Finance and banking are always the "targets" of cybercriminals. The risks and dangers increase dramatically when banks and financial companies apply AI.

To help readers better understand the story of safety and security in the context of AI development, VietNamNet reporter recently had an interview with Mr. Le Nhan Tam, Technology Director, Microsoft Vietnam.

Mr. Le Nhan Tam 1 1.jpg
Microsoft Vietnam's Chief Technology Officer Le Nhan Tam said that in the context of strong AI development, cyber attacks have become more sophisticated, faster, and more difficult to deal with than ever. Photo: Van Anh

Reporter: First of all, please tell us how the information security picture changes with the addition of AI?

Mr. Le Nhan Tam: With the increasingly strong participation of AI in all fields, the information security picture is more colorful than before, the benefits are many but the risks are also countless, and the current risks of information security loss are extremely diverse.

For example, in the past, traditional attacks required highly skilled hackers to be able to attack. But today, just a normal person with some skills can use AI to create viruses, create attack tools based on AI-generated tools. The risk will be very high when AI is used for bad purposes.

For the banking and finance sector in particular, what new challenges does the participation of AI bring, sir?

In the context of strong AI development, information security in the banking and finance sector is facing many new problems. Cyber ​​attacks are becoming more sophisticated, faster, and more difficult to deal with than ever.

Information security risks and threats are increasing in scale, speed and extent of loss; from sensitive data leaks, financial losses, to reputational damage and business disruption.

A key factor driving this increase is the increasing use of AI and large language models by threat actors to optimize malware, evade detection measures, and refine attacks such as social engineering and ‘spear-phishing’.

Clearly, AI opens up huge opportunities, but it also increases security challenges. This is also the reason why security is considered one of the three main pillars in Microsoft's development strategy, along with Cloud, data and AI.

While Cloud is the foundation for AI, data is the basis for AI to work effectively, security solutions ensure that systems and data are always safe.

So, in your opinion, what should banks do to improve their ability to protect their systems and users?

When advising partners on how to respond to cyber attacks in the “AI era”, we often recommend that they follow the “3P - People, Process, Platform” model.

In this, people are the key factor. Building a proactive security culture from employees through continuous training on security methods is an important foundation.

For example, Microsoft employees are required to learn about security and personal data at least twice a year. This is to constantly remind and update new knowledge, helping them always apply the Zero Trust principle - no time is absolutely safe.

ai application 2.jpg
In addition to leveraging the power of AI, banks and financial institutions also need to pay special attention to minimizing the risks that this new technology brings. Illustration: Internet

Next is a rigorous process that ensures all activities are under control. Enhance identity security by implementing multi-factor authentication and anti-phishing authentication methods to limit the risk of phishing attacks and protect access to sensitive systems.

Finally, technology – investing in the right platforms and services. AI-powered security solutions will help financial institutions stay ahead of new threats and protect sensitive data.

Thank you!

According to the Banking Association, AI application is a prominent trend with global businesses, including banking and finance companies; about 85% of banks have established an AI application strategy in building new products and services.

However, implementing AI in banking is not easy; data security and privacy are always top concerns for banks.

In Vietnam, in the first half of this year, the number of cyber attacks on the banking and finance sector accounted for 13.7% of the total number of incidents reported by 230 members of the National Cyber ​​Security Incident Response Network.

Nearly 50 banks and financial institutions 'practice' to respond to cyber attacks . The DF Cyber ​​Defense 2024 cyber attack and defense drill is an opportunity for 46 financial institutions and banks to 'practice', contributing to improving the cyber attack response capacity of IT and information security personnel.