CIO Influence Interview with Nicolás Chiaraviglio, Chief Scientist at Zimperium

Nicolás Chiaraviglio, Chief Scientist at Zimperium, chats about deep learning for malware and phishing detection,  benefits of leveraging AI models to detect and prevent emerging threats, biggest challenges in AI-driven cybersecurity, and more in this Q&A:

——————

Hello, Nicolás. Share a bit about your journey and what led you to your current role as Chief Scientist at Zimperium. 

My journey to becoming Chief Scientist at Zimperium began at the intersection of high-performance computing and security. After university, I was involved in teaching HPC courses—first at universities in Argentina and later in Spain—while also managing the security of these complex systems. During this period, I was already exploring applications of machine learning—a field that would become central to my career. 

I joined Zimperium’s zLabs as an individual contributor, where I found the perfect opportunity to combine my expertise in . My primary focus was developing innovative ways to apply machine learning to solve pressing security challenges. While in this role, I helped with the creation of our advanced malware and phishing detection engines, along with several other critical detection systems.

My multidisciplinary background—spanning problem-solving, artificial intelligence, cybersecurity, and high-performance computing—provided me with the comprehensive perspective needed to eventually lead zLabs. Now, as Zimperium’s Chief Scientist, I leverage this diverse expertise to guide our research and development initiatives.

Also Read: CIO Influence Interview with Adam Geller, Chief Product Officer of Zscaler

Deep learning has been a game-changer in many fields. How does it enhance malware and phishing detection compared to traditional security approaches?

Deep learning has fundamentally transformed malware and phishing detection by addressing key limitations in traditional security approaches.

Traditional detection methods typically rely on signatures, heuristics, and rule-based systems. While effective against known threats, these approaches struggle with novel attacks and variants, requiring constant manual updates and suffering from high false positive rates when tuned for sensitivity.

Deep learning enhances detection in several crucial ways:

• First, it excels at pattern recognition across massive datasets, identifying subtle malicious indicators that might escape rule-based systems. This allows for detection of zero-day threats without prior exposure to specific attack signatures.
• Second, deep learning models can analyze multiple data dimensions simultaneously – analyzing code structure, behavior, text and visual elements in a unified way rather than through separate detection mechanisms.
• Third, these models continuously improve through exposure to new data, adapting to evolving threat landscapes without requiring manual rule creation. This self-improving capability is particularly valuable given the rapid pace of attack evolution.

In our work at Zimperium, we’ve been using deep learning for years in the field of malware and phishing detection. This allows us to detect more complex patterns than using traditional ML and heuristics. Moreover, we’ve optimized our models to run on-device models, providing strong detection capabilities in a privacy-centric manner. 

One of the biggest challenges in AI-driven cybersecurity is reducing false positives while maintaining high detection rates. How do you strike that balance at Zimperium?

We use a combination of techniques: 

• Fine tuning our models to be aggressive enough, but without exceeding an acceptable false positive threshold. 
• Constant retraining of the models to quickly learn from past mistakes. 
• High QA standards prior to releasing models. 
• The use of traditional heuristics in combination with more advanced approaches allows us to catch low hanging fruit.
• Mechanisms to quickly review and mitigate potential false positives. 

Mobile phishing (mishing) is a growing threat. What are some of the most concerning trends you’re seeing in this space, and how does Zimperium help combat them?

We see sophistication in the delivery methods of phishing sites. As an example, we recently blogged about a new technique to hide links in a PDF that bypassed all security vendors. At Zimperium we are constantly monitoring for new vectors and designing solutions to detect them. 

There is a rise in mishing attacks distributed through SMS, PDFs (sometimes also delivered through SMS) and QR codes (for example impersonating payment platforms in public places). Zimperium’s MTD has solutions tailored to each of these vectors. 

Zimperium leverages AI for autonomous security. Can you share insights into how AI models are trained to detect and prevent emerging threats in real time?

At Zimperium, our approach to AI-powered security centers on detecting behavioral patterns of malicious activity rather than relying solely on known threat signatures. This fundamental shift allows us to identify emerging threats that haven’t yet been named or cataloged.

Our AI models are trained on diverse datasets encompassing multiple dimensions of behavioral characteristics. We analyze operating system and network statistics that might indicate exploitation attempts and malicious activity in the network. 

The training process involves exposing our models to both benign and malicious behaviors across thousands of devices and millions of sessions. This creates a robust understanding of what “normal” looks like across different environments, allowing the AI to flag deviations that represent potential threats.

What makes this approach particularly effective for real-time protection is that we don’t need to wait for a threat to be formally identified and categorized. The moment a behavior exhibits malicious characteristics—even if it’s a completely novel attack—our system can detect and respond to it. This gives us a critical advantage in addressing zero-day vulnerabilities and sophisticated attacks designed to evade traditional detection methods.

Also Read: CIO Influence Interview with Kirsty Paine, Field CTO & Strategic Advisor of Splunk

Finally, what advice would you give to aspiring data scientists and AI researchers who want to specialize in cybersecurity?

Cybersecurity is a rapidly evolving field that has many opportunities to be tackled using modern AI techniques. Learning the fundamentals of both fields will give researchers a set of tools that can create a significant impact. My advice would be:

First, develop a strong foundation in both domains. Understand core security concepts like threat modeling, attack vectors, and defense mechanisms while simultaneously building expertise in machine learning fundamentals. The intersection of these disciplines is where the most innovative solutions emerge.

Second, focus on practical problem-solving. The most effective security researchers aren’t just theoreticians—they understand real-world threats and constraints. Work with actual datasets, participate in capture-the-flag competitions, and analyze real malware samples to develop an intuition for how attacks operate.

Third, cultivate interdisciplinary collaboration. The most challenging security problems require diverse perspectives. Learn to communicate effectively with both technical and non-technical stakeholders, and appreciate the insights that come from different backgrounds.

Fourth, stay persistently curious. Both cybersecurity and AI fields evolve at a fast pace. Commit to continuous learning through research papers, open-source projects, and industry developments. What works today may be obsolete tomorrow.

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]