Security

3 Ways AI Is Helping Financial Services Companies Improve Security

Deploying artificial intelligence can help gather threat intelligence, automate breach responses and protect endpoints, saving money and protecting customers.

J.P. Pressley

J.P. Pressley is a contributing writer to BizTech magazine and an editor at Manifest.

Finances are a key pillar in every industry, so it’s no surprise that nearly 19 percent of global cyberattacks in 2022 across industries targeted the financial sector. And it’s no surprise that cybersecurity is a top priority for banks and other financial services organizations.

After all, there were over 1,800 data compromises across the sector in the U.S. alone last year, and the average cost per data breach in the U.S. is nearly $9.5 million.

Fortunately, as cyberattacks continue to become more prevalent and sophisticated, artificial intelligence continues to evolve as a tool to help security professionals stay ahead of threats. Here are three ways that deploying AI can help financial institutions bolster their security.

DISCOVER: Find out how to balance access and security in financial services.

1. AI Can Gather and Bolster Cyberthreat Intelligence

While phishing and ransomware attacks continue to increase year over year, they’re far from the only cyberattack methods used. Ninety-four percent of observed cyberattacks in the financial sector were facilitated via four attack vectors: SQL injections, cross-site scripting and OGNL Java injection.

Banks are experiencing more destructive cyberattacks — those that result in deleted data, damaged hard drives, disrupted network connections or leave some other trail of digital wreckage in their wake. In fact, 63 percent of financial institutions say they’ve experienced an increase in destructive attacks targeting their organizations.

A crucial step to defending against these cyberattacks or avoiding them altogether is understanding the threat landscape so internal teams can strengthen defenses and make other security decisions proactively. The biggest hindrance to gaining this threat intelligence is a lack of information.

According to the Federal Reserve, “significant data gaps impede assessing and mitigating cyber vulnerabilities, both within the financial system and at service providers.”

AI tools from vendors such as IBM, CrowdStrike and Cisco can help change this, gathering data on cyberthreats from millions of sources worldwide to help financial institutions accurately identify threats and respond rapidly.

Click the banner below to learn best practices for creating a successful digital work experience.

2. AI Improves Security Orchestration, Automation and Response

A notable 8 in 10 U.S. citizens fear that businesses aren’t able to secure their private financial information, and their concern is understandable: 92 percent of ATMs are vulnerable to attacks, with 76 percent allowing hackers to exit kiosk mode and gain access to the machines’ operating system.

To protect their customers and themselves against attacks, financial institutions need interconnected security ecosystems throughout their businesses, from websites to ATMs, mobile apps and more.

Through security orchestration, automation and response solutions, AI can help financial institutions do just that. SOAR uses AI and machine learning to connect security tools and integrate disparate security systems, consolidating threat alerts and enabling security automation.

This ability to predict and protect against threats automatically allows SOAR systems such as those from Palo Alto Networks and Splunk to respond to select security events without human assistance, freeing up IT and security personnel to focus on other issues.

Considering that only 26 percent of recent new vulnerabilities had known exploits, according to IBM, this ability can better help financial institutions defend against novel exploits in addition to the 78,000 known exploits cybercriminals have access to.

3. AI Enhances Endpoint Detection and Response

An increase in remote and hybrid work has made it more challenging for security professionals to secure widely dispersed financial data and applications. In other words, with just 20 percent of financial services companies requiring full-time, in-office work, there’s a far larger attack surface for cybercriminals to penetrate. Cyberattacks related to remote work increased by 238 percent during the COVID-19 pandemic.

But it’s not all bad news. As Arpinder Singh, global markets and India leader for EY’s forensic and integrity services, puts it in a company blog post, “Organizations can strengthen compliance, utilize technology and invest in a robust, integrated suite of forensic solutions to detect and deter the security challenges of working from home.”

Endpoint detection and response is an integrated endpoint security solution that can help financial institutions address this issue. Used to detect and investigate threats on employee devices, EDR tools generally contain detection, investigation, threat hunting and response capabilities.

But they don’t operate in isolation. EDR tools such as those from Sophos and Check Point use AI to block threats and can be incorporated into a zero-trust security approach, helping financial institutions strengthen their overall cybersecurity framework.

Gremlin/Getty Images