Three success factors in security operations

Share this post:

There are five trends that all industries are facing, but I’d argue no industry is feeling them more acutely than financial services:

  1. Shareholders increasingly demand higher margins, as customers increasingly expect more personal and convenient experiences.
  2. Digitization of Society is accelerating, with specific stress to financial services where new capabilities with new competitors will force banks out of their branches.
  3. The world’s data is doubling every 12 months. And financial transactions are among a fast-growing subsection of data types.
  4. Digital Trust is paramount for the modern business. The expansion of channels expands the threat of money laundering, fraud, and hacks — as well as regulatory requirements for necessary protections
  5. Artificial Intelligence is now being used by cyber criminals, meaning the sophistication of their methods is increasing, forcing banks to up their game.

The successful bank that emerges from those trends has a business model run on digital intelligence. It’s a model where we gather data, convert it into knowledge, create real-time insights from that knowledge and turn those insights into better decisions, actions and, ultimately, outcomes.  The model delivers better customer experiences, creates operational efficiencies, and can lead to new revenue sources. This digitally reinvented financial institution, runs on data, which is valuable and in-demand, but constantly under threat.

Financial institutions are leading the charge in building security immune systems, knowing they are most threatened. They are looking for end-to-end security operations that are flexible and scalable, data-driven and applied with automated, operational accuracy. Above all, it should build trust and deliver on the promise of security and privacy—without getting in the way of customer experience.

That type of trust-building security system requires a Six Sigma-like operational rigor, but as breach after breach teach, we must employ new tools that ensure we eliminate any variance in cyber security. In my mind, success follows with three operational goals:

1. Efficiency
Attacks will come quickly and constantly. A security system must be able to flag and defend against threats, without causing bottlenecks or burdening budgets and staff.

Automation is the only way to make operations efficient. It can flag problems and route issues to security analysts. Robotic process automation acts on set rules to sift through millions of records to catch problematic transactions. But as attacks are increasingly sophisticated, Cognitive process automation, powered by artificial intelligence (AI) is the only way to get to true efficiency. As the system flags issues to security analysts, it then assist analysts in making correct, comprehensive decisions. With the deluge of data analysts deal with, cognitive automation can adapt to new variables and react to unique situations in order to reduce false flags and detect new types of attacks. Traditional process automation often stops short, using only narrow AI capabilities that focus on the structured security data alone, which brings us to efficacy in security operations.

2. Efficacy
Visibility across your entire organization is essential to detect any threats and to take required protective actions. Cyber security information is high-frequency, high-volume data which is accelerating as we digitally transform all aspects of society. Much of that data exists in a vast ocean of unstructured data that has no value unless we can process and derive insight from it.

Enter Artificial Intelligence (AI). Unlike current AI-powered security systems, we must evolve to a new framework that can make sense of unstructured data, identify security threats within it, and take action to protect the business.

The only security systems that are truly effective are those that combine the narrow AI of typical security systems and broad AI, capable of interpreting unstructured data. This makes it possible for security systems to scour the internet, ingest and analyze unstructured cyber security information, act on a single threatening data instance, the very first time it is encountered – the proverbial needle in the haystack –, and remember it always. This is vitally important as we look to protect the business from the most sophisticated and never-before-seen threats.

3. Repeatability
For material improvement to security operations, the system must combine both automation and broad and narrow AI. A successful system is one that can both flag the most critical threats, route them appropriately, and then learn from analyst decisions, applying that logic to improve threat identification and rules enforcement to continue improving over time.

In the context of those five market trends—where your bank runs on a digital, efficient, flexible and customer-centric model—, efficiency, efficacy and repeatability can only be achieved using automation, powered by cognitive technologies. It not only reduces the cost of operation but it reduces the burden, friction, and stress to customers.

IBM’s suite of cyber security tools bring together efficiency, efficacy, and repeatability through AI and automation, to enhance security operations, while building digital trust through consistent customer experience. See what our suite of security tools can do for you.

Vice President, US Financial Services Cyber Security

More Security stories

Get rid of the noise by streamlining your audit with IBM OpenPages

The internal audit program is critical to any organization that intends to provide efficient, compliant and safe services to its clients. Internal audit provides independent, objective assurance over an organization’s risk management, internal control, governance and the processes in place for ensuring effectiveness, efficiency and economy. It has proven to be a valuable tool for […]

Continue reading

The top five challenges and opportunities for AI in RegTech

In the span of a just few years, artificial intelligence (AI) has gone from a niche, relatively abstract concept, to entwining itself in multiple aspects of our daily lives. AI has found applications such as how we avoid traffic while navigating the physical world, to how we search for products online, to how we interact […]

Continue reading

AI and the rise of digital humans in financial services

“AI is not going to replace managers, but managers who use AI will replace the managers who do not,” Rob Thomas, IBM General Manager of Data and AI predicted at IBM Think 2019.[1]  Every type of work is undergoing a transformation. A 16 trillion dollar opportunity, artificial intelligence will fundamentally change every business process, every […]

Continue reading