Bizarre moment at Berkshire’s annual meeting spotlights cyber risk

A version of this article first appeared on TKer.co

Berkshire Hathaway’s annual shareholder meeting was destined to be interesting as the first without its now-retired CEO, Warren Buffett, MC’ing the event.

But Buffett, who remains chairman of Berkshire’s board, made a few cameos. One of them was pretty eerie.

Kicking off the Q&A on Saturday morning, the spotlight went to a video where “Warren from Omaha” asked the first question:

Hi. My name is Warren from Omaha. I’ve recently undergone, let’s call it, a significant change in role. And I have, well, let’s just say, a not insignificant portion of my net worth tied up in Berkshire stock. Now, Greg, I’ve been watching this company for a while, a long time, a very long time. And I’ve been telling people that I have no intentions of selling a single share, not one. So my question is a simple one. I’m 95 years old. I’ve got nothing but time and Cherry Coke. And I want to know, just so I have something to tell my fellow shareholders: Why should they hold their Berkshire shares for the long term?

The fun moment quickly turned serious when CEO Greg Abel informed the audience that it wasn’t Warren Buffett.

“As you’ve all picked up, that was a deepfake,” Abel said. “But here’s the interesting thing. That was done with zero input from Warren. Voice, photo… we were able to obtain that with information that’s out there, and replicate those actions and that voice.”

It’s notable that they leaned into the deepfake because it’s a problem that Buffett has been wrestling with for years. Just a few months ago, Berkshire put out a rare press release about deepfakes titled: “It’s Not Me.”

“Scamming has always been part of the American scene,” Buffett said of deepfakes at the 2024 meeting. “If I was interested in investing in scamming — it’s gonna be the growth industry of all time.”

While Buffett has had to warn specifically of deepfakes of his likeness being used by scammers, Berkshire and its management team have long flagged cyber broadly as a major risk. In fact, it’s the second item identified in “Risk Factors” section of the company’s annual report:

Cybersecurity risks could result in economic losses to our businesses and reputational damage.

We rely on technology in virtually all aspects of our business. Like those of many large businesses, certain of our information systems have been subject to cyber threats, including computer viruses, malicious codes, unauthorized access, phishing efforts, denial-of-service attacks and other cyber-attacks. We expect continued exposure to such attacks in the future and attacks have become more sophisticated and frequent. A significant disruption or failure of our technology systems could result in service interruptions, safety failures, security events, regulatory compliance failures, an inability to protect information and assets against unauthorized users and other operational difficulties. Cyber-attacks perpetrated against our systems could result in loss of assets and critical information and expose us to remediation costs and reputation damage.

So of course, it’s not surprising that it was the very first topic they addressed during the meeting’s Q&A session.

“That’s what we’re dealing with when we think of Berkshire and how we have to protect it every day,” Abel said on Saturday. “It can go to deepfakes, and they’re using it to try to penetrate our business. It can be cyber attacks. It’s a great reminder for our team, because that is a significant risk across Berkshire that we’re managing every day. Cyber risk. And it’s one that we take extremely seriously.”

Are markets complacent about cyber risks?

While it’s unsettling to think about the risks posed by cyber attacks, it’s encouraging to hear executives, not just at Berkshire, confirm that it’s top of mind.

The fact that we haven’t experienced a market-destabilizing event tied to cyber perhaps speaks to how effective companies and regulators have been at keeping bad actors at bay.

Hopefully it stays that way.

Because, for now, market participants are arguably complacent about cyber risks. It rarely comes up in surveys about risk. For example, in BofA’s latest Global Fund Manager Survey, cyber didn’t crack the list of top “tail risks” identified by market pros.

This might be a problem. Because according to TKer Truth No. 8: “The most destabilizing risks are the ones people aren’t talking about.”

Investors and traders not talking about a risk suggests that the risk isn’t priced into markets. That means when the risk materializes, volatility is more likely to spike with prices potentially overshooting to the downside.

Especially with the rise of AI and increasingly scary stories about related risks, it’s never been more important to be vigilant.

For now, we put faith in our business leaders and policymakers and hope that they continue to be in front of this.

On Saturday, CNBC’s Becky Quick asked Buffett about the morning’s deepfake and the risk AI poses to the world.

“It’s scary,” Buffett said. “It’s particularly scary when you have nine countries or so with nuclear weapons and people working on it. We haven’t dealt with it. We don’t know what’s going to happen.”

Investing is risky. Bad things often happen. And sometimes, very bad things happen.

A version of this article first appeared on TKer.co