CIO Magazine reports that the BFSI sector will be the key target of cyber-criminals this year. They write, “BFSI companies were possibly the biggest target of cyber-criminals over the last couple of years. The trend is likely to continue as cyber-criminals will continue to find innovative ways to steal identity and money.”
Until recently, cybersecurity measures in the banking industry have been far from the latest technological advancements. Yet, increasingly creative security breaches and continuous frauds in the financial services industry have forced the BFSI to reboot their security strategies and adopt new technologies for their cyber security management.
Recently, identity fraud in the banking industry is on the rise, due to the increasing use of internet banking, mobile payments and money transfers, cross-border payments and online shopping.
Fraud-as-a-service, which has become more common and is nonchalantly offered on the dark web, enables cyber-criminals to access tools that can impact financial security of BFSIs. Not to mention such tried and tested methods, as social engineering and phishing scams that are used to steal financial data.
The simple rule-based anti-virus solutions cannot anymore combat even modestly-resourced hackers. An efficient security system needs to automatically adapt to what the attackers are doing, regularly updating its knowledge database. Building such an adaptive system becomes possible with AI technologies, which can, for example, complement a SIEM solution.
“AI can complement with the current security solutions and decipher the anomalies, which are non-signature, behavior and heuristics based. For example, the security logs in the Security Incidents and Events Management (SIEM) can only serve a limited purpose; however, this data coupled with AI solutions has the potential to detect the anomalies, threats which are sitting latent in the system, waiting for the right time to hit”. – Sameer Ratolikar, CISO, HDFC Bank
The author further gives one more example of AI application in BFSI: it’s able to find trends in the number of files uploaded to computers and search for aberrations. An AI system can collaborate with other solutions in order to detect deviations in, say, the time when employees access applications.
The AI-based Cyber Security Operations Center (CSOC), Sameer Ratolikar claims, will be a combination of breach readiness, threat hunting, threat aggregation platforms and red teaming.
“Dark web monitoring is a part of the overall security. We are working on dark web solutions, like real-time defacement and vulnerability monitoring. The solution should have features like early detection of malware presence; in case any data is available for sale in the dark web, how soon are we able to know about it,” states Ratolikar.
“Spear phishing is rampant. It’s no longer just the large enterprises or C-suite that need to be on high alert—everyone is a target,” says Asaf Cidon, VP, Content Security Services, Barracuda Network.
Artificial Intelligence can be applied to detect and block spear-phishing attacks in real time and identify which employees are most vulnerable to a spear-phishing attack. The system can examine the information from multiple sources in order to learn distinct communication patterns of each organization and to examine the content of the emails/messages.
The system can be integrated with messaging intelligence to detect with a high degree of accuracy whether the message is a part of a spear-phishing attack.
According to CSO magazine, in 2018 “51 percent of respondents claimed their organization had a problematic shortage of cybersecurity skills”. Compared with 2014, where the percentage was 23%, the growth is alarming.
Credit unions and small community banks are feeling the impact of cybersecurity staff shortage as skilled talents are extremely rare in their respective markets. AI, can amplify the abilities of a limited security talent. Rather than putting the pressure off manually analyzing network data and mining data on a small security team, AI can sift through the data automatically to detect threats.
Artificial intelligence is many times faster than a human security analyst, calculating millions of possibilities in a matter of second. Take, for example, WannaCry case. According to Phys.org, Machine learning was able to detect and protect many systems from the ransomware attack which sidestepped almost all the traditional anti-virus software and other systems.
Even so, while applying AI and machine learning technologies to cybersecurity, it is important for human employees to provide feedback to the system in order to adjust its work. The time and effort invested in training the system will optimize its monitoring and predictive capabilities. This will decrease false alerts and enhance the system’s ability to detect real threats.
Unfortunately, those becoming the most advanced in Artificial Intelligence in terms of security are the ones on the offensive side, i.e. cyber-criminals.
Therefore, the only way to combat these criminals is by enhancing your AI defense. Nothing, however, is 100% fool-proof. So, it is crucial that you have a robust, multi-layered security strategy that will incorporate AI solutions, talented technical and end-user training.