With cyberattacks becoming more sophisticated and commonplace, businesses across all sectors are stepping up their defences to protect their most vital assets. In the capital markets space, SIX and IBM Security have deployed a new cognitive computing system using Watson for Cyber Security to help protect Switzerland’s financial sector from potentially systemic shocks.
There is an ongoing argument about the power of artificial intelligence (AI). Some believe that it is a danger to society, hinging on concerns around the impact of the full automation of many job roles in the coming years. Others are more positive about the technological advancement, instead seeing it as a force for good, with the power to protect the world against modern and increasingly sophisticated threats and re-shape the labour market in line with the Fifth Industrial Revolution.
Hackers are yet to use AI to take control of our digital world but they are already making a catastrophic splash with pre-existing techniques; this includes everything from simple personal online fraud and phishing scams, to large-scale corporate ransomware attacks that span the globe.
Look back at the Yahoo breaches that took place in in 2013 and 2014. Following this, Ginni Rometty, the CEO and chairperson of IBM called cybercrime “the greatest threat to every company in the world”. Building on this, she went on to declare 2016 “the year of the mega breach” after reports that four billion data records were stolen globally during this time.
Then came the Equifax hack in 2017, when 143 million data records containing highly sensitive personal financial information were compromised. Following the hack, the company share price fell by a third, as investor concern for its data security protocols took hold. Yahoo also experienced a similar fate in the markets following its cybersecurity disaster, suffering a $1bn loss from its market cap.
Such attacks do not just harm stock prices, they also drastically affect overall revenue; an IBM and Ponemon Institute report estimates that the average cost to a business following a data hack is US$3.6 million, equating to a $141 hit per record stolen.
Cognitive Computing: quick and precise
On the positive side, companies as a whole are now more clued up about the operational and reputational damage that cyberattacks present. Some are going the extra mile to implement advanced precautionary measures that make use of AI to combat threats in a more effective way.
SIX opened Switzerland’s first security operations centre (SOC) for the Swiss Financial Market but also for SIX itself, earlier this year. Built on IBM’s cognitive computing platform, its goal is to help banks tackle cybersecurity issues whilst complying with the country’s strict financial regulations. Currently, it is monitoring and logging all network access activity for our financial services clients.The network is accessed more than a billion times per day and over 30,000 times per second during peak times. Firstly, the security centre detects correlations in users accessing their networks, notifying security analysts at SIX – who are on standby 24/7 – of suspicious activity that could indicate a potential security threat. The SIX analysts must then determine whether this suspicious activity, such as a cluster of failed login attempts, has stemmed from a hacker or a genuine error, for example someone repeatedly forgetting their password.
IBM Watson for Cyber Security then compares this potentially suspicious access activity with external data. It analyses factors such as whether login attempts are coming from known suspicious IP addresses, whether they match known attack patterns, and if a previous offender’s name reappears in this context.
Where previously an analyst has had to manually spend hours trawling through databases for this information, Watson for Cyber Security is able to do this automatically, and in real-time. The tool also analyses unstructured data, such as content from websites or blogs, constantly expanding its knowledge and understanding of its user ecosystem. The SOC has already been trained in the “language” of cybersecurity. Having now absorbed more than a million documents, it has been able to help analysts dissect numerous natural language research reports. Many of these require AI based technology to access them and have therefore not been accessible previously with modern security tools.
With just a few clicks
Watson for Cyber Security also depicts network access activity using graphics. This visual imagery reveals correlations that might have remained hidden and incomprehensible with just the raw data available. In addition to deeper insight, this allows for faster and more accurate attack detection. Whilst IBM Watson’s powerful AI engine provides assistance by detecting and flagging suspicious activity, in the near future, it may also learn how to devise defence recommendations by itself too.
Banks under pressure
In recent years, banks have had no option but to tackle cybersecurity fears head on. In 2015, hackers targeted the Banque Cantonale de Genève, whilst last summer it was revealed that Bosnian cyber criminals had attacked a “big bank” in Zurich.
The financial services sector remains a tempting hunting ground for cybercriminals - banks and the wider financial services community must ensure they are doing all they can to quickly detect and react to the growing threat. By using innovative technology such as artificial intelligence, institutions will ensure they have a better chance of safeguarding their businesses against cyber threat. This warnings must be heeded sooner rather than later. Every moment that goes by, the stakes get higher.
Daniel Dahinden, Head of Corporate Development at Six
Image Credit: Sergey Nivens / Shutterstock