scottsdale as Kosaraju described the actual threat landscape that most people would rather not think about.<\/p>\n
Two years into his role, he said, he asked his own security team to run a cyber assessment. He considered himself well-protected. But his team \u2014 ethical hackers \u2014 were able to pinpoint the location of his 12-year-old daughter in two-hour increments, every day, simply by accessing her school\u2019s website and her tennis club\u2019s schedule. She doesn\u2019t even own a smartphone. \u201cThey could get into the school website. They could get into the tennis club website and pinpoint.\u201d<\/p>\n
Usually what happens, Kosaraju explained, is that threat actors target children and elderly parents. \u201cSorry to say here right in this state of Arizona, we have the Guthrie incident.\u201d These are things that the industry is wrestling with right now, he said. \u201cIt\u2019s not just the principal. It\u2019s the families that you have to protect against.\u201d<\/p>\n
The Nancy Guthrie case was, he added, what the industry calls a \u201cgrey rhino\u201d \u2014 a massive, visible, charging threat that most of us have been staring at for years and chose not to act on. It\u2019s not a \u201cblack swan,\u201d the term popularized by Nassim Taleb for unknowable, unpredictable catastrophes. A grey rhino: obvious in retrospect, ignored in the moment.<\/p>\n
That distinction, argued Kosaraju and Kroll CEO Jacob Silverman, in conversation with Fortune\u2018s Ruth Umoh, is the single most important concept in risk management that corporate America is still getting wrong.<\/p>\n
The threat is already inside your house<\/p>\n
Most executives think about security as something that happens at the perimeter \u2014 a firewall, a badge reader, a background check. Silverman, who leads one of the world\u2019s foremost corporate investigations and risk advisory firms, calls that a category error.<\/p>\n
\u201cThe weakest link is always a person,\u201d he said. \u201cAnd some of the biggest threats \u2014 purposeful or inadvertent \u2014 come from within the walls of all of our organizations.\u201d<\/p>\n
That\u2019s the grey rhino: not a sophisticated nation-state attack, but a routine online calendar, visible to anyone who looks.<\/p>\n
Silverman was blunt about what AI has done to the threat landscape: it has made deception cheap, fast, and nearly undetectable. His firm, Kroll, fields impersonation attempts constantly \u2014 fake emails, fake invoices, fake voices purporting to be him.<\/p>\n
\u201cI can\u2019t tell you how many times Jake Silverman asked for billing information,\u201d he said, by way of example. \u201cAnd now with the ability to do real deepfakes with AI, it\u2019s all that much more dangerous.\u201d<\/p>\n
The FBI\u2019s warning in the Guthrie case crystallized what security professionals have been saying for years: the proof-of-life paradigm \u2014 the foundational mechanism of kidnap response for decades \u2014 is broken. AI needs only seconds of audio or a single photograph to generate a convincing fake. Verifying that a loved one is alive, in real time, has become a genuine technical and operational challenge.<\/p>\n
The corporate implications run wider than kidnapping. When your employees, your customers, and your fellow executives can no longer assume that an email, a voice call, or a video is real, the entire architecture of organizational trust requires rethinking.<\/p>\n
What the best-prepared companies are actually doing<\/p>\n
At the Fortune 100 level, Kosaraju described an intelligence infrastructure that would have seemed excessive even five years ago: dedicated business resiliency teams staffed with former CIA and FBI analysts, feeding real-time geopolitical intelligence to C-suite executives on a continuous basis. Some executives now receive what amounts to a daily presidential brief \u2014 a document summarizing threats to their people, facilities, vendors, and supply chains, generated and synthesized by AI.<\/p>\n
Silverman\u2019s firm, Kroll, is operationalizing a similar capability. Its Resolver platform uses AI to ingest security information and help risk managers run remediations with an audit trail, cutting the lag time between detecting a breach and containing it.<\/p>\n
But here\u2019s what struck the audience: the median annual security spend on C-suite protection at the top 100 publicly listed U.S. companies was under $100,000 as recently as 2023. That figure, Kosaraju noted, has risen sharply in the two years since \u2014 but the baseline was startlingly low for organizations with global exposure.<\/p>\n
The minimum viable security stack<\/p>\n
For companies without Fortune 100 budgets, both executives converged on three affordable, underutilized baselines:<\/p>\n
Secure transportation.\u00a0Stop putting executives and board members in unvetted rideshares. The cost premium over an Uber is minimal. The protocol difference is not.<\/p>\n
Company email for everyone who matters.\u00a0Board members conducting sensitive business over personal Gmail is an unforced vulnerability that requires a policy memo, not a budget line.<\/p>\n
Always-on intelligence.\u00a0Subscription threat monitoring services \u2014 social media surveillance, reputation alerts, geopolitical feeds \u2014 are not expensive. They are simply not yet standard practice.<\/p>\n
Training, both stressed, underlies all of it. Kosaraju\u2019s firm uses a rotating verbal password system: if an employee receives a suspicious communication claiming to be from a senior executive, they call a designated number and exchange a code.<\/p>\n
Silverman closed the conversation with the frame that should unsettle every COO in the room. Threats today don\u2019t arrive in silos.<\/p>\n
\u201cWhen something is a physical threat, it usually is linked to a supply chain threat, which is linked to a business threat and linked to a cyber threat,\u201d he said. \u201cThey all come together at you at one time.\u201d<\/p>\n
For this story,\u00a0Fortune\u00a0journalists used generative AI as a research tool. An editor verified the accuracy of the information before publishing.<\/p>\n
#Grey #rhinos #black #swans #kidnapping #Nancy #Guthrie #companies #wrong #risk<\/p>\n","protected":false},"excerpt":{"rendered":"
When Savannah Guthrie\u2019s 84-year-old mother was abducted in Arizona earlier this year, the FBI issued…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[245],"tags":[4644,1386,3970,6825,13623,13621,13622,13619,749,582,13620,361],"_links":{"self":[{"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/posts\/7700"}],"collection":[{"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7700"}],"version-history":[{"count":0,"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/posts\/7700\/revisions"}],"wp:attachment":[{"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7700"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7700"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7700"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}