Machine Learning and Cyber-Security: What are the Stakes?

In cybersecurity, as in fraud prevention and detection, there is a constant movement between two forces: IT staff and cybercriminals. The latter always looks to outwit the former, whether to steal information from a database or take over a site, while the former keeps building new defenses to prevent a breach. Often, banks and other businesses are one step ahead of the crooks, but vigilance is always necessary. Attacks can happen at any moment, for the Internet never sleeps. Machine learning (ML) platforms that can identify and help prevent attacks make it easier for financial institutions to best hackers. With that said, the stakes of using ML to develop a secure payments system are high.

 

Figuring out the hidden details

One of the critical issues in detecting fraud and other criminal activity on a bank’s server comes from identifying anomalous activity through the series of payments that come in each second. Running through that data regularly requires a lot of brainpower and thus necessitates having data scientists on hand to sort through it all. Data scientist Mike Stute, in an interview with No Jitter, also noted there are a few particular issues that come into play, in part due to the way a bank’s cybersecurity apparatus comes into being:

 

  • There’s the lack of a coherent security system due to the deployment of security products that may not communicate with one another.
  • Banks silo how they handle problems between analysis and remediation. This causes severe coordination problems when a problem surfaces.
  • The amount of data under the jurisdiction of IT increases every day as more devices connect through mobile apps, online access and other legitimate means.

 

Compounding these problems is a shortage of qualified data scientists. In order to combat this situation, machine learning can take up many of the roles of fraud detection and security while working in tandem with experienced data scientists. These platforms can work to identify hidden variables that most humans have trouble seeing. This form of heuristic analysis strengthens a bank’s security position. What also helps is ML can adapt to changes in attack patterns, especially as the situation changes.

 

A cornerstone, not the go-to

As fraud attacks change in degree, machine learning’s strength will be in handling automated attacks. The vast majority of attacks come in this form, with tools given a set of “coordinates” to target and automatically run all the actions necessary to create a breach and access data. Machine learning can quickly identify these problems and put a stop to them through alerts and other measures.

 

However, it’s not a complete panacea. In a critical article for Information Week, cybersecurity expert Simon Crosby said that the primary trouble with machine learning at the moment is that even though they can adapt to attacking methods, hackers could also manipulate the system to some degree with a slower approach to a hack. This is why, alongside an ML platform, a data scientist or expert should be on hand. While the software can detect and respond to anomalies in the bigger picture, experts can zoom in on details and detect subtle differences for more sophisticated attacks.