Securing the Financial Future

Insights from IBM on Battling Cyber Threats in an Evolving Landscape


Corey Hamilton

Global Financial Services Leader & Partner, IBM Security Services


As the Global Financial Services Leader at IBM Security Services, could you share your insights on cybersecurity in the financial industry?

The financial services sector is undergoing a period of prolonged and far-reaching change – a digital transformation that has been in progress for some time but which was accelerated by the pandemic. The wide-spread adoption of hybrid working, often supported by the implementation of cloud-based systems, reduced or constricted budgets, daunting technical debt are just some of the more obvious developments; adaptations that are uncovering new vulnerabilities and opening up new routes of attack for cybercriminals and hostile states.


In recent years, we have seen increased cyber threats targeting the financial sector, including state-sponsored  threats. What are some emerging trends or techniques that cybercriminals employ, and how can financial institutions stay ahead of these threats?


One of the most worrying trends is the rise of increasingly sophisticated ransomware attacks. The days of simply locking someone’s data and then demanding a payment in return for the encryption key are long gone. Attackers have largely replaced that model with a more damaging two-step approach that simultaneously paralyses a target’s system while surreptitiously extracting its data.


Cybercriminals are always looking for the next development. As a result, things are about to get even more complicated: triple extortion has arrived. This takes the two-step approach and adds in ransom demands directed at a victim’s supply chain, a common source of vulnerability as the security maturity of each part of a supplier network won’t necessarily be the same.


How does IBM Security Services help financial organisations develop robust cybersecurity strategies? Are there any specific frameworks or methodologies that you follow?


The financial services sector needs to take a ‘zero trust’ approach to security – a methodology that abandons the idea that you can trust anyone as far as security is concerned. Everyone needs to be re-evaluated and re-authenticated and then given the lowest set of system privileges required for them to operate.


This approach also assumes the worst – that a breach is happening – it’s about spotting it rather than thinking, ‘I can’t see an attack, I’m therefore okay’. Zero trust argues that every organisation is under attack – it’s just a matter of how bad it might be.


Data breaches and data privacy are major concerns for financial institutions. What steps should organisations take to ensure the security of customer data and comply with regulatory requirements and avoid being hacked in the first place?


The burgeoning digitisation of the financial services industry, including the widespread adoption of hybrid cloud, has rightly attracted the attention of regulators and policy makers. As a result, financial institutions need to balance innovation with increasingly stringent compliance and security requirements. For example, the Bank of England is looking at ways to facilitate greater resilience and the adoption of cloud-based services and other new technologies – an approach that combines support for innovation with regulatory oversight.



With the rise of cloud computing and remote work, how can financial institutions effectively manage cybersecurity risks in these environments? What are some best practices for securing cloud-based systems and remote access?


Financial institutions are among the top targets for cybercriminals because of the wealth of valuable data they hold, which make them a very attractive to cybercriminals. This hasn’t gone unnoticed – businesses are waking up to the notion that standard security measures are not enough in the cloud. To keep customers and proprietary data secure and private, enterprise-grade security innovations, such as confidential computing, are essential.


Of course, security in the digital domain isn’t new; protecting internet communication with HTTPS is well established, as is the use of SSL, which was initially applied to credit card transactions but has since become ubiquitous. Confidential computing has the potential to become equally as pervasive due, in part, to the widespread adoption of cloud technology.


By ensuring that data is processed in a shielded environment confidential computing makes it possible to securely collaborate with partners without divulging proprietary information. It makes it possible for different organisations to amalgamate data sets for analysis – such as fraud detection – without getting to see each other’s information.


Artificial intelligence and machine learning are being increasingly used in cybersecurity. How is IBM incorporating these technologies into its security solutions, and what benefits do they offer regarding threat detection and prevention?


IBM Cloud for Financial Services is designed to help clients mitigate risk and accelerate cloud adoption for even their most sensitive workloads. Security controls are built into the IBM Cloud to enable financial institutions to automate their security and compliance behaviours and make it easier for clients to simplify their risk management and demonstrate regulatory observance.


The IBM X-Force Protection Platform augments our cyber security experts with AI and automation at global scale, resulting in more effective, efficient and resilient security operations. We have successfully helped clients proactively identify, protect, detect, respond and recover faster from attacks due to the unique capabilities of the platform. Our platform’s AI is used on top of what vendors provide within their off-the-shelf tools. The platform learns and incorporates the intelligence from 100s of analysts across thousands of our clients. It provides guidance on policy recommendations and reduces the noise, so critical items can be addressed immediately.


The services platform promotes effective, efficient, and resilient security operations, at global scale, connecting workflows across our different services. It provides a method for integrating all of an organization’s security technologies cohesively within our open ecosystem. What this means is that the services platform is IBM’s end-to-end integrated approach to Security Services. This includes a combination of software, services and methodologies which are integrated in a centralized platform providing the clients with a unified experience. IBM’s services platform integrates across people, processes and tools using open standards and best practices.


Looking ahead, what do you see as the future of cybersecurity in the financial industry? Are there any emerging technologies or trends that will significantly impact how financial institutions approach cybersecurity?


Highly regulated industries are feeling pressure to transform with an ever-increasing rate and pace. However, they must not lose focus on security, resiliency and compliance on their mission to modernise. This is especially important for financial services where regulations are rapidly changing and exposure to cyber threats has escalated to unprecedented levels. And it’s about to get even more complex.


Financial institutions need AI tools that are accurate, scalable and adaptable can keep up with the evolving threat landscape. IBM has been a leader in the work of foundation models – and watsonx is part of IBM’s push to put state-of-the-art foundation models in the hands of businesses. Furthermore, IBM is thinking bigger – building and applying foundation models for entirely unexplored business domains such as geospatial intelligence, code and IT operations.


Financial institutions also need to be crypto-agile in order to protect themselves from attack by quantum computers. Quantum and crypto agility can help financial institutions to improve their cybersecurity posture. The aim is to combine the performance of current processes that use classical and AI solutions in fraud management, risk management and customer experience, with that of the latest quantum technology, with the goal of achieving a quantum advantage.


This is where AI comes in. It can help cybersecurity teams by automating protection, prevention, detection and response processes. Paired with human intelligence, financial services companies can extend their visibility across a rapidly expanding digital landscape of applications and endpoints.