Financial institutions (FIs) are subject to increasing cyberattacks, leaving them to guard many doors against breaches that could cost them data and money. In this piece, we take a look at the technologies FI’s are using to fend off cyberattacks.
Cybersecurity threat landscape
To underscore the prominence of threats, PricewaterhouseCoopers notes that “[t]here are two kinds of financial services firms: those that have faced a cyberattack and those that will.” The 2017 IBM Cyber Security Intelligence Index reveals that financial services are host to more attacks than any other sector. Moreover, over 200 million financial services records were breached in 2016 alone, a 937% year-on-year increase.
Thus, cyber attacks are here to stay and will continue to increase, and by 2021 some estimates indicate that it will cause USD 6 trillion in damage; in 2018, globally firms are expected to spend USD 93 billion on cybersecurity.
The types of risks faced by financial institutions include: ATM hacks; unencrypted data; third party breaches; unsecured mobile banking; unsecured new forms of technology; unsecured mobile banking; and breaches targeting individual employees.
Below, we will go through some of the technology and security mechanisms FIs use to thwart attacks. In general, experts advise FIs seeking cybersecurity solutions to adopt a multi-layered approach because there is no single solution or technology that can cover all threats.
AI and machine learning
As we mentioned in our “8 cybersecurity trends to watch out for” article, AI has and will continue to play a prominent role in deterring cyber attacks. Specifically, AI and machine learning are used to detect suspicious behavior, such as identity theft or erratic use of a credit card, in real time in order to identify the authenticity of a given transaction. These technologies learn to see usage patterns through data analysis, and over time can be used to predict the onset of attacks and where they may occur. When FIs can determine the site of a potential attack, they have a leg up on prevention.
However, despite the potential of AI and machine learning, many chief security information officers are frustrated with the technologies because they create many false-positives generated by the systems. Since AI and machine learning are still relatively new technologies, they require time to mature and more effectively establish baselines for activity in network monitoring.
AI and machine learning, according to Price Waterhouse Cooper, though, when used with advanced encryption and authentication methods, can form “formidable tools” for data protection.
Biometrics are becoming increasingly present in financial services because they provide a high level of security due to the distinctiveness of human biological features. Today, more than 500 million people are using biometrics for authentication and identification in financial transactions. Biometrics are forecasted to become the main way people identify themselves for financial transactions by 2020.
Regarding what particular biometrics FIs are using, Citigroup, has registered 250,000 customers in their voice recognition system, “voiceprint”. The organisation uses this system to identify customers calling in to its customer service centre. Mastercard has developed “selfie-pay”, which uses facial recognition to approve online purchases, and some banks have even started using fingerprints for authentication at ATMs. These approaches all rely on institutions housing the relevant biometric data to be used as reference for authentication, which in turns increases the need for them to have adequate data management protocols in place.
Behavioural biometrics is an emerging technology looks at how a user behaves. This is based on the idea that the way every human being interacts with technology is different, and that the way we interact form patterns that can be used to identify who we are. Consequently, behavioral biometrics considers how we, for example, enter information on a website instead of looking at what we enter in order to detect fraud.
Many industry leaders in the financial services space are employing this technique “to significant effect”, according to Microsoft Financial Services.
There are various remote network access endpoints—laptops, mobile phones, desktops, tablets, etc.— and these are vulnerable for attacks. Hence, endpoint security seeks to secure all the different endpoints that remotely connect to networks. This is especially a concern for financial institutions as cyberattacks occur against individual devices, such as computers, and more and more people are working remotely on mobile devices that connect to company networks.
Endpoint security is software-based and host-based, meaning that it resides in/at endpoints. Moreover, endpoint security relies on a number of security approaches and capabilities that are bundled into a single solution. Here, capabilities can include firewalling, anti-malware functionality, intrusion detection and prevention, data encryption, and application control. For FIs, endpoints have centralised administration to streamline the security process.
Technologies and beyond
Since guarding against cyber attacks is growing more and more complex, FIs are not only looking to technologies like those named above, but they are also looking to each other for help. For example, FIs are participating in cyber threat intelligence sharing due to the increasing interconnected nature of the financial services industry. Cooperation between parties helps assist in rapid response when a cyberattack occurs.
Other technologies and security mechanism of note in defending against cyberattacks include advanced authentication, built-in encryption, cloud security, and blockchain.
By Elliot Lyons, Research Analyst