The battle between cyber criminals and banks is an intensifying arms race. Cyber criminals are racing to develop new offensive weapons while the banks and insurers they are targeting are scrambling to keep pace.
Financial institutions are increasingly deploying Robotic Process Automation (RPA) and other early-stage AI technologies to the front lines, identifying the behavior of trustworthy users and detecting emerging threats. However, much cutting-edge software in areas such as machine learning and AI is open-sourced, meaning that it is readily available to the wrong side. Hackers and criminals deploy advanced technology with little effort or cost involved, using advanced search functions, for example, to find and attack vulnerable machines. The cost of the computing power needed for many AI applications has previously been a barrier to all but the most sophisticated, well-funded criminal players, but that is coming down rapidly as well.
We are beginning to see both offense and defense using automation, machine learning and artificial intelligence (AI) to counter each other’s moves. For example, as firms adopt voice biometrics to make customers’ access to their accounts and information more secure, cyber-criminals can use the same machine learning algorithms to mimic voices and gain unauthorized access. Lyrebird, a Montreal-based AI startup, has developed a voice generator that can imitate almost any person’s voice, and can even add emotional elements missing from computer generated personas such as Siri and Cortana.
Staying one step ahead of the threat is difficult, but forward-thinking financial institutions realize it’s imperative. As financial institutions up their game to protect their assets, three AI priorities have emerged: focusing resources, visualizing the threat, and accelerating response time.
1. Focusing resources. Banks are looking at how AI in combination with better quality data can improve threat detection by reducing the number of “false positives”, making it easier to differentiate between real attacks and harmless incidents that can safely be ignored. AI reduces the load on human analysts by narrowing down the search space and frees up time to concentrate on the most important threats.
2. Visualizing the threat. AI-supported visualization is becoming a core element of enterprise cybersecurity strategy, helping cyber defense teams harness and amplify humans’ ability to zero in on patterns quickly and pick out anomalies. Visualization allows security teams at multiple levels to understand at a glance how contextually valid a threat is and which areas of the business it affects. By shifting away from log and text interpretations and replacing them with visual comprehension, organizations can scale and accelerate their ability to interpret security events.
3. Accelerating response time. One of the biggest problems in cybersecurity is the time between a successful security breach and the organization’s identification of, and response to, that same breach. According to Accenture’s research, 59% of financial institutions take months to detect a breach, with a FireEye report also concluding that the average response time was 99 days in 2016. AI in the form of machine learning can spot minute disruptions to otherwise normal patterns and trigger a quicker response and remediation process.
The capabilities of AI are increasing exponentially. As AI technologies proliferate and costs drop, hackers and cyber-criminals will continue to arm themselves with new and increasingly powerful tools. One of the most important things that CIOs, CROs and CISOs can do is to stay current with technologies as they evolve; this helps reduce the possibility of being unpleasantly surprised by a technological leap made by someone playing for the wrong team.
Financial institutions have historically held the upper hand as they benefit from enterprise-wide investment strategies in artificial intelligence (AI) and machine learning. But as the technologies become more pervasive, the question is, how long will this last?
