The financial services industry has embraced the power of cloud-based technology and as a result, there’s been a widescale reinvention of the industry. Large firms are getting larger, and new firms can compete for the wealth management dollar with the benefits of scalable technology. Fintech firms have grown at a rate of 41% over the past 4 years with over $40 billion dollars in cumulative investment according to PWC. 82% of firms plan to increase fintech partnerships over the next three to five years.
Cloud technologies allow firms to cut costs for infrastructure, scale, improve efficiency, and provide instant information to their customers who have grown accustomed to convenience. With this shift to the cloud, a wave of sensitive data has followed – leaving firms vulnerable to cybersecurity threats resulting in data theft and fraud. Firms are using untraditional methods to tackle internal and external threats – in an arms race to secure their sensitive data and customer trust.
Threat Landscape for Financial institutions and Banks
Financial services is the highest targeted industry of all, facing 65% more attacks than any other industry. In 2017, 200 million records were breached resulting in a 937% increase year over year. Ransomware, DDoS attacks, malware, phishing, and insiders threaten their ability to service customers and secure sensitive data. Fear of data loss and reputational damage from the next “big breach” stem from fallen firms who have lost the trust of their clients and who’s names have been splashed in the media. So, how do security teams and executives prioritize threat defenses? Where are their dollars best spent to protect their organization?
The source of attacks has changed overtime. Outside attacks account for 42% of security incidents while insiders accounted for 58% of attacks to the industry – 53% being inadvertent actors and 5% being malicious according to an IBM X-Force Report. Outside attackers have identified the weakest link the in the security chain – the human. Malicious emails, phishing, compromised credentials, and stolen laptops offer outside attackers the opportunity to compromise a network, and often, the human insider is the one to inadvertently grant access to the malicious outsider – this his altered the way the industry views security.
Security has changed
The approach to security has shifted from the concept of a mote surrounding the “kingdom” to now a cognitive approach where security is multi-layered and involves both internal and external controls with cooperation from the entire organization. As firms race to secure their valuable financial and customer information, regulations are sprouting at record pace. In 2017, cyber standards were released from the NYDFS, OCC, FDIC, NIAC, and GDPR. To secure their organization and meet these cyber- standards, organizations are taking a People Centric approach to Security.
People Centric Security- Monitoring Behavior with Machine Learning
With people now at the center of the security vector, protecting sensitive information starts with knowing “who” is accessing “what” information. To manage the risk associated with insider threats, organizations are leveraging behavioral monitoring and machine learning to draw insights into whether an employee is exuding appropriate or suspicious behavior.
i.e. Tim, Account Manager, is based in the United States. He accesses around 100 accounts per day during the work week in his usual work activity. Suddenly, Tim’s account starts accessing over 300 accounts per day from Switzerland. Digging into analytics, you can see what drove this behavior. Was it business? Or does it seem like suspicious activity? Through machine learning, Tim’s past behavior is reviewed to determine whether or not it is abnormal. If it’s unusual behavior, then access can be cut off upon discovery.
Machine Learning and Community Intelligence
Machine learning uses technology to analyze employee’s past actions to predict future behavior. In doing so, false positives can be filtered out and recognized as normal business operations. Time previously spent on investigations can now be focus on monitoring and creating security safeguards.
Machine learning can also be trained to take a proactive approach to security. When an incident does occur, systems can be trained to do quick forensic investigations and possible remedy the security vulnerability. Organizations are also adopting adaptive access control, which makes dynamic risk-based decisions on user access, weighing level of trust against risk at the moment of access. Machine learning offers a path forward for businesses to scale their security operations to combat internal and external threats while saving valuable resources to the organization on.
Through Community Intelligence, automated sharing of new attacks and threats found around the globe can be identified and distributed. Machine learning can be used to recognize threat patterns to alert businesses that could potentially be affected by the same threat.
Kurt Long is the Founder and CEO of FairWarning®, whose Patient Privacy Intelligence customers represent over 8,000 healthcare facilities globally, and protects financial services customers managing over $500 Billion in assets. Prior to FairWarning®, Long founded and served as CEO of OpenNetwork Technologies a leader in web single sign-on and identity management software solutions. As CEO, Long led OpenNetwork to over 2,000 percent growth with customers across the United States, United Kingdom, Europe and Australia. OpenNetwork was acquired by BMC Software of Houston.