By Daniel Dahinden, head of innovation and digital at SIX
We are entering a time when society and businesses are growing more and more connected through powerful technologies and networks. Whilst the benefits are clear, the threats must be also understood and mitigated to ensure we are able to protect against systemic global risks in the future.
Considering this, businesses are stepping up defences to protect themselves and their customers against increasingly sophisticated forms of cybercrime. In the capital markets space, SIX and IBM have been working together to deploy a new cognitive computing system using Watson for Cyber Security, which aims to help protect Switzerland’s financial sector from catastrophic systemic shocks.
At this stage, it’s worth addressing the ongoing argument about the role of artificial intelligence (AI) in this line of defence. Some believe it presents a danger to society, hinging on concerns around the cultural shifts it will bring, as well as the impact of the full automation of many job roles in the coming years. Others see it as a force for good, with the power to augment human intelligence, help protect the world against sophisticated threats and re-shape the labour market as part of the Fifth Industrial Revolution.
Hackers have still yet to use AI to take control of our digital world, however￼ pre-existing techniques, ranging from simple personal online fraud and phishing scams, to large-scale corporate ransomware attacks that span the globe are continuing to have an impact, as we’re seeing on a daily basis.
Following the Yahoo breaches in 2013 and 2014, Ginni Rometty, IBM’s chief executive offcier and chairperson, called cybercrime “the greatest threat to every company in the world”. She followed this statement by declaring 2016 “the year of the mega breach” after reports that four billion data records were stolen globally during this time.
After this came the infamous Equifax hack in 2017, when 143 million data records containing highly sensitive personal financial information were stolen. After the hack, the company share price fell by a third, as investor concern for its data security protocols built up.
Such attacks do not just flatten stock prices, they also drastically affect overall revenue and stakeholder sentiment of a business: an IBM and Ponemon Institute report estimates that the average cost to a business following a data hack is US$3.6 million, equating to a $141 hit per record stolen.
Using the power of AI to combat threats
These terrifying and very real headlines mean that companies as a whole are now significantly more aware of the operational and reputational damage that cyberattacks present – and some are looking to harness the power of AI to combat threats in a more effective way.
For example, SIX has recently opened Switzerland’s first security operations centre (SOC) for both the Swiss Financial Market and for SIX itself. Built on IBM’s cognitive computing platform, its goal is to help banks tackle cybersecurity issues whilst complying with the country’s strict financial regulations.
Firstly, the security centre detects correlations between users accessing their networks, notifying security analysts at SIX – who are on standby 24/7 – of suspicious activity that could indicate a potential security threat. The SIX analysts must then determine whether this suspicious activity, such as a cluster of failed login attempts, stemmed from a hacker or a trivial error, for example - someone repeatedly trying to log-in using an incorrect password.
IBM’s Watson for Cyber Security technology then compares this potentially suspicious access activity with external threat data. It analyses factors such as whether login attempts are coming from known suspicious IP addresses, whether they match known attack patterns, and if a previous offender’s name reappears in this context.
Where previously an analyst has had to manually spend hours sifting through databases for this information, Watson for Cyber Security can do this automatically, and in real-time. The tool also analyses unstructured data, such as content from websites or blogs, constantly expanding its knowledge and understanding of its user ecosystem.
Having now absorbed over a million documents, it has been able to help analysts dissect numerous natural language research reports. Many of these require AI based technology and have therefore not been accessible previously with modern security tools.
Faster and more accurate
In addition to being able root out threats in real-time; Watson for Cyber Security depicts network access activity using visual graphics. This imagery allows humans to understand correlations that might have remained hidden and incomprehensible with just the raw data available, enabling faster and more accurate attack detection and allowing SOC operators to better programme the technology.
Banks: still enticing to cybercriminals
Recently some banks have fallen victim to sophisticated cyber threats; in 2015, hackers targeted the Banque Cantonale de Genève, whilst last summer Bosnian cyber criminals attacked a “big bank” in Zurich.
The financial services sector remains a tempting hunting ground for cybercriminals - banks and the wider financial services community must ensure they are doing all they can to quickly detect and react to the growing threat. By using innovative technology such as AI, institutions will ensure they have a better chance of safeguarding their businesses. These warnings must be heeded with urgency - every moment that passes by, the stakes grow much higher.