Connect with us

FINANCE

Advancing the financial sector’s cybersecurity with AI 

Sareeka

By Sareeka A. G., Product Consultant at ManageEngine

The United Kingdom has the sixth-largest economy in the world, and in 2018, the financial services industry contributed a massive £132 billion to the country’s economic output. During the same year, the number of cybersecurity incidents reported by financial institutions shot up by 1,000 percent compared to the previous year.

Sareeka A. G

Sareeka A. G

The greater the value of an organization’s data and assets, the greater the risk of a cyberattack. This holds true for financial institutions, as they contain not just huge reserves of money but also critical personally identifiable information (PII) and financial data.

Steel vaults and fortified walls help safeguard money within banks. Customer data, however, is often just waiting to be compromised unless a dedicated IT team and a comprehensive cybersecurity strategy is in place. Here, AI can play a decisive role to help financial services companies win the cat-and-mouse game between network administrators and cyber miscreants.

Combating cyberattacks with AI

Internal Threats

Most of the insider threats are financially motivated and particularly challenging to tackle as the threat actor knows where the sensitive data resides. Malicious insiders can involve in a myriad of activities ranging from theft of PII to siphoning funds and money laundering.

Artificial intelligence in combination with machine learning is the most effective way to tackle the insider menace. By continuously monitoring the heterogeneous logs collected from all the devices and user accounts, behavior analytics tools that utilize machine learning can learn the each entity’s general behavior, or “baseline profile.” Once a baseline profile has been established, any deviation from this behavior is flagged as an anomaly and brought to the system administrator’s attention to initiate necessary action.

AI can immediately spot when an employee tries to access information or perform unauthorized actions and warn IT administrators of a potential breach. Even in situations where the insider has necessary permissions, behavior analytics can identify irregularities and initiate corrective response by executing actions defined by the administrator.

DDoS Attacks

Proliferation of IoT devices has made it easier for hackers to launch massive distributed denial of service (DDoS) attacks, flooding servers with malicious requests to make services unavailable to legitimate users. In the era of social media, a service outage due to DDoS can elicit response from disgruntled customers to go viral in a matter of seconds, tarnishing the reputation of the company and eroding customer trust.

Employing artificial intelligence with big data can safeguard companies from DDoS attacks. AI and big data analytics can empower correlation engines to infer attack patterns by comparing network traffic with real-time data streams received from threat-intelligence feeds.

DDoS attacks are increasingly used a means of cyber extortion by hackers who blackmail financial institutions to pay hefty sums of money to avoid the attacks. By monitoring a bank’s network for traffic origin, velocity, variety, and bandwidth consumption, AI can distinguish between legitimate spike in incoming requests and a DDoS attack and thereby prevent a full-fledged attack.

Phishing

Phishing is one of the most prevalent cyberattacks in the financial sector. New phishing techniques combined with social engineering continue to endanger this sector. A well executed phishing scam can have severe implications on a financial institution, ranging from credential theft to data exfiltration.

Natural language processing (NLP)—a subfield of AI—along with behavior analytics can help spot phishing emails. AI models can be trained with data sets to recognize clean and malicious files. AI models can identify, isolate, and delete infected attachments. In addition, NLP can be used to perform semantic analysis of text to spot malicious intent and blacklist related websites and email addresses.

Since social engineering requires very little technical knowledge and relies on victim manipulation, it remains a very effective way to gain access into an organization.

Malicious payloads are often delivered to victims via instant messaging (IM) or as email attachments. AI can identify phishing schemes that are often overlooked by humans due to uncanny resemblance to legitimate sources.

Embracing AI   

In cybersecurity, AI improves the efficiency of defense mechanisms. It reduces the burden on information security officials, enabling them to pay more attention to critical, IT security operations. When trained appropriately and supervised by efficient cybersecurity professionals, AI can protect financial organizations from attacks that threaten their operation and the country’s economy.

Continue Reading

Recent Posts

The lockdown money revolution 29 The lockdown money revolution 30
FINANCE4 days ago

The lockdown money revolution

By Granville Turner, Director at Turner Little. Many Brits have found that lockdown has been beneficial for their money, having...

Self-employed taxpayers and Making Tax Digital 31 Self-employed taxpayers and Making Tax Digital 32
BUSINESS4 days ago

Self-employed taxpayers and Making Tax Digital

By John Hemming, CEO of Cirrostratus Exedra, the company that runs the VAT Direct Making Tax Digital Service The HMRC’s ambition...

Auditor regulation and litigation - down to the Wire(card)? 33 Auditor regulation and litigation - down to the Wire(card)? 34
BANKING5 days ago

Auditor regulation and litigation – down to the Wire(card)?

By Tom Snelling, partner at Signature Litigation and David Entwistle, a regulatory lawyer and legal risk specialist Introduction The collapse...

Why it’s time to adapt to the virtual world: how to master online negotiations 35 Why it’s time to adapt to the virtual world: how to master online negotiations 36
TECHNOLOGY5 days ago

Why it’s time to adapt to the virtual world: how to master online negotiations

By Tony Hughes, CEO at Huthwaite International, a leading global provider of sales, negotiation and communication skills development Virtual negotiations...

Protecting against man in the middle attacks with dynamic linking 37 Protecting against man in the middle attacks with dynamic linking 38
FINANCE2 weeks ago

Protecting against man in the middle attacks with dynamic linking

By David Vergara, Senior Director of Product Marketing at OneSpan In recent years, the booming growth of mobile applications has...

The Case for Banks to Digitally Transform: Iterating out of lockdown 39 The Case for Banks to Digitally Transform: Iterating out of lockdown 40
BANKING2 weeks ago

The Case for Banks to Digitally Transform: Iterating out of lockdown

By Sudeepto Mukherjee, Senior VP, Banking EMEA & APAC, Publicis Sapient. Before COVID-19 disrupted every imaginable part of society, banks...

Difficulties of Getting on the Property Ladder Post-Pandemic 41 Difficulties of Getting on the Property Ladder Post-Pandemic 42
LIFESTYLE2 weeks ago

Difficulties of Getting on the Property Ladder Post-Pandemic

There is a lot of talk about what’s going to happen to the housing market over the next few months....

Russian Doll: Building digital capabilities into a bank’s core 43 Russian Doll: Building digital capabilities into a bank’s core 44
BANKING2 weeks ago

Russian Doll: Building digital capabilities into a bank’s core

By Ian Johnson, Managing Director of Europe, Marqeta COVID-19 has left its mark on every industry, and banking is no...

How the US and Europe's COVID-19 Responses Have Affected Exchange Rates 45 How the US and Europe's COVID-19 Responses Have Affected Exchange Rates 46
TRADING2 weeks ago

How the US and Europe’s COVID-19 Responses Have Affected Exchange Rates

In living memory, few events have thrown the reputations of different countries and regions under such intense scrutiny as the...

Recognising the surprise PE investment potential in southern Africa 47 Recognising the surprise PE investment potential in southern Africa 48
INVESTING2 weeks ago

Recognising the surprise PE investment potential in southern Africa

By Martin Soderberg, partner at SPEAR Capital. An event of historic significance passed largely unnoticed in the world’s media recently,...

Why Banking is experiencing a second wave of transformation 49 Why Banking is experiencing a second wave of transformation 50
BANKING2 weeks ago

Why Banking is experiencing a second wave of transformation

By Keith Pearson, Head of Financial Services EMEA, ServiceNow The financial landscape has seen significant changes in the last six...

Making your mark: an introduction to trademarks 51 Making your mark: an introduction to trademarks 52
TRADING2 weeks ago

Making your mark: an introduction to trademarks

By James Turner, Director at  Turner Little  Are you looking to protect your brand? The chances are, you are –...