How CBA is managing cybersecurity in an era of ‘infinite signals’

Commonwealth Bank of Australia Cyber ​​Defense Operations Lead Andrew Pade is building an AI legacy that will protect clients from cyberattacks and security professionals from burnout.

Image: Timão/Adobe Stock

Andrew Pade took on the role of general manager of cyber defense operations and security integration at CBA just over three years ago. However, in that time, according to Pade, the number of signals reaching his cyber practice grew from 80 million per week to a staggering 240 billion.

“The number of signals we ingest every week is growing significantly and the threats are always there,” Pade said at the recent SXSW Conference. “We often say that we are in a time of infinite signals. That number means nothing to us now because they never end.”

Pade said the bank is now seeking greater leverage artificial intelligence to support your response to sophisticated and commodity cyber threats, while providing greater clarity and support for cybersecurity professionals, which we hope will prevent the common problem of burnout.

Jump to:

CBA Using AI to Identify, Respond, and Deceive Threat Actors

The Commonwealth Bank has pioneered the use of AI to combat cyber threats. Now the bank is bringing together cybersecurity personnel with internal data scientists and AI partners to build AI tools that will allow it to respond to sophisticated threats with even greater speed and accuracy.

TO SEE: Australia’s banks are using cross-collaboration to reinforce security.

“We’re doing things now that we only dreamed of doing three years ago, and we’re actually building them, not just talking about it,” Pade said. “I feel very privileged to be able to bring these really smart people together in one room in what will be a future legacy for our organization.”

The Commonwealth Bank is using AI for cybersecurity in three main ways.

Threat identification

CBA’s AI models will be able to use data available in your own environment to look for indicators of compromise. If a workstation or user account is hacked, the AI ​​will be able to detect a change in behavior compared to the user’s normal behavior.

Threat response

About 90% of the cyber threats the bank sees are commodity threats and are already handled automatically “by machines,” Pade said. This allows the AI ​​to guide the team toward “highly skilled and targeted” attacks so they can be dealt with before they become larger.

Deceptive technologies

CBA is using deceptive AI to trick cybercriminals. Because they don’t know the CBA environment, said Pade criminals can be targeted towards what appear to be “the crown jewels”, only for them to “light up like a Christmas tree” for the security team.

AI supporting greater clarity and focus on sophisticated threats

Most cyber threats blocked by the CBA are around three to four years old. This is because these packages are ready to be taken off the internet, making them cheaper for criminals to use on a large scale. These are threats that can be automatically addressed by AI.

This is where AI is adding value. By dealing with this high volume of commodity threats and helping its cyber team identify the rare “needle in the haystack,” Pade said it allows the cyber team to be “surgical, fast and precise” when it comes to more serious threats.

SEE: AI and generative AI at the top Gartner List of Strategic Technology Trends for 2024.

“We are seeing technologies moving left and people moving right,” Pade said. “It gives us real clarity and it’s something we haven’t had for some time. I’ve been doing this cyber stuff for a couple of decades and it’s really changing the way we work.”

A powerful cybersecurity resource for cyber teams

Despite the exponential growth of signals to 240 billion in just three years, Pade said the actual size of his human team has not increased in that time.

Instead, AI has stepped in to do the heavy lifting, while your people are given bandwidth to focus on the threats that matter. AI is even working with junior analysts.

“We’re taking some of our smartest cyber skills that we use to train these models and putting them into the hands of all of our analysts,” Pade said. “We can have a junior analyst working on these models based on some of our smartest people.”

AI to prevent burnout in cybersecurity roles

Pade hopes that one of the legacies he will leave at CBA, and more broadly in the cybersecurity industry, is using the power of AI to reduce burnout among cybersecurity professionals. Professionals typically face a high level of stress during their careers.

“I’ve been doing this for 20 years and a lot of my colleagues have become exhausted during that time,” he said. “It’s a career where your fight or flight response is always on; you always have one eye open. You always ask, ‘How do you sleep?’ – that kind of thing,” Pade said.

Pade said AI can benefit cybersecurity professionals because it “doesn’t have a limbic system and doesn’t sleep.” This means AI can be used to monitor threats at all times, including overnight or on holidays, so cyber professionals don’t miss critical threats as they emerge.

“I have a lot of graduates coming out of university and I don’t want them to burn out in 10 years. To me, having the ability to take some of our smartest people and put that capability in their hands means we’re not going to burn out those people,” he said.

‘Hallucinations’ a challenge for AI company creators

Pade said building an AI model in-house is challenging, even with the advantage of having data scientists. “We thought it would be faster than it was, but because we’re dealing with math and not big language models, it’s taking a little longer,” he said.

Just one is that the bank needed to design around the problem of AI hallucinations, also experienced by Generative AI large language models. This is when an AI model asks a question and provides an answer that seems completely plausible, but is actually wrong.

TO SEE: Australia is quickly adapting to generative AI.

In the end, Pade said it becomes “a dance” between data scientists, cybersecurity personnel and partners. “How can we take those 240 billion signals that are constantly passing by, reference our past history and what we’ve seen, to help identify the actions we need to take?” he said.

Leave a Comment