Archive for

Jan 30

10 Ways To Own Your Cybersecurity In 2020

Bottom Line: One of the best New Year’s resolutions anyone can make is to learn new ways to secure their personal and professional lives online, starting with ten proven ways they can take greater control over their own cybersecurity.

For many professionals, their personal and professional lives have blended together thanks to the growing number of connected, IoT-capable devices, including cars, home security systems, smartphones, virtual assistants including Amazon Echo, Google Home, WiFi routers, and more. It’s typical to find homes with two dozen or more connected devices that are relied for everything going on in a person’s life from personal interests, connecting with friends, and getting work done.

It’s Time to Secure Every Area of Your Smart, Connected World

Faced with chronic time shortages, many people rely on smart, connected devices supported by AI and machine learning to get more done in less time. They’re proliferating today because they’ve proven to be very effective at personalizing experiences while providing the added convenience of being always on and available to help. Smart, connected devices are an extension of a person’s identity today as they contain insights into buying behavior and, in some cases, actual conversations. The more these devices are protected, the more a person’s identity and most valuable resource of all – time – is protected too.

Strengthening your own cybersecurity starts by seeing every device and the apps you use as potential attack surfaces that need to be protected. Just as you wouldn’t likely leave any of the physical doors to your home unprotected and locked, you need to secure all the digital entrances to your home and person. Like the CEO and cybersecurity team of any organization who is focusing on how to reduce the risk of a breach, the same level of intensity and vigilance to personal cybersecurity needs to become the new normal.

10 Ways You Can Own Your Cybersecurity

The following are the top ten ways you can take control and own your own security. Several of the ways mentioned below are from the recent Centrify webinar, Cybersecurity Best Practices: The Basics and Beyond:

Replace weak passwords used on multiple accounts with a unique, longer password for each online account. Start by getting away from having the same password for multiple accounts. When a single account gets hacked, it can easily lead to all the others with the same password and comparable user ID. Passwords are proving to be the weakest attack vector there is for personal information today. World Password Day serves as a reminder every May to use stronger, different passwords on each account.
Start researching and choose a Password Manager that is flexible enough to match how you like to work. It’s time to get beyond Post-It notes and paper-based approaches to managing your own passwords now. Dashlane, LastPass, and OneLogin are all excellent password managers worth checking out. If you’re not sure password managers are worth it, I’ve seen them add an additional layer of security to personal and work accounts that would not have otherwise been available. Some will even notify you when an account you have might have been breached, and recommend a new password for you. A screen capture from the webinar illustrates the differences between personal, professional and Privileged Access Management (PAM) levels of password security:

Use single-sign-on (SSO) if available for systems at work, even if you’re logging in at the office. SSO systems use temporary tokens, which have proven to be more reliable than static credentials. One of the primary design goals of SSO is to authenticate your identity once, and give you access to the applications and system resources you need and are entitled to access to get work done.
Vault away passwords to critical systems and data. In the privileged access world of Cybersecurity operations in any organization, password vaults have become commonplace. Password vaults are similar to password managers many people use for their personal devices, web applications, and sites they regularly visit. In the case of a password vault, privileged credentials are checked in and out by admins, with each password automatically rotating to ensure greater randomization.
Enable security on all the devices you received over the holidays, starting with your WiFi router. If you’ve never set an admin password on your WiFi router and the two guest access points they typically have, now is a great time to do that. If you have an Amazon Echo or Google Home, manually disable the microphones. On the Echo, press the microphone button until the external ring turns red. On Google Home, use the small switch on the side to turn off the microphone..On an Amazon Alexa, it’s possible to review voice recordings associated with your account and delete the voice recordings one by one, by date range, by Alexa-enabled device, or all at once by visiting Settings > Alexa Privacy in the Alexa app or https://www.amazon.com/alexaprivacysettings. It’s a good idea to use PIN protection to disable voice purchases too. If you have Baby Monitors in your home, connect to them using a secured WiFi connection, not Bluetooth. Have everything behind your home firewall, so there’s a minimal number of threat surfaces in your home.
Take few of the many LinkedIn learning courses on practical cybersecurity to stay current on the latest techniques. LinkedIn Learning has 19 courses available today that are focused on practical cybersecurity steps you can take to protect your company’s systems and your own. You can find all the 19 courses here. LinkedIn Learning has 462 learning resources available today, available here. I’ve taken a few over a lunch break and have found them informative, interesting, and useful.
Realize that you may be getting phishing and spear-phishing e-mails every week. Cybercriminals are becoming increasingly sophisticated in their use of browser plug-ins to pop up messages asking for your login and password information for sites. Combining the latest information from LinkedIn, Facebook, Twitter, and other sites, hackers often target new employees and with spearfishing campaigns where they impersonate a CEO and other senior-level executives. Spearfishing attempts can be easily thwarted by calling the supposed sender to ask if the request is legitimate. A second way to spot phishing and spear-fishing attempts is they will ask you for one or more of the pieces of information needed for completing a Multi-Factor Authentication (MFA) login to an account. Misspelled words, questionable e-mail addresses, and unsecured domains and websites are also a sure tip-off of a phishing attempt.
Bring Your Own Device (BYOD) greatly expands the enterprise attack surface. Define the success of a BYOD security strategy by how well it immediately shuts down access to confidential data and systems first. Being able to immediately block access to confidential systems and data is the most important aspect of securing any BYOD across a network. It’s common for BYOD enablement strategies to include integrations to Dropbox, Slack, Salesforce and Workday, Slack, Salesforce, and others.
Always use Multi-Factor Authentication (MFA) everywhere it’s offered. MFA is based on three or more factors that can authenticate who you are. Something you know (passwords, PINs, code works), something you have (a smartphone, tokens devices that produce pins or pre-defined pins) or something you are (biometrics, facial recognition, fingerprints, iris, and face scans). Google, for example, provides MFA as part of their account management to every account holder, in addition to a thorough security check-up, which is useful for seeing how many times a given password has been reused.

Determine where you and your company are from a privileged access maturity standpoint. Centrify shared the four stages of privileged access security on the webinar, and each phase is a useful benchmark for anyone or organization looking to improve their cybersecurity effectiveness. Centrify found in a recent survey that 42% of organizations are at the nonexistent phase of the model. As an organization progresses up the model, there’s greater accountability and visibility for each aspect of a cybersecurity strategy. For individuals, the progression is much the same, all leading to a lower risk of a breach and stolen privileged access credentials occurring.

Conclusion

While not every user in an organization is going to have privileged entitlements, it is up to every individual to take ownership of their cybersecurity hygiene to ensure they don’t become the most-easily-exploited employee in the company. That’s what the bad guys are looking for: the easiest way in. Why try to hack in against sophisticated technology when they can just guess your easy password, or get you to hand it over to them by phishing? Be cyber smart in 2020 – these ten tips might save you from being the weakest link that could cost your organization millions.

Jan 28

Five Factors Predicting The Future Of MacOS Management And Security

Bottom Line: Going into 2020, CISOs’ sense of urgency for managing their fleets of Android, Apple iOS & macOS, Windows Phone, and Windows 10 devices all from an integrated Unified Endpoint Management (UEM) is transforming the MacOS Management and Security landscape.

For many, CISOs, the highest priority project they’re starting the New Year with is getting their diverse fleet of devices on a common unified endpoint management platform. “We’ve gone through no less than a dozen UEMs (Unified Endpoint Management) systems, and they are either very good at supporting iOS and macOS or terrible at every other operating system or vice versa,” the CISO of a leading insurance and financial services firm told me over lunch recently. “Our sales, marketing, graphic artists, DevOps, and Customer Success teams all are running on Macs and iPhones, which makes it even more of a challenge to get everyone on the same endpoint management platform.” He went on to explain that the majority of macOS and iOS endpoint management systems aren’t built to support the advanced security he needs for protecting Android, Windows Phone, and Windows 10 devices.

Unified Endpoint Management is a key CISO priority in 2020

macOS and iOS devices had their own endpoint management tools in previous years when they were limited in use. Now they’re common in the enterprise and need to be considered part of an organization-wide fleet of devices, making it a high priority to add them to the unified endpoint management platform all other devices are on. Further accelerating this change is the success of BYOD policies that give employees the choice of using the tablets, smartphones, and laptops they’re the most productive with. One CISO told me their BYOD program made it clear macOS and iOS are the de facto standard across their enterprise.

While endpoint management platforms are going through an Apple-driven inflection point, forcing the need for a more inclusive unified endpoint management strategy, CISOs are focusing on how to improve application and content control at the same time. How enterprises choose to solve that challenge are predicting the future of MacOS management and security.

Five Factors Driving the Future of macOS Management and Security

CISOs piloting and only buying platforms that can equally protect every device operating system, macOS, and iOS’ rapidly growing enterprise popularity and better support for adaptive access are a few of the catalysts redefining the landscape today. The following five factors are defining how MacOS Management and Security will improve in 2020:

Enterprises need more effective endpoint and application management that includes Android, Apple iOS & macOS, Windows Phone, and Windows 10. There’s a major gap in how effective endpoint protection is across the UEM platforms today. Data-at-risk encryption and App distribution, or how well a UEM system can create, update, and distribute macOS applications are two areas cybersecurity teams are focusing on today.

System integration options needs to extend beyond log reports and provide real-time links to Security Information and Event Management (SIEM) systems. CISOs and their cybersecurity teams need real-time integration to incident management systems so they can be more effective troubleshooting potential breach attempts. Sharing log files across other systems is a first step, yet real-time integration is clearly what’s needed to protect enterprises’ many devices and threat surfaces today. The following Splunk dashboard illustrates the benefits of having real-time integration beyond log reports, encompassing SIEM systems:

UEM platforms that differentiate between corporate-owned and personal devices, content and authentication workflows, and data are defining the future of macOS Management and Security. Key factors that CISOs need in this area of unmanaged device support include more effective content separation, improved privacy settings, support for actions taken on personally-owned devices, and role-based privacy settings. MobileIron is a leader in this area, with enterprises currently using their role-based workflows to limit and verify access to employee-owned devices. MobileIron can also limit IT’s scope of control over an employee device, including turning off location tracking.
Support and proven integration of Identity solutions such as Okta, Ping Identity, Microsoft, and Single sign-on (SSO) are defining the future of adaptive access today. This is the most nascent area of UEM platform development today, yet the one area that CISOs need the greatest progress on this year. Endpoint protection and system integration are the two areas that most define how advanced a given UEM providers’ platform is today.
The ability to provision, revoke, and manage device certificates over their lifecycles is becoming a must-have in enterprises today. UEM platforms, in large part, can handle certificate device provisioning, yet Certificate Authority (CA) integration is an area many struggle with. CISOs are asking for more effective certificate lifecycle management, especially given the proliferation of macOS and iOS devices.

Conclusion

The five factors of MacOS management and security are transforming the Unified Endpoint Management (UEM) solution landscape. CISOs often speak of wanting to have a more integrated UEM strategy, one that can provide better SIEM system integration, differentiate between corporate-owned and personal devices, and also manage the lifecycles of device certificates. MobileIron has proven their ability to scale in a BYOD world and is a UEM vendor to watch in 2020.

Jan 23

10 Ways Asset Intelligence Improves Cybersecurity Resiliency And Persistence

Bottom Line: By securing every endpoint with a persistent connection and the resiliency to autonomously self-heal, CIOs are finding new ways to further improve network security by capitalizing on each IT assets’ intelligence.

Capturing real-time data from IT assets is how every organization can grow beyond its existing boundaries with greater security, speed, and trust. Many IT and cybersecurity teams and the CIOs that lead them, and with whom I’ve spoken with, are energized by the opportunity to create secured perimeterless networks that can flex in real-time as their businesses grow. Having a persistent connection to every device across an organizations’ constantly changing perimeter provides invaluable data for achieving this goal. The real-time data provided by persistent device connections give IT and cybersecurity teams the Asset Intelligence they need for creating more resilient, self-healing endpoints as well.

How Asset Intelligence Drives Stronger Endpoint Security

Real-time, persistent connections to every device in a network is the foundation of a strong endpoint security strategy. It’s also essential for controlling device operating expenses (OPEX) across the broad base of device use cases every organization relies on to succeed. Long-term persistent connections drive down capital expenses (CAPEX) too, by extending the life of every device while providing perimeterless growth of the network. By combining device inventory and analysis, endpoint data compliance with the ability to manage a device fleet using universal asset management techniques, IT and cybersecurity teams are moving beyond Asset Management to Asset Intelligence. Advanced analytics, benchmarks, and audits are all possible across every endpoint today. The following are the 10 ways Asset Intelligence improves cybersecurity resiliency and persistence:

Track, trace and find lost or stolen devices on or off an organizations’ network in real-time, disabling the device if necessary. Every device, from laptops, tablets, and smartphones to desktops and specialized use devices are another threat surface that needs to be protected. Real-time persistent connections to each of these devices make track-and-trace possible, giving CIOs and their teams more control than had been possible before. Real-time track-and-trace data combined with device condition feedback closes security blind spots too. IT and cybersecurity teams can monitor every device and know the state of hardware, software, network and use patterns from dashboards. Of the endpoint providers in this market, Absolute’s approach to providing dashboards that provide real-time visibility and control of every device on a network is considered state-of-the-art. An example of Absolute’s dashboard is shown below:

Asset Intelligence enables every endpoint to autonomously self-heal themselves and deliver constant persistence across an organization’s entire network. By capitalizing on the device, network, threat, and use data that defines Asset Intelligence, endpoint agents learn over time how to withstand breach attempts, user errors, and malicious attacks, and most importantly, how to return an endpoint device to its original safe state. Asset Intelligence is the future of endpoint security as it’s proving to be very effective at enabling self-healing persistence across enterprise networks.
Asset Intelligence solves the urgent problem created from having 10 or more agents installed on a single endpoint that collide, conflict and decay how secure the endpoint is. Absolute Software’s 2019 Endpoint Security Trends Report found that the more agents that are added to an endpoint, the greater the risk of a breach. Absolute also found that a typical device has ten or more endpoint security agents installed, often colliding and conflicting with the other. MITRE’s Cybersecurity research practice found there are on average, ten security agents on each device, and over 5,000 common vulnerabilities and exposures (CVEs) found on the top 20 client applications in 2018 alone.
Asset Intelligence sets the data foundation for achieving always-on persistence by tracking every devices’ unique attributes, identifiers, communication log history and more. Endpoint security platforms need a contextually-rich, real-time stream of data to know how and when to initialize the process of autonomously healing a given endpoint device. Asset Intelligence provides the centralized base of IT security controls needed for making endpoint persistence possible.
Having a real-time connection to every device on a perimeterless network contributes to creating a security cloud stack from the BIOS level that delivers persistence for every device. CIOs and CISOs interested in building secured perimeterless networks are focused on creating persistent, real-time connections to every device as a first step to creating a security cloud stack from each devices’ BIOS level. They’re saying that the greater the level of Asset Intelligence they can achieve, the broader they can roll out persistence-based endpoints across their networks that have the capacity to self-diagnose and self-heal.
Device fleets are churning 20% a year or more, increasing the urgency CIOs have for knowing where each device is and its current state, further underscoring Asset Intelligence’s value. Gavin Cockburn of ARUP is the global service lead for workplace automation and endpoint management, including how the firm acquires devices, manages and reclaims them. ARUP is using the Absolute Persistence platform for managing the many high-value laptops and remote devices their associates use on global projects. During a recent panel discussion he says that device replacements “becomes part of our budgeting process in that 33% of devices that we do replace every year, we know where they are.” Gavin is also using API calls to gain analytical data to measure how devices are being used, if the hard drive is encrypted or not and run Reach scripts to better encrypt a device if there is not enough security on them.
The more Asset Intelligence an organization has, the more they can predict and detect malware intrusion attempts, block them and restore any damage to any device on their perimeter. When there’s persistent endpoint protection across a perimeterless network, real-time data is enabling greater levels of Asset Intelligence which is invaluable in identifying, blocking and learning from malware attempts on any device on the network. Endpoint protection platforms that have persistence designed in are able to autonomously self-heal back to their original state after an attack, all without manual intervention.
Persistent endpoints open up the opportunity of defining geofencing for every device on a perimeterless network, further providing valuable data Asset Intelligence platforms capitalize on. Geofencing is proving to be a must-have for many organizations that have globally-based operations, as their IT and cybersecurity teams need to track the device location, usage, and compliance in real-time. Healthcare companies are especially focused on how Asset Intelligence can deliver geofencing at scale. Janet Hunt, Senior Director, IT User Support at Apria Healthcare recently commented during a recent panel discussion that “our geo-fencing is extremely tight. I have PCs that live in the Philippines. I have PCs that live in India. I have one PC or actually two PCs that live in Indonesia. If somebody goes from where they say that they’re going to be to another part of Indonesia, that device will freeze because that’s not where it’s supposed to be and that’s an automatic thing. Don’t ask forgiveness, don’t ask questions, freeze the device and see what happens. It’s one of the best things we’ve done for ourselves.” Gavin Cockburn says, “We actually do some kind of secretive work, government work and we have these secure rooms, dotted around the organization. So we know if we put a device in that room, what we do is, what we say is this device only works in this area and we can pinpoint that to a pretty decent accuracy.” From healthcare to secured government contracting, geofencing is a must-have in any persistent endpoint security strategy.
Automating customer and regulatory audits and improving compliance reporting by relying on Asset Intelligence alleviates time-consuming tasks for IT and cybersecurity teams. When persistent endpoint protection is operating across an organization’s network, audit and compliance data is captured in real-time and automatically fed into reporting systems and dashboards. CIOs and their cybersecurity teams are using dashboards to monitor every device’s usage patterns, audit access, and application activity, and check for compliance to security and reporting standards. Audits and compliance reporting are being automated today using PowerShell, BASH scripts and API-based universal asset commands. Gavin Cockburn of ARUP mentioned how his firm gives customers the assurance their data is safe by providing them ongoing audits while project engagements are ongoing. “We need to show for our clients that we look after their data and we can prove that. And we show that again and again. I mean similar story, we’ve seen machines go missing, either breaking into cars, re-image three times. We wipe it every time. Put the new hard drive in, think it might be a hard drive issue, it wipes again. We never see it come online again, “ he said.
Asset Intelligence improves data hygiene, which has a direct effect on how effective all IT systems are and the customer experiences they deliver. CIOs and their teams’ incentives center on how effective IT is at meeting internal information needs that impact customer experiences and outcomes. Improving data hygiene is essential for IT to keep achieving their incentive plans and earning bonuses. As Janet Hunt, Senior Director, IT User Support at Apria Healthcare said, “right now we are all about hygiene and what I mean by that is we want our data to be good. We want all the things that make IT a valued partner with the business operation to be able to be reliable.” The more effective any organization is at achieving and sustaining a high level of data hygiene, the more secure their perimeterless network strategies become.

Jan 13

The Best Machine Learning Startups To Work For In 2020 Based On Glassdoor

Duolingo, HOVER, Ironclad, Orbital Insight, People.ai, Dataiku, DeepMap, Cobalt, Aktana, Chorus.ai, Noodle Analytics, Inc. (Noodle.ai), Signal AI, Augury, SparkCognition, and KONUX are the most likely to be recommended by their employees to friends looking for a machine learning startup to work for in 2020.
96% of the employees of the 15 highest rated machine learning startups would recommend their company to a friend looking for a new job, and 98% approve of their CEOs.
Across all machine learning startups with Glassdoor ratings, 74% of employees would recommend the startup they work for to a friend, and 81% approve of their CEO.
There are over 230 cities globally who have one or more machine learning startups in operation today with Crunchbase finding 144 in San Francisco, 60 in London, 69 in New York, 82 in Tel Aviv, 22 in Toronto, 20 in Paris, 18 in Seattle and the remainder distributed over 223 global locations.

These and many other insights are from a Crunchbase Pro analysis completed today using Glassdoor data to rank the best machine learning startups to work for in 2020. Demand reminds high for technical professionals with machine learning expertise. According to Indeed, Machine Learning Engineer job openings grew 344% between 2015 to 2018 and have an average base salary of $146,085 according to their Best Jobs In The U.S. Study. You can read the study shows that technical professionals with machine learning expertise are in an excellent position to bargain for the average base salary of at least $146,085 or more.

Methodology

In response to readers’ most common requests of which machine learning startups are the best to work for, a Crunchbase Pro query was created to find all machine learning startups who had received Seed, Early Stage Venture, or Late Stage Venture financing. The 2,682 machine learning startups Crunchbase is tracking were indexed by Total Funding Amount by startup to create a baseline.

Next, Glassdoor scores of the (%) of employees who would recommend this company to a friend and (%) of employees who approve of the CEO were used to find the best startups to work for. 79 of the 150 machine learning startups have 15 or more Glassdoor reviews and are included in the analysis. 41 have less than 15 reviews and 30 have no reviews. The table below is a result of the analysis, and you can find the original Microsoft Excel data set here.

Jan 11

10 Ways AI Is Going To Improve Fintech In 2020

Bottom Line: AI & machine learning will improve Fintech in 2020 by increasing the accuracy and personalization of payment, lending, and insurance services while also helping to discover new borrower pools.

Zest.ai’s 2020 Predictions For AI In Credit And Lending captures the gradual improvements I’ve also been seeing across Fintech, especially at the tech stack level. Fintech startups, enterprise software providers, and the investors backing them believe cloud-based payments, lending, and insurance apps are must-haves to drive future growth. Combined with Internet & public cloud infrastructure and mobile apps, Fintech is evolving into a fourth platform that provides embedded financial services to any business needing to subscribe to them, as Matt Harris of Bain Capital Ventures writes in Fintech: The Fourth Platform – Part Two. Embedded Fintech has the potential to deliver $3.6 trillion in market value, according to Bain’s estimates, surpassing the $3 trillion in value created by cloud and mobile platforms. Accenture’s recent survey of C-suite executives’ adoption and plans found that 84% of all executives believe they won’t achieve their growth objectives unless they scale AI, and 75% believe they risk going out of business in 5 years if they don’t. The need to improve payment, lending and insurance combined with customers’ mercurial preferences for how they use financial services are challenges that AI and machine learning (ML) are solving today.

How AI & Machine Learning Will Improve Fintech In 2020

Fintech’s traditional tech stacks weren’t designed to anticipate and act quickly on real-time market indicators and data; they are optimized for transaction speed and scale. What’s needed is a new tech stack that can flex and adapt to changing market and customer requirements in real-time. AI & machine learning are proving to be very effective at interpreting and recommending actions based on real-time data streams. They’re also improving customer experiences and reducing risk, two additional factors motivating lenders to upgrade their traditional tech stacks with proven new technologies.

The following are ten predictions of how AI will improve FinTech in 2020, thank you Zest.ai for your insights and sharing your team’s expertise on these:

Zest predicts lenders will increase the use of ML as the way to grow into the no-file/thin-file segments, especially rising Gen Zers with little to no credit history. Traditional tech stacks make it difficult to find and grow new borrower pools. Utah-based auto lenderPrestige Financial Services chose to rely on an AI solution instead. The chose Zest AI to find and cultivate a borrower pool of people in the 19-35 age group. Using an AI-based loan approval workflow, Prestige was able to increase loan approval rates by 25%, and for people under 20 by threefold.
Mortgage lenders’ adoption of AI for finding qualified first-time homeowners is going to increase as more realize Gen Z (23 – 36-year-olds) are the most motivated of all to purchase a home. In 2020, long-standing assumptions about first-time homebuyers and their motivations are going to change. A recent story in HousingWire, “This generation is the most willing to do whatever it takes to buy a home,” explains that Gen Z, or those people born between 1996 and 2010, are the most likely to relocate to purchase a new home. A recent TransUnion market analysis found 70% of Gen Z prospective home buyers are willing to relocate to buy their first home, leading all active generations. 65% of Gen Xers, or those born between 1965 to 1980, were the second most likely to move. AI and ML can help lenders more precisely target potential Gen Z first-time homebuyers, measuring the impact of their marketing campaigns on attracting new borrowers. The TransUnion market analysis finds that 58% of respondents are delaying a home purchase due to anticipated high down payments or monthly payments. 51% said the need to obtain a 10% to 20% down payment was stopping them. According to Joe Mellman, TransUnion senior vice president, and mortgage business leader, “Many of our potential first-time homebuyer respondents don’t seem to be aware of the wide variety of financing options available to them.” The TransUnion market analysis found that many of the potential first-time homeowner respondents have never heard of low down-payment options from Fannie Mae, Freddie Mac, or of the Federal Housing Administration.
Zest predicts banks and other financial institutions will strengthen their business cases for AI pilots and production-level deployments by recognizing the operating expense (OPEX) savings of ML. Several recurring costs involved in developing, validating and deploying credit risk models can be reduced or cut by switching to machine learning, according to Zest. Lenders can get the most out of their data acquisition spending by using modern ML tools to assess which data sources yield the most predictive power for a model. Lenders will also switch to ML to simplify their IT and risk operations by consolidating into fewer models that can do the work of what used to be multiple individual linear models for every customer segment.
Compliance cost growth will decline even faster due to ML. Financial institutions that have AI/ML algorithms in production log every change in a model and can produce all the required model risk governance documents in minutes instead of a compliance team manually taking weeks to do it. Automated tools also shrink the time it takes to do fair lending testing by building less discriminatory models on the fly rather than the time-intensive approach of drop-one-variable-and-test. Time is money, especially in lending.
AI and ML will gain critical mass in collections, providing insights into which approach is the most effective for a given customer. Zest has built collections models for a few financial services firms and has found them to be very effective. Collections logic, predicting which customers to wait on when bills are past due, is a strong fit for machine learning. With one bank, Zest found that ML models can, for example, accurately target the borrowers most likely to make a certain minimum payment based on the value of their loan within 60 days of falling behind their due date. In three months, Zest built two models from traditional credit bureaus and the bank’s proprietary collections metrics to predict this repayment propensity of borrowers. One insight into the data was that borrower behavior accounted for just over half of the bank’s ability to collect missed payments, but operations played a significant role.
If there’s a downturn, ML will get blamed (even though it can actually help in a downturn). Pankaj Kulshreshtha, CEO of Scienaptics, originally made this observation at the Money 20/20 Conference held earlier this year. Models built only in good times can see their correlations break when times go bad. Lenders who observe best practices in AI and ML adoption will make sure to stress-test their models, perhaps by including synthetic data to add heterogeneity. Better ML monitoring will be important, too. “ML models and algorithmic monitors can do a better job seeing around corners, spotting rising numbers of inbound outlier applicants that signal more volatile conditions ahead,” says Seth Silverstein, Executive Vice President of Credit Risk Analytics for Zest AI. An effective ML monitoring tool should excel at spotting outlier applicants and feature drift, ensuring more accurate model outcomes.
2020 is going to be a break-out year for partnerships and co-opetition as payments, lending and insurance firms vie for a growth position in embedded financial services. Matt Harris of Bain Capital Ventures’ prediction of embedded fintech suggests a proliferation of cloud-based Fintech apps around the core: payments, lending, insurance. That creates an ideal situation for AI-related alliances and partnerships among the incumbent lenders, startups, data aggregators and the CRAs. To Harris, the layers of the stack are centered around connectivity, intelligence, and ubiquity. According to Crunchbase, there have been 51 Fintech acquisitions in 2019 alone. Plaid’s acquisition of Quovo in January for approximately $200 million and Fiserv’s acquisition of First Data reflect how Fintechs are creating their own unique tech stacks already.
Zest predicts Fintechs will seek out AI and ML modeling expertise more so than build expertise and teams on their own, which will be costlier and take longer. Embedded Fintech’s future adoption rate is predicated on how effective development efforts are today at minimizing incidental bias and providing customers with greater visibility into how and why models provide specific results “Some of these startups are bringing their own data science and ML models. We have to hope these firms own, build, or buy the tools to ensure their models are inclusive, free of incidental bias, and use transparent AI customers can trust. We see explainable AI as being an essential feature or service in that tech stack,” says Zest’s Silverstein.
Fintechs will rely on AI and ML to help close the talent gap each of them has today while also improving the effectiveness of their talent management strategies. Finding, recruiting, and hiring the best candidates for development, engineering, marketing, sales, and senior management roles is an area Fintechs will increasingly adopt AI and ML for in 2020. Fintech CEOs and CHROs will begin upskilling programs for themselves and their teams to increase AI fluency and skills mastery in 2020. According to a recent Harris Interactive survey completed in collaboration with Eightfold titled Talent Intelligence And Management Report 2019-2020, 73% of U.S. CEOs and CHROs plan to use more AI in the next three years to improve talent management.
Credit unions will adopt ML in 2020 to automate routine tasks and free up human underwriters to focus on providing more personalized services, including improvements in inquiry resolution & dispute and fraud management. Credit unions are built on an annuity-based business model that delivers successively higher profitability the longer a member is retained. Credit unions will capitalize on ML by driving up loan approvals with no added risk and automating more of the loan approval process. By the end of 2020, according to a Fannie Mae survey of mortgage lenders, 71% of credit unions plan to investigate, test, or fully implement AI/ML solutions – up from just 40% in 2018. AI and ML will also be adopted across credit unions to improve inquiry resolution & dispute and fraud management while improving multichannel customer experiences. Providing real-time, relevant responses to customers to expedite inquiries and dispute resolutions using AI and ML is going to become commonplace in 2020. AI and ML are predicted to make a significant contribution to automating anomaly detection and borrower default risk assessment as the graphic below from Fannie Mae’s Mortgage Lender Sentiment Survey® How Will Artificial Intelligence Shape Mortgage Lending? Q3 2018 Topic Analysis illustrates: