Artificial Intelligence. A force for good or one to be reckoned with? The camps are divided across all industries, cybersecurity included, writes Daniel Dahinden, pictured, Head Digital and Innovation at financial securities firm SIX.
For every industry professional who believes AI will help protect the world against increasingly sophisticated threats, there are those that think it will eventually lead to the fall of the human workforce. In the Swiss capital markets space, an example of AI use has been developed to increase cyber protection. However, it has highlighted why both technology and humans must work together if they are to solve growing problems affecting the economy.
Capital markets versus cyber-security
According to a study published by the International Organisation of Securities Commissions’ (IOSCO) and the World Federation of Exchanges Office, nearly half of the world’s securities exchanges were the subject to cyber-attacks last year. The most frequently used method of attack was Denial of Service, whereby hackers seek to disrupt websites and other systems by overwhelming the target organisations’ networks with a significant level of traffic and viruses. Other forms reported by the study included website scanning and information theft.
Interestingly, none of the exchanges reported financial theft as part of the attacks, however, this, and the threat of large-scale systemic damage, is becoming an increasing possibility, as cybercriminals adopt more complex and sophisticated methods of attack.
As cybercriminals get smarter, the cost of attack is also expected to grow; there is currently limited data on the costs of cyber-crime to securities markets, but the estimation range between $388 billion to $1 trillion. These costs commonly extend beyond exchanges to the companies listed on them.
Using Cognitive Computing to fight back
Surprisingly, there can be positives from cyber-attacks. Companies are more clued-up and prepared from a technology and process perspective on how to cope with the damage they inflict. Some are even going the extra mile to implement new technologies – made up of AI – in order to combat threats more effectively.
Earlier this year, SIX opened Switzerland’s first security operations centre (SOC) for both the Swiss Financial Market and for SIX itself. Built using IBM’s cognitive computing platform, it aims to help banks tackle cyber issues whilst complying with strict financial regulations. The network is accessed over a billion times a day and over 30,000 times per second during peak times.
It works by detecting correlations in users accessing their networks and notifies security analysts at SIX – who are on standby 24/7 – of suspicious activity that could indicate a potential security threat. The analysts then determine whether the activity has stemmed from a hacker or a genuine error, like someone forgetting their password numerous times.
IBM’s Watson technology then compares this potentially suspicious access activity with external data. It analyses factors like where login attempts are coming from, whether they match known attack patterns and if a previous offenders’ name appears.
Watson for Cyber Security is different to previous technology. An analyst does not need to spend hours scanning through databases for this information. Instead, the technology can do it in real-time and can analyse unstructured data, such as websites or blogs, to bolster and grow its understanding of new threats and specific incidents.
Having already absorbed over a million documents and being trained in the “language” of cybersecurity, it has been able to help analysts dissect a number of natural language research reports that require AI based technology which have been inaccessible in the past. This in turn have helped analysts to stop attacks much quicker.
Going beyond traditional methods
Using graphics, Watson for Cyber Security also depicts network access activity. The visuals reveal correlations that would otherwise be hidden and difficult to understand with just raw data alone. Analysts then use visualisations to scrutinise data more deeply, allowing for faster and more accurate attack detection. It’s hoped that in time, the tool will learn how to devise defence recommendations on its own, not just detect activity as it does now.
Better together
Whilst some fear that AI will take jobs, examples such as the one above show this technology is more likely to enhance the work that humans do. In a world where humans are increasingly being asked to take on more and more work, AI is more likely to be a saviour than a threat.
