The main objective of this project was to define how financial institutions are leveraging artificial intelligence (AI) as part of their cybersecurity strategy. The Capstone team built a framework with offense, defense, and implementation sides. In terms of the project methodology, the team conducted literature review and expert interviews.
First, on the offense side, the team deduced 5 key AI-related cyber security attacks: deepfake, phishing, sniffing, distributed denial-of-service (DDoS), and data poisoning. Second, on the defense side, the team adopted two approaches, 1) countermeasures against each attack and 2) overarching countermeasures. As to the first approach, the team concluded that analysis of video and audio, liveness check / biometrics, adaptive authentication, natural language processing, adoptive protection, and AI confirmation of data are the important tools for mitigating cyber security attacks. In terms of the second approach, the anomaly detection needs to be closely reviewed. Lastly, in the implementation side, the team reviewed two corporate venturing strategies, strategic partnership and strategic investment. Joint R&D and venture clients are the representative methods of the first strategy, and acquisition and the accelerator programs are the noticeable methods of the second one.
The conclusion of this project is as follows:
- The impact of AI on cybersecurity will likely expand the threat landscape, introduce new threats and alter the typical characteristics of threats.
- In responding to traditional cyber-attacks intensified by AI, not only AI-related measures but conventional measures are also still effective.
- To make tangible results within a limited timeline, developing well-prepared strategic partnership is strongly recommended.