Cyber risks now cause $2 trillion worth of losses every year, according to the chair of the inaugural Cyber Risk & Technology Resilience summit at the RiskMinds International conference in London on 13 November 2023. Artificial intelligence (AI) could make the situation worse or better, said representatives from the UK Financial Conduct Authority (FCA) and from HSBC Continental Europe, during a later panel session, Navigating the digital landscape.
As everything moves online, rising financial crime is a clear and present cyber-driven risk. But artificial intelligence (AI) could exacerbate it, while simultaneously offering a solution tool to fight phishers, scammers and malfeasance of all types. “AI can be a positive disruptor technology and a risk at the same time,” explained the chair of the new technology-focused stream at RiskMinds International 2023.
Crypto scams, deep fakes and other AI-powered cyber risks were highlighted this year, alongside standard financial crime risks, false data-led market manipulation risks, and so forth.
The fact that the Mayor of London, Sadiq Khan, was recently subjected to a deep fake social media video falsely purporting to show his disdain for the UK’s Armistice Day commemorations in favour of a march against the Gazan war is only the latest example of the political, economic and other threats made possible by AI-powered deep fakes. An ‘investment company’ could easily replace a politician in this type of scenario, making it hard for people to distinguish between what is real and what isn’t.
AI end uses
AI can be used for good or greed. It can be beneficial or detrimental. Bad uses debated at the opening RiskMinds 2023 panel with representatives from the FCA and HSBC, included market manipulation, pyramid scheme dissemination, and so forth. But AI can be useful too, in delivering:
- Faster decision-making: Speed can help with better customer service, more effectiveness immediate anti-crime measures; greenlighting of loans to businesses’ that need cashflow; and in a multitude of other end uses.
- More efficiency and cost effectiveness in operational IT is another potential AI boon.
- Democratising FS advice, so it isn’t only available to the rich that can afford to pay for a person to investigate market trends on their behalf, is another benefit.
“You could argue that AI isn’t truly intelligent yet [and won’t be until it becomes sentient like a human],” said a panellist. “At this early stage, AI is still essentially just a data aggregator, investigator and miner. An insentient tool. However, we do need control and regulation in this space to ensure governance as it rapidly develops.”
Staff training to mitigate bias and ensure safe usage is also a prerequisite. Keeping a ‘human-in-the-loop’ during the design stage of any AI tool is also critically important in ensuring the technology doesn’t run away with itself.
The best way to tackle scams, fakes and other cyber risks – whether they’re AI-driven or not – is via a 3-step process that focuses on:
- People,
- Process,
- & Technology.
This ‘3-storey house’ approach addresses each overlapping risk element in the building out of a resilient over-arching approach to cyber risk. It should also map to an organisation’s wider business continuity planning (BCP) approach, so that third parties in the cloud and so forth are included in any cyber risk assessment.
The suggestion to RiskMinds 2023 attendees from multiple panellists was to “embed resilience into your organisation and not simply bolt it on”.
That way you can resist, absorb and recover from whatever challenges come your way as a risk professional – whether it emanates from cyber or disaster recovery risks – or from standalone specific and general events, such as:
- Covid-19 business disruption;
- Wars like Russia and Ukraine or Gaza, which impact oil prices, inflation and so on;
- or the changing economic and interest rate (IR) environments post-Covid.
The latter IR risk recently led to the rescue of Silicon Valley Bank (SVB) and Credit Suisse.
Cyber risk was only one element of the multiple threats – and opportunities – that were debated at the RiskMinds International 2023 conference in London. Climate, reputational and other risks were also addressed at the event.
