Copilot: an indispensable tool for banking security teams
The threat to banks from cyber crime is becoming increasingly complex, as state actors and criminal gangs become more adept at targeting vulnerabilities.
A report by the Bank for International Settlements singled out the growth of cloud-based services and remote working as two of the primary drivers behind the heightened risk. System perimeters are more dispersed, with each remote worker providing a potential penetration point for a bad actor and enabling errant employees to cause problems from inside company defences. Threats are also becoming more sophisticated as criminals deploy numerous attack vectors.
These can be via social engineering, known as ‘hacking the human’, or via unsecured technology like apps, data and networks. In essence, banks are only as secure as their least protected device.
Banks’ biggest concerns are currently malware (40%), phishing and ransomware (both 33%), data theft or misuse (30%) and business email compromise (27%), according to one study. Primary methods of attack include ransomware-as-a-service and distributed denial of service attacks. And the impact can be severe.
In 2023, the average cost of a data breach in the financial services sector was $5.9 million (the average was $4.5 million). This may not only result in financial losses but catastrophic reputational damage and censure by regulators. Banks could face fines under EU General Data Protection Regulation if confidential information becomes public. Due to launch in October this year, the EU’s Network and Information Security (NIS2) directive will require banks to boost the security and resilience of critical systems and networks, with the prospect of severe penalties for noncompliance.” The recently launched Digital Operational Resilience Act will also require banks to record all ICT-related incidents and significant cyber threats.
Responding to the changing threat
The encouraging news is that leaders are increasingly aware of the problem. A report by the Bank of England found 80% of executives believed cyber attacks were the biggest single threat to the UK financial system. This awareness is prompting action, with the global cybersecurity market in banking estimated at $77.1 billion in 2023 and forecast to reach $ 285.4 billion by 2032. But with criminals becoming increasingly sophisticated and bringing new tools like generative AI to bear, the threat of a cyber security arms race looms – and banks simply can not afford to not keep up. So, what can they do to ensure they are equipped to deal with these growing threats?
Imagine if a bank Chief Information Security Officer could empower their cyber defence team with the means to cut through all the ‘white noise’ of data coming and going, crisscrossing their networks and single out that vital piece of information that really matters? Not only that, but it could also propose automated responses while continuously learning and refining its operations to make even smarter recommendations in the future? All of this can be done by harnessing the power of generative AI.
Leveraging AI for cyber defences
Microsoft Security Copilot is one tool that uses generative AI in such a way. It simplifies the threat picture and can identify problems and automate responses, continually learning and improving to help ensure security teams are operating with the latest knowledge of attackers, their tactics, techniques, and procedures.
During the chaos of multiple alerts, Security Copilot offers a vulnerability summary, prioritises risks based on the scale of the attack and gives recommendations – in minutes. It also provides an audit trail for investigations. Copilot allows teams to share useful prompts, such as reverse engineering (how malicious code leads to breaches). Analysing threats at machine speed provides early warning to detect malware, trojans and phishing that is vital to the success of any bank.
Its capabilities also offer solutions to the problem of disparate legacy systems and visibility gaps. By harnessing the built-in security capabilities of other Microsoft systems and taking data signals from software such as Microsoft Sentinel and Microsoft Defender Threat Intelligence, it can provide a holistic threat picture and provide suggested solutions.
This all directly helps overstretched teams, transforming how they operate and enabling them to quickly and accurately investigate and identify threats. In fact, early adopters found it enhanced productivity and achieved significant time savings of up to 40%.
So, it seems clear that with threats growing ever more sophisticated, leveraging generative AI software such as Security Copilot can provide the cutting edge in the ongoing battle with cyber criminals.
For more information visit our Copilot for Security site.