KPMG helped a financial services firm protect its customers' money and data with intelligent forensic and predictive cyber capabilities.
When your entire brand is built on trust, you have to know you can weather a surge in cyber crime – especially when you’re a financial services household name and your customers’ money is at stake. And when you’re competing for millennial customers in particular, you have to make it easy to do business through a variety of digital channels and platforms – even if doing so raises the risk of data breaches. What’s the solution? Proactively leverage the latest technologies in artificial intelligence (AI) and machine learning to detect, counter, and prevent sophisticated cyber attacks in real time.
KPMG’s solution combines the client’s existing cyber security toolkit with customized machine learning and AI capabilities to help eradicate risks in a scientific, repeatable, and proactive way. By automating manual processes, the prototype:
Having worked with the client on numerous strategic initiatives, we were deeply familiar with its technology, operations, strategic direction, and business priorities. That’s why we offered to co-innovate with the firm on one of its most pressing issues: the transformation of its cyber security capabilities.
Combining expertise from our cyber, forensics technology, financial services, and data and analytics teams, we proposed a visionary solution: an enterprise-wide cyber risk platform that learns from datasets. The framework triggers alerts and responses, by compares the top cyber-attacks in real time against the company’s customized tolerance levels. As the model evolves, it is even expected to start providing predictive recommendations for pre-emptive action.
KPMG’s solution takes available open-source libraries, big-data platforms and machine learning tools, then ties them together with client-specific machine learning and AI capabilities. The machine-learning capabilities cross-references relevant data, traditionally siloed in each tool and acts on them in real time. The organization gains insights it didn’t know existed.
Unlike organizations that can only react to incidents, the client can monitor itself and respond to risks and anomalies before they become problematic. One example: A login session with uncharacteristic behavioral identifiers can be automatically flagged when someone attempts to update bank account activity or perform a high-risk transaction.
As more of these transactions occur apart from the physical branch – through the mobile and web channels that digital-native millennials prefer, for instance – these detection capabilities become especially important. Over time, the customer security experience can be continually enhanced, with additional analytics drawn from select data attributes and key risk indicators.
By identifying both high-volume and under-the-radar cyber attack patterns, this KPMG prototype can protect the company’s core business, allowing the firm to pursue new opportunities with agility and confidence.
AI and machine learning can transform an organization’s cyber security initiatives if the client leverages a multi-dimensional team (data scientists, cyber security experts, forensic specialists, and security architects) and takes a holistic perspective rather than focusing on point solutions.
Implementing intelligent cyber security measures involves three phases. The first phase describes how you want to prioritize your problem statement, second determines use of your data and what you want to learn, and the third provides the intelligence at scale.
KPMG frameworks s allows you to retrain existing resources to take on new responsibilities and also attract new talent excited to work with next-generation technology.
KPMG complies with the auditor independence rules of the AICPA, SEC, PCAOB and DOL. As a result, some services described herein may not be available to our audit clients. KPMG audit clients should check with their respective lead audit partner for more information.