An overwhelming increase in the amount of available data coupled with logarithmically expanding bandwidth and the increasingly global nature of financial transactions has created security challenges for banks and financial institutions that were unimaginable just five years ago. During those same five years, the technology landscape within financial institutions—including the commoditization of cloud use and storage and massively parallel-processing computing—has changed dramatically. At the same time, the price of the technology to perform these once inconceivably complex analyses has fallen precipitously just as its efficacy has increased exponentially.
The political and global economic upheaval of 2008 ushered in a new generation of compliance requirements for banks at the same time data creation exploded; by 2014, world data creation may reach 7 zettabytes (ZB), up from 1.8 ZB in 2011. Banks and other financial institutions are now in the business of real-time and historical surveillance, counter-intelligence, and other disciplines historically found only in government. However, the techniques that banks commonly use for fraud detection insufficiently address the far more subtle business of detecting money laundering, insider trading, and other types of malfeasance.
Banks know intuitively that they must change—and quickly. The horizon for development of technologies to make and leverage this change has been compressed to such a short timeline that creating a longer-term vision of the future is a significant challenge. Banks are changing their thinking about information technology risk, shifting as quickly as practicable from a reactive to a proactive approach, and seeking ways to harvest intelligence from unstructured data and other unorthodox sources.
Chief information officers (CIOs), chief security officers (CSOs), and those who manage security and compliance need to understand these changing dynamics as well as the technology choices that banks and other financial institutions must make in the coming 18 to 24 months. This paper focuses on these issues and highlights the questions they must answer.
- Using structured data makes some analyses cheap and easy to perform, but gaming the system or hiding in plain sight within unstructured fields is also easy.
- Against a backdrop of compliance requirements, banks face increasing risks for cyber attacks that can lead to significant financial losses.
- Because insider fraud and malfeasance are more sophisticated than card fraud, detecting it requires significantly more subtle indicators.
- Although far more knowledge is available from unstructured data repositories than structured data, advancing intelligence capability is hard to justify until the technology required to enhance it already has been purchased.
- Detecting insider malfeasance requires evidence of transactions and interactions compared to a context of “reasonable” and “normal” behaviors that are inherently impossible to articulate through structured data alone.
- The application of predictive analysis techniques, originally developed for nation-state and intelligence applications, to commercial transactions affords greater control of risk than ever.
- Compliance officers work in a role that demands spend but produces no visible return on investment (ROI), and they must require compliance with a complex set of rules and frameworks that don’t always lead to true security or risk reduction.
- Compliance challenges for financial institutions and their current approaches
- The growing pressure on banks to better defend against risks
- Common threats
- Insider fraud
- Common approaches
- Intelligence and context
- Big data on the road ahead
- The hunters and the hunted: The nature of a proactive approach
- Using big data to detect patterns of fraud and money laundering
- Compliance officers: Moving from reactive to proactive response
- Reactive versus proactive
- About Steve Hunt
- About GigaOM Research