Cybersecurity at machine speed

May 4, 2019
Financial institutions are increasingly developing and adopting AI-enabled cybersecurity solutions.

This is an extract from “AI for business“, the second report of the four-part series, “Asia’s AI agenda”, by MIT Technology Review Insights.

Many of today’s cyberattacks are automated, says David Chinn, head of cybersecurity at McKinsey & Company. “The signal to noise ratio is low. We know that it takes approximately six months to detect a data breach. Most of the bad actors found in big public breaches have been on the inside of those companies for more than six months,” he says.

Within financial services, investments made in AI-enabled cybersecurity are beginning to come to fruition, says Chinn, particularly in areas such as credit card fraud where machine versus machine infighting is already happening. Similarly, in loan fraud, where risk decisioning happens in real time, banks (and their IT vendors) are building AI-cyber centers of excellence. An area of focus is on how to use open source technologies to build better models. “We’re seeing them partner with university programs to develop these solutions,” he adds, but in the future, banks could be encouraged to share data with each other about cyber threats and attacks.

“We know that it takes approximately six months to detect a data breach. Most of the bad actors found in big public breaches have been on the inside of those companies for more than six months.”

David Chinn, Head of cybersecurity, McKinsey & Company

The sheer number of devices and sensors employed by companies today means that the traditional alerts-based security operating center (SOC) model struggles to cope. When hundreds of alerts turn into tens of thousands, anomalies occur constantly, particularly in organizations with poor discipline. AI solutions are emerging to make sense of it, but more progress can yet be made. “It’s not foolproof,” says Chinn. “You still worry about false negatives and missing the signal that matters. We’re far from ‘problem solved’. This is a business with adversaries, adversaries that are also developing fast. They only need to get in once, and you have to stop them every single time, so it’s fundamentally asymmetric.”