Security

Three success factors in security operations

Share this post:

There are five trends that all industries are facing, but I’d argue no industry is feeling them more acutely than financial services:

  1. Shareholders increasingly demand higher margins, as customers increasingly expect more personal and convenient experiences.
  2. Digitization of Society is accelerating, with specific stress to financial services where new capabilities with new competitors will force banks out of their branches.
  3. The world’s data is doubling every 12 months. And financial transactions are among a fast-growing subsection of data types.
  4. Digital Trust is paramount for the modern business. The expansion of channels expands the threat of money laundering, fraud, and hacks — as well as regulatory requirements for necessary protections
  5. Artificial Intelligence is now being used by cyber criminals, meaning the sophistication of their methods is increasing, forcing banks to up their game.

The successful bank that emerges from those trends has a business model run on digital intelligence. It’s a model where we gather data, convert it into knowledge, create real-time insights from that knowledge and turn those insights into better decisions, actions and, ultimately, outcomes.  The model delivers better customer experiences, creates operational efficiencies, and can lead to new revenue sources. This digitally reinvented financial institution, runs on data, which is valuable and in-demand, but constantly under threat.

Financial institutions are leading the charge in building security immune systems, knowing they are most threatened. They are looking for end-to-end security operations that are flexible and scalable, data-driven and applied with automated, operational accuracy. Above all, it should build trust and deliver on the promise of security and privacy—without getting in the way of customer experience.

That type of trust-building security system requires a Six Sigma-like operational rigor, but as breach after breach teach, we must employ new tools that ensure we eliminate any variance in cyber security. In my mind, success follows with three operational goals:

1. Efficiency
Attacks will come quickly and constantly. A security system must be able to flag and defend against threats, without causing bottlenecks or burdening budgets and staff.

Automation is the only way to make operations efficient. It can flag problems and route issues to security analysts. Robotic process automation acts on set rules to sift through millions of records to catch problematic transactions. But as attacks are increasingly sophisticated, Cognitive process automation, powered by artificial intelligence (AI) is the only way to get to true efficiency. As the system flags issues to security analysts, it then assist analysts in making correct, comprehensive decisions. With the deluge of data analysts deal with, cognitive automation can adapt to new variables and react to unique situations in order to reduce false flags and detect new types of attacks. Traditional process automation often stops short, using only narrow AI capabilities that focus on the structured security data alone, which brings us to efficacy in security operations.

2. Efficacy
Visibility across your entire organization is essential to detect any threats and to take required protective actions. Cyber security information is high-frequency, high-volume data which is accelerating as we digitally transform all aspects of society. Much of that data exists in a vast ocean of unstructured data that has no value unless we can process and derive insight from it.

Enter Artificial Intelligence (AI). Unlike current AI-powered security systems, we must evolve to a new framework that can make sense of unstructured data, identify security threats within it, and take action to protect the business.

The only security systems that are truly effective are those that combine the narrow AI of typical security systems and broad AI, capable of interpreting unstructured data. This makes it possible for security systems to scour the internet, ingest and analyze unstructured cyber security information, act on a single threatening data instance, the very first time it is encountered – the proverbial needle in the haystack –, and remember it always. This is vitally important as we look to protect the business from the most sophisticated and never-before-seen threats.

3. Repeatability
For material improvement to security operations, the system must combine both automation and broad and narrow AI. A successful system is one that can both flag the most critical threats, route them appropriately, and then learn from analyst decisions, applying that logic to improve threat identification and rules enforcement to continue improving over time.

In the context of those five market trends—where your bank runs on a digital, efficient, flexible and customer-centric model—, efficiency, efficacy and repeatability can only be achieved using automation, powered by cognitive technologies. It not only reduces the cost of operation but it reduces the burden, friction, and stress to customers.

IBM’s suite of cyber security tools bring together efficiency, efficacy, and repeatability through AI and automation, to enhance security operations, while building digital trust through consistent customer experience. See what our suite of security tools can do for you.

Vice President, US Financial Services Cyber Security

More Security stories

How emerging tech can drive world-class banking customer experiences

At Money20/20 in Las Vegas last month, IBM’s first Chief Digital Officer Bob Lord sat down with McKinsey’s Dan Stephens for a fireside chat on emerging technologies that can enable differentiated, magical experiences in the financial services industry. When Stephens asked Lord where he felt financial institutions should start to make momentum with change, Lord […]

Continue reading

Thinking forward: Financial Services and the AI Revolution

Artificial intelligence is changing the game. According to Stanford professor Andrew Ng, AI is the “new electricity,” already generating billions in value as it transforms industries such as IT, health care — and now financial services. Both fintech firms and traditional enterprises are on the brink of significant disruption as companies leverage the rapid insights […]

Continue reading

Where is the financial services industry in the digital transformation journey?

At last month’s Money20/20 conference, the event brought over 10,000 people together and hosted speakers from start-up disruptors to incumbent financial institutions, and everything in between. IBM was there in full force. And I had the pleasure of hosting a panel of CEOs three mornings in a row. I thought one panel participant explained eloquently where the financial services industry […]

Continue reading