In 2020, Australia’s financial institutions are back in the spotlight. As the COVID-19 pandemic continues to cause economic disruption on an unprecedented scale, lenders are playing a key role in the mitigation effort; working with the federal government to support businesses and individuals whose livelihoods and lives have been severely impacted. They’re key to the implementation of a multibillion-dollar stimulus and support program designed to keep the economy on life support while the country’s hardworking healthcare professionals keep the virus at bay.
Without a stable financial system, it would have been impossible for institutions to enact such a timely and large-scale response to what’s poised to become the greatest economic disaster of our time.
In today’s digital world, the stability of that system depends, in large part, on financial institutions’ ability to withstand cyberattacks and protect the assets and data in their keeping against malicious attacks and incursions.
These assets and data have always been a lucrative target and, during the time of COVID-19, they’ve never been under greater threat, as hackers and cyber-criminals, both foreign and homegrown, seek to cash in on the chaos and uncertainty the crisis has generated.
An assault on the vault
Attacks on financial institutions can come in a variety of guises. Insider threats are one such challenge. They’re typically the handiwork of well-placed employees looking to boost their own bank balances via illicit activities such as embezzlement and the theft and sale of personal data. Such incursions can be difficult to detect using conventional security solutions, particularly given perpetrators may have legitimate access to systems and data.
More dramatic and publicly damaging is distributed denial of service attacks, which can knock critical systems out of action and impede customers’ attempts to complete transactions or gain access to their accounts. Such incidents can cause significant disruption to business, along with considerable reputational damage. In today’s digital world, even a few hours offline is an eternity for major players, as CBA was reminded last October when a systems outage left millions of customers unable to transfer and receive funds, some for longer than 24 hours.
Phishing campaigns are another perpetual scourge for the financial sector, given their potentially devastating consequences of credential compromise and malware infiltration.
Meanwhile, social engineering can represent an effective, low tech penetration method for skilled manipulators who may spend months researching and grooming targets to increase the odds that the targets inadvertently divulge sensitive information or authorise a fraudulent transaction.
AI: A smarter answer to the financial sector’s cyber security question?
Cyber security solutions that utilise artificial intelligence (AI) can be a silver bullet, enabling network administrators and security professionals to stay a step ahead of those looking to disrupt their operations and compromise sensitive customer data.
The technology’s strength stems from its ability to “learn” from immense volumes of data, which financial institutions have in abundance. AI can be trained to analyse behavioural patterns to rapidly identify suspicious anomalies, accelerate response times, and automate many of the repetitive tasks and processes that cyber security management entails.
Natural language processing (NLP) – a subfield of AI – along with behaviour analytics can help spot phishing emails. AI models can be trained with data sets to identify, isolate, and delete infected attachments. In addition, NLP can be used to perform semantic analysis of text to spot malicious intent and blacklist-related websites and email addresses.
Improving the efficiency of defence mechanisms, while minimising the daily grind, can free security professionals to focus on those areas of operations monitoring which require human oversight and judgment.
Lowering the cyber risk for one of Australia’s most critical sectors
Recent events have highlighted the importance of a stable and robust banking system, for Australian society and for the country’s struggling economy. As the country’s financial services institutions continue to play their vital role, robust enterprise-wide solutions that protect core systems and data have never been more critical. Against this backdrop, institutions that deploy AI-enabled security are likely to find themselves better positioned to defend the assets in their keeping from even the best-equipped assailants.
Sareeka Achuthan Geetha, product consultant at ManageEngine