AI and Cybersecurity in Banking: An Overview

Gold computer chip with the initials “AI.”

Artificial intelligence (AI) is a double-edged sword.

When used for good, it harnesses oceans of information with unprecedented convenience. 

When used for evil, it can help steal identities, destroy livelihoods, and sabotage businesses en masse. 

Right now, we’re in the midst of an AI arms race between the white hats and the black hats, between cybersecurity professionals and cybercriminals. 

The stakes in this race are high, with both the costs and potential benefits being substantial for all of us… especially for financial services organizations.

While acknowledging and understanding the risks, banks must also embrace AI to defend their teams, their clients, and their good name.

In this article, we will provide an overview of AI and cybersecurity and introduce five powerful uses for artificial intelligence in the financial services industry.

Historical Context: Cybersecurity in Banking

Bank security used to rely exclusively on plexiglass dividers, dye packs, and locked doors.  
Not anymore.  

With the advent of digital transformation, cybersecurity isn’t just a component of banking—it’s the heart and soul of it. 

In fact, without advanced cybersecurity measures in place, online banking would be broken. 

While cybersecurity isn’t new, it has become a mainstay of the financial world over the last decade. In fact, one could reasonably attribute the meteoric rise of banking cybersecurity to the 2014 attack on JPMorgan Chase, which compromised the accounts of 80 million people. 

At the time, this attack was the single largest theft of consumer data in banking history. Nearly a decade later, such attacks are a common occurrence. 

Between 2021 and 2022, there were 1,167 data breaches across the global financial industry. 

While 254 million records were leaked, the average U.S. bank paid out nearly $6 million in associated costs.

As terrifying as those numbers may be, they don’t include the most expensive casualty of all: reputational damage

Indeed, banking cyberattacks hurt in both tangible and intangible ways.

The Rise of Artificial Intelligence 

Artificial intelligence is the ultimate disruptor.

Whether you work in Hollywood, transportation, digital marketing, or financial services, AI is on the tip of almost every sector’s tongue. 

Even if it doesn’t affect your business, AI raises some profound moral/ethical questions for society.

While AI’s origins are intriguing, its impending future deserves more study than its ambiguous past. 

In certain corners, some have envisioned a nightmarish future akin to The Terminator, where AI becomes self-aware and capable of subjugating mankind. 

In more optimistic areas, some are hopeful that AI will empower us as a population. 

Ray Kurzweil, Google’s Director of Engineering, believes that the “singularity”—the point of no return for an emerging technology—will occur in 2045. 

According to his prediction, this is the year that “we will multiply our effective intelligence a billion fold by merging with the intelligence we have created.”

But that’s over 20 years away. In the meantime, AI stands at the crossroads of banking and cybersecurity. 

AI and Cybersecurity: 5 Powerful Applications

Artificial intelligence has already yielded fruit in the banking world. 

In fact, over 85% of financial services companies use AI in some form. 

For years, it has been broadly used to automate tasks, help customers with chatbots, and optimize investments. 

And yet, the real ROI for AI in financial services lies in cybersecurity. 

According to an IBM report, leaders in AI cybersecurity adoption reported a 40% return on investment and an 18% drop in data breach costs.

In fact, recent data shows that organizations that embrace AI see an average data breach cost of $3.6 million. Organizations without such tools paid a much higher price.

With these data points in mind, let’s take a look at five cybersecurity use cases for AI in banking.

1. Reduce Zero-Day Vulnerabilities (and Increase Response Speed)

The world of cyberattacks is proliferating at breakneck speed. 

Today, there are more cybercriminals, more hacking networks, and more effective attack methods than ever before. 

Human beings simply can’t keep pace with digital threats. In 2022 alone, there were over 25,000 common IT security vulnerabilities and exposures (CVEs). 

Where humans are limited, however, AI can help pick up the slack. 

More specifically, AI and machine-learning technology can help identify zero-day vulnerabilities across the banking sector. These are often the most pernicious security gaps, as zero-day vulnerabilities are found by hackers before vendors even know they exist. 

Fortunately, artificial intelligence can provide very real solutions. 

This is welcome news for community and mid-size banks with outsourced IT or more limited IT resources. 

After all, AI and deep learning can automate and accelerate data sharing, so any exposure is quickly patched before hackers exploit it.

In other words, AI can play a key role within your security team and reduce your mean time to respond (MTTR) with network anomalies or cyberattacks. 

According to IBM, AI has been proven to accelerate cybersecurity alert investigations and triage by an average of 55%. 

2.  Mitigate Risks With Automated Threat Intelligence

Incident response time is vital. 

After all, it’s what helps banks stop the bleeding from an active cyberattack. 

However, AI can provide an even more dynamic solution: automated threat intelligence, which empowers banks to identify and prevent cyberattacks long before they happen. 

For years, threat intelligence has relied on the manual efforts of trained security analysts. 

While many organizations have benefited greatly from this preventive work, cyberattacks have officially outrun their human counterparts. 

In other words, threat intelligence now demands the highest levels of research—across cyber forums, the dark web, social media, and nearly infinite traffic logs—and people simply don’t have the bandwidth to do it. 

Thankfully, AI automates the rigorous process of aggregating and standardizing the raw data needed to provide actionable insights. 

In fact, after processing the collected information, AI threat intelligence can use it to identify patterns, locate anomalies, indicate potential threats, and help banks prioritize cyber risk management actions.

3. Minimize False Positives and False Negatives

While identifying potential risks, AI also minimizes the distraction of false positives.

In other words, AI can help your intrusion detection system waste less time flagging legitimate files and benign user activity.

Here’s why AI systems are so effective: because they’re trained on vast, diverse, and evenly-distributed datasets, which teaches them to distinguish anomalies from normal activity.

That training makes AI especially beneficial for banks beholden to strict regulations. 

Indeed, compliance rules often increase paranoia surrounding potential cyberattacks and drive up the total number of false positives. 

While such intentions are well placed, an abundance of false positive attacks can hijack even a well-staffed security team’s time, resources, and patience. Worse, it can distract them from noticing real issues that could wreak havoc within the company mainframe.

To that end, AI can also limit false negatives, which aim to conceal malicious intent long enough to expose a network vulnerability. 

Across multiple touchpoints, AI can help your team increase security, consolidate resources, and separate the truth from the noise. 

4. Leverage User and Entity Behavior Analytics (UEBA)

User and entity behavior analytics (UEBA) provides a powerful counter strike to cyber threats. 

By constantly analyzing the behavior of devices—as well as the people that use them—UEBA helps banks identify anomalies and threats as soon as they arise. 

Here’s how it works: UEBA creates a baseline of user behavior by recording data sets like usernames, IP addresses, and activity logs.

By tracking basic movements and habits, UEBA is able to identify irregularities as they arise—like users logging in to a server overseas, or a user who accesses accounting files at 3 in the morning. 

That’s what makes UEBA such a powerful defense against insider threats, whether malicious or accidental. Once the UEBA system identifies a significant deviation, it will send alerts to your team. 

Nevertheless, UEBA doesn’t stop there. As an adaptive technology (like AI itself), it will continue making self-improvements and adjustments as it evolves. 

Note: Behavioral biometrics is an extension of UEBA and provides additional layers of security. Beyond physical biometrics (like fingerprints), it takes a granular approach to verification by assessing unique behaviors like keystrokes and finger/mouse movements. 

5.  Rebuff Social Engineering Attacks

Hackers use social engineering attacks to exploit human psychology. 

By preying on the good will of others, they can breach networks and ransack data. 

Phishing is the apex predator of social engineering schemes, and hackers use it all the time. In fact, over three billion phishing emails are sent per day. 

While banks have rightly promoted employee education as a defense, manual efforts can only go so far. A more robust strategy is needed to fight phishing, and AI can deliver it.

In fact, the right AI system can protect you, your team, and your customers before threats even emerge. Whether installed on your computers or smartphones, well-trained AI algorithms will actively sift through emails and text messages while looking for warning signs along the way. 

From a high level perspective, AI tools simply separate the safe mail from the dangerous mail.

More specifically, they scan the metadata and message content itself while making judgments and delivering alerts based on urgency, origin, and intent. 

For example, if the message references “payment information,” it will likely get flagged.

Or, if the email has a forged sender or misspelled domain, it will also get flagged. After all, AI and machine learning systems leverage essential security protocols like DKIM, DMARC, and SPF (the latter two being mandatory for banks using a .Bank domain) to fight phishing and spoofing.

Such strategies have been integral to fortifying Google.

According to Apart Pappu, VP of Google Workspace, “Machine learning has been a critical part of what we’ve used to secure Gmail.”

Artificial Intelligence: The Double-Edged Sword

Every AI advancement is accompanied by a potential AI threat.

After all, AI doesn’t exist in an ivory tower, far away from bad actors and misuse. Instead, it lives in the free market and is available to practically everyone. 

As of now, AI is totally unregulated (though legislatures are working quickly to institute red tape).

Just as the 1946 Atomic Energy Commission sought to put nuclear fission back in the box, governments are scrambling to limit the uses of AI. 

Nevertheless, while the legality of AI will remain an ongoing debate, banks must be aware of a more pressing vulnerability.

Cybersecurity experts and cybercriminals are leveraging the same AI tools

In other words, our advancements are mirrored by theirs. 

Take social engineering, for example. As we just discussed, AI makes it easier than ever to identify and neutralize phishing and spoofing attacks. 

However, cybercriminals are using those same tools to strengthen their social engineering schemes. They’re twisting the technology to impersonate people’s voices and creating deepfakes to hoodwink unsuspecting consumers.

These strategies work, and they’ve been devastating. A few years ago (before AI advancements truly took off), fraudsters successfully impersonated a CEO’s voice to steal nearly $250,000

We’re in the middle of a cyberwar. As cybersecurity teams train AI to get smarter, cybercriminals train it to get more malicious. 

As a result, banks must leverage other cybersecurity protocols to fortify their digital domains.

.Bank: Fortify Your Organization’s Domain Security

At the end of the day, all we have is our reputation. 

The same is true for your bank. Win, lose, or draw, your bank’s name is sacred.

As such, a proper defense starts by anchoring your digital presence with an incorruptible domain, an authentication cue that affirms legitimacy. 

Not to mention, .Bank requires DNSSEC, a validation chain of trust, so you know you are interacting with an authentic bank and not a scammer. This is one example of a security feature that can be leveraged in the future by AI or customers being serviced by AI to further authenticate your bank and its website. 

With a .Bank domain, you can strengthen your organization’s domain security and your digital identity.

As we have noted before, with open and unrestricted domains, there is no clear path to authentication. Bad actors and impostors are always looking for new and innovative ways to infiltrate your digital infrastructure. A .Bank domain significantly mitigates the risk of counterfeit emails or websites while safeguarding your resources, customers, and reputation from malicious actors.

Security, trust, and recognition are just a domain away.

Find out why 800+ banks said goodbye to their old domains. 

Don't miss out

Sign up for the .Bank newsletter and receive handpicked insights and ideas directly into your inbox.

Related Articles

Team meeting over incident response plan
For banks, cyberattacks are a matter of “when,” not “if.” Read this article and discover how to create a robust cybersecurity incident response plan (IRP).
A hacker’s gloved hands typing on a laptop keyboard.
Phishing is an existential threat to banking cybersecurity. Find out which attacks are most common, plus how you can defend against them.
Banker wearing a dark suit adjusting his tie.
Brand awareness in banking is a challenge and an opportunity. Learn how to build it for your bank—a .Bank domain can help you get there.