How AI is Augmenting Cybersecurity for the BFSI Industry

According to the World Economic Forum’s Global Risks 2021 report, cybercrime ranks among the top threats to the global community, alongside pressing concerns such as climate change and natural disasters, and livelihood crises. In fact, 39%, 53%, and 50.2% of the 2020 Global Risks Perception Survey’s respondents named cybersecurity failure as short-, medium-, and long-term risks, respectively,[1] highlighting cyberattacks as a growing concern in an increasingly digitalized era.

Given the move toward sustained online presences, cashless payment methods, and digital customer outreach strategies, the risks of cyberattacks for the BFSI industry have similarly increased exponentially. In particular, customer-facing applications and third-party vendors are at great risk of malicious attacks, and businesses must be able to balance ease of business with stringent security measures.

From securing personal information to safeguarding data banks, from regulating transactions to ensuring trust in the banking system—there are several aspects for banking and insurance players to consider while developing cybersecurity portfolios, including the following:

  • Vulnerability Management and Behavioral Analysis
  • Authentication
  • Threat Hunting and Response
  • Augmented Analytics
  • Real-time Analytics

While the use cases of AI in the industry have been plenty—for instance, in improving credit scoring, reducing default rates, enabling personalized customer service, and making innovative payments methods possible—cybersecurity, as a consistent concern, demands AI-driven innovation. This is especially important given the current state of AI-fueled cyberattacks. According to a report by the Global Banking and Finance Review, cyberattacks resulted in losses of nearly $360 billion between 2014–2017.[2] Further, as per recent estimates, cybercrime is set to generate annual damages to the tune of $10.5 trillion by 2025.[3]

With malware-as-a-service, identity theft tools, AI-enabled NLP capabilities, targeted phishing emails, ransomware, data exfiltration of sensitive documents, zero-day attacks, and open-source AI software, which can be misappropriated, constituting ever-present threats, the need for AI-augmented cybersecurity has never been greater. It can not only help enhance existing security frameworks but can also evolve response abilities, making proactive security measures, the automation of manual tasks, and prioritization of risk factors accessible and scalable.

Here are a few pivotal ways in which AI is helping secure BFSI businesses against cyberattacks:

Vulnerability Management and Behavioral Analysis

While traditional vulnerability management techniques are largely retroactive in nature, leaving little room for response times, AI-driven tools can offer a significant advantage in proactively identifying risks. ML can be used to analyze patterns in digital signatures, user behavior as well as server and endpoint activity to discover anomalies—including unusual traffic, increased background activities, and even changes in clicking speeds—to help security teams prioritize actions based on potential risk. Data can be drawn from thousands of endpoints, devices, and applications, and automated alerts can be set up to allow speedy analysis and remediation.

Given the self-learning capabilities of AI & ML, algorithms can be trained using millions of data points from both structured and unstructured sources, such as the internet, social media, regulatory reports, and in-house data, to gauge cybersecurity threats. For instance, phishing attacks can be easily pre-empted using AI by comparing sources, analyzing patterns according to geography, examining phishing-specific keywords, and detecting the minute differences between legitimate and fake sites. Further, profiles can be built around several applications within a network to identify deviations in patterns, and a nuanced understanding of the entire network can be developed over time, ensuring that the solutions are tailored to specific business and cybersecurity needs.

Optimizing Authentication 

Replacing traditional authentication processes, including login IDs and passwords, is the need of the hour, especially given the sensitive information handled by businesses in the industry, as well as users’ tendencies to use common passwords across multiple platforms. Newer methods of authentication, including facial recognition, OCR, voice, iris recognition, and behavioral biometrics—such as device usage, voice analysis, keystrokes, and error patterns—can be studied using AI to ensure optimal authentication and even build user profiles. However, a few of these technologies can become double-edged swords, with OCR, for instance, used to manipulate documents and simulate authentic user information. AI here can help authenticate requests against both user profiles and internal data, as well as anonymize data received, to ensure comprehensive protection for sensitive personal information. The use of such technologies can improve theft- and fraud detection significantly, helping BFSI players maintain credibility and customer trust in the market.

Improving Threat Hunting and Resolution Times

While conventional security applications utilize signature and attack indicators to identify threats—enabling previously known threats to be spotted immediately—new types of threats can pose a major challenge to cybersecurity frameworks. According to research, traditional applications can only detect about 90% of threats,[4] leaving the network highly vulnerable. Here, the use of traditional security applications in combination with AI can increase detection rates to 95%.[5] Although this may result in the increase in false positives, a combination of traditional and AI-based techniques can mitigate this issue to a great extent. Data-driven early warning systems to identify malware, phishing, and Trojans can be implemented, further reducing the number of false positives. Following this, the number of good orders, as well as customer experience, can be enhanced. AI can also automate several threat identification actions, drawing connections between factors such as corrupt files and anomalous IP addresses, to provide readily available insights to analysts and users. As the processing time for such functions ranges from seconds to minutes, security teams can address threats up to 60 times faster.[6] For instance, a major Danish bank used a deep learning tool to improve fraud detection by 50% and decrease false positives by 60%. Several security-related decisions were also automated using the tool, with only a select number of decisions forwarded to human analysts for examination.[7]

Augmented Analytics for Cybersecurity

While augmented analytics is making waves in the BFSI industry through automating data sourcing, management, and preparation, among other tasks, the applications of this innovation are also apparent for cybersecurity. For example, augmented analytics combined with NLP tools can comb through hundreds of regulation and compliance documents to highlight important recommendations and changes for cybersecurity infrastructure. Further, by automating detection, review, investigation, monitoring, approval, and decline decisions, security and operations teams can better focus on higher-order tasks that require human judgement. For instance, thousands of payment parameters, such as location, time, transaction history, and so on, can be immediately and automatically examined to generate a transaction risk score. Following this, AI-driven systems can approve or reject transactions, or make these insights readily available for operations teams to act upon. AI also ensures greater scalability for such systems, making more sustained automation possible for BFSI businesses.

Enabling Real-time Analytics

Given the sophisticated and immediate nature of cyberattacks, real-time responses, enabled by AI & ML, are especially crucial in detecting fraudulent transactions.

According to Beate Zwijnenberg, Chief Information Security Officer, ING Group, “The real-time aspect of online fraud means that you need to intervene immediately because otherwise, the money is transferred and it’s gone for good. So, the real-time element [of artificial intelligence] is quite important.”[8]

AI can help process signal data from billions of actions across geographies, networks, and devices, providing ML models with rich data to effectively predict risk. Thousands of transactions can be analyzed in real-time, allowing speedy and accurate indications of suspected fraud, as well as swift action before such transactions can be carried out, preventing actions such as chargebacks.

A survey found that 88% of security professionals consider AI-driven attacks, or offensive AI, as inevitable in an era of increasingly sophisticated cyberattacks[9] and AI-driven capabilities. Following this, accounting for AI in cybersecurity portfolios becomes imperative, given its ability to counter evolving methods of cyberattacks and proactively identify risks and threats. As the world moves towards greater digitalization, with concomitant rises in threats, AI-driven technology is set to be the building block for greater security and efficiency in the BFSI industry.


Delivery Manager

Krishnan Balasubramanian