Skip to content

Posts tagged ‘Kount’

How To Redefine The Future Of Fraud Prevention

How To Redefine The Future Of Fraud Prevention

Bottom Line: Redefining the future of fraud prevention starts by turning trust into an accelerator across every aspect of customer lifecycles, basing transactions on identity trust that leads to less friction and improved customer experiences.

Start By Turning Trust Into A Sales & Customer Experience Accelerator

AI and machine learning are proving to be very effective at finding anomalies in transactions and scoring, which are potentially the most fraudulent. Any suspicious transaction attempt leads to more work for buying customers to prove they are trustworthy. For banks, e-commerce sites, financial institutes, restaurants, retailers and many other online businesses, this regularly causes them to lose customers when a legitimate purchase is being made, and trusted customer is asked to verify their identity. Or worse, a false positive that turns away a good customer all together damages both that experience and brand reputation.

There’s a better way to solve the dilemma of deciding which transactions to accept or not. And it needs to start with finding a new way to establish identity trust so businesses can deliver better user experiences. Kount’s approach of using their Real-Time Identity Trust Network to calculate Identity Trust Levels in milliseconds reduces friction, blocks fraud, and delivers an improved user experience. Kount is capitalizing on their database that includes more than a decade of trust and fraud signals built across industries, geographies, and 32 billion annual interactions, combined with expertise in AI and machine learning to turn trust into a sales and customer experience multiplier.

How Real-Time AI Linking Leads To Real-Time Identity Trust Decisions

Design In Identity Trust So It’s The Foundation of Customer Experience

From an engineering and product design standpoint, the majority of fraud prevention providers are looking to make incremental gains in risk scoring to improve customer experiences. None, with the exception of Kount, are looking at the problem from a completely different perspective, which is how to quantify and scale identity trust. Kount’s engineering, product development, and product management teams are concentrating on how to use their AI and machine learning expertise to quantify real-time identity trust scores that drive better customer experiences across the spectrum of trust. The graphic below illustrates how Kount defines more personalized user experiences, which is indispensable in turning trust into an accelerator.

An Overview of Kount’s Technology Stack

How To Redefine The Future Of Fraud Prevention

Realize Trust Is the Most Powerful Revenue Multiplier There Is

Based on my conversations with several fraud prevention providers, they all agree that trust is the most powerful accelerator there is to reducing false positives, friction in transactions, and improving customer experiences. They all agree trust is the most powerful revenue multiplier they can deliver to their customers, helping them reduce fraud and increase sales. The challenge they all face is quantifying identity trust across the wide spectrum of transactions their customers need to fulfill every day.

Kount has taken a unique approach to identity trust that puts the customer at the center of the transactions, not just their transactions’ risk score. By capitalizing on the insights gained from their Identity Trust Global Network, Kount can use AI and machine learning algorithms to deliver personalized responses to transaction requests in milliseconds. Using both unsupervised and supervised machine learning algorithms and techniques, Kount can learn from every customer interaction, gaining new insights into how to fine-tune identity trust for every customer’s transaction.

In choosing to go in the direction of identity trust in its product strategy, Kount put user experiences at the core of their platform strategy. By combining adaptive fraud protection, personalized user experience, and advanced analytics, Kount can create a continuously learning system with the goal of fine-tuning identity trust for every transaction their customers receive. The following graphic explains their approach for bringing identity trust into the center of their platform:

Putting Customers & Their Experiences First Is Integral To Succeeding With Identity Trust

How To Redefine The Future Of Fraud Prevention

 

Improving customer experiences needs to be the cornerstone that drives all fraud prevention product and services road maps in 2020 and beyond. And while all fraud prevention providers are looking at how to reduce friction and improve customer experiences with fraud scoring AI-based techniques, their architectures and approaches aren’t going in the direction of identity trust. Kount’s approach is, and it’s noteworthy because it puts customer experiences at the center of their platform. How to redefine the future of fraud prevention needs to start by turning trust into a sales and customer experience accelerator, followed by designing in identity trust. Hence, it’s the foundation of all customer experiences. By combining the power of networked data and adaptive AI and machine learning, more digital businesses can turn trust into a revenue and customer experience multiplier.

Top 10 Cybersecurity Companies To Watch In 2020

Worldwide spending on information security and risk management systems will reach $131B in 2020, increasing to $174B in 2022 approximately $50B will be dedicated to protecting the endpoint according to Gartner’s latest Information Security and Risk Management forecast. Cloud Security platform and application sales are predicted to grow from $636M in 2020 to $1.63B in 2023, attaining a 36.8% Compound Annual Growth Rate (CAGR) and leading all categories of Information & Security Risk Management systems. Application Security is forecast to grow from $3.4B in 2020 to $4.5B in 2023, attaining a 9.7% CAGR. Security Services is projected to be a $66.9B market this year, increasing from $62B in 2019. AI, Machine Learning And The Race To Improve Cybersecurity The majority of Information Security teams’ cybersecurity analysts are overwhelmed today analyzing security logs, thwarting breach attempts, investigating potential fraud incidents and more. 69% of senior executives believe AI and machine learning are necessary to respond to cyberattacks according to the Capgemini study, Reinventing Cybersecurity with Artificial Intelligence. The following graphic compares the percentage of organizations by industry who are relying on AI to improve their cybersecurity. 80% of telecommunications executives believe their organization would not be able to respond to cyberattacks without AI, with the average being 69% of all enterprises across seven industries. Top 10 Cybersecurity Companies To Watch In 2020 STATISTA The bottom line is all organizations have an urgent need to improve endpoint security and resilience, protect privileged access credentials, reduce fraudulent transactions, and secure every mobile device applying Zero Trust principles. Many are relying on AI and machine learning to determine if login and resource requests are legitimate or not based on past behavioral and system use patterns. Several of the top ten companies to watch take into account a diverse series of indicators to determine if a login attempt, transaction, or system resource request is legitimate or not. They’re able to assign a single score to a specific event and predict if it’s legitimate or not. Kount’s Omniscore is an example of how AI and ML are providing fraud analysts with insights needed to reduce false positives and improve customer buying experiences while thwarting fraud. The following are the top ten cybersecurity companies to watch in 2020: Absolute – Absolute serves as the industry benchmark for endpoint resilience, visibility and control. Embedded in over a half-billion devices, the company enables more than 12,000 customers with self-healing endpoint security, always-connected visibility into their devices, data, users, and applications – whether endpoints are on or off the corporate network – and the ultimate level of control and confidence required for the modern enterprise. To thwart attackers, organizations continue to layer on security controls — Gartner estimates that more than $174B will be spent on security by 2022, and of that approximately $50B will be dedicated protecting the endpoint. Absolute’s Endpoint Security Trends Report finds that in spite of the astronomical investments being made, 100 percent of endpoint controls eventually fail and more than one in three endpoints are unprotected at any given time. All of this has IT and security administrators grappling with increasing complexity and risk levels, while also facing mounting pressure to ensure endpoint controls maintain integrity, availability and functionality at all times, and deliver their intended value. Organizations need complete visibility and real-time insights in order to pinpoint the dark endpoints, identify what’s broken and where gaps exist, as well as respond and take action quickly. Absolute mitigates this universal law of security decay and empowers organizations to build an enterprise security approach that is intelligent, adaptive and self-healing. Rather than perpetuating a false sense of security, Absolute provides a single source of truth and the diamond image of resilience for endpoints. Centrify - Centrify is redefining the legacy approach to Privileged Access Management (PAM) with an Identity-Centric approach based on Zero Trust principles. Centrify’s 15-year history began in Active Directory (AD) bridging, and it was the first vendor to join UNIX and Linux systems with Active Directory, allowing for easy management of privileged identities across a heterogeneous environment. It then extended these capabilities to systems being hosted in IaaS environments like AWS and Microsoft Azure, and offered the industry’s first PAM-as-a-Service, which continues to be the only offering in the market with a true multi-tenant, cloud architecture. Applying its deep expertise in infrastructure allowed Centrify to redefine the legacy approach to PAM and introduce a server’s capability to self-defend against cyber threats across the ever-expanding modern enterprise infrastructure. Centrify Identity-Centric PAM establishes a root of trust for critical enterprise resources, and then grants least privilege access by verifying who is requesting access, the context of the request, and the risk of the access environment. By implementing least privilege access, Centrify minimizes the attack surface, improves audit and compliance visibility, and reduces risk, complexity, and costs for the modern, hybrid enterprise. Over half of the Fortune 100, the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies, all trust Centrify to stop the leading cause of breaches – privileged credential abuse. Research firm Gartner predicts that by 2021, approximately 75% of large enterprises will utilize privileged access management products, up from approximately 50% in 2018 in their Forecast Analysis: Information Security and Risk Management, Worldwide, 4Q18 Update published March 29, 2019 (client access reqd). This is not surprising, considering that according to an estimate by Forrester Research, 80% of today’s breaches are caused by weak, default, stolen, or otherwise compromised privileged credentials. Deep Instinct – Deep Instinct applies artificial intelligence’s deep learning to cybersecurity. Leveraging deep learning’s predictive capabilities, Deep Instinct’s on-device solution protects against zero-day threats and APT attacks with unmatched accuracy. Deep Instinct safeguards the enterprise’s endpoints and/or any mobile devices against any threat, on any infrastructure, whether or not connected to the network or to the Internet. By applying deep learning technology to cybersecurity, enterprises can now gain unmatched protection against unknown and evasive cyber-attacks from any source. Deep Instinct brings a completely new approach to cybersecurity enabling cyber-attacks to be identified and blocked in real-time before any harm can occur. Deep Instinct USA is headquartered in San Francisco, CA and Deep Instinct Israel is headquartered in Tel Aviv, Israel. Infoblox - Infoblox empowers organizations to bring next-level simplicity, security, reliability and automation to traditional networks and digital transformations, such as SD-WAN, hybrid cloud and IoT. Combining next-level simplicity, security, reliability and automation, Infoblox is able to cut manual tasks by 70% and make organizations’ threat analysts 3x more productive. While their history is in DDI devices, they are succeeding in providing DDI and network security services on an as-a-service (-aaS) basis. Their BloxOne DDI application, built on their BloxOne cloud-native platform, helps enable IT, professionals, to manage their networks whether they're based on on-prem, cloud-based, or hybrid architectures. BloxOne Threat Defense application leverages the data provided by DDI to monitor network traffic, proactively identify threats, and quickly inform security systems and network managers of breaches, working with the existing security stack to identify and mitigate security threats quickly, automatically, and more efficiently. The BloxOne platform provides a secure, integrated platform for centralizing the management of identity data and services across the network. A recognized industry leader, Infoblox has a 52% market share in the DDI networking market comprised of 8,000 customers, including 59% of the Fortune 1000 and 58% of the Forbes 2000. Kount – Kount’s award-winning, AI-driven fraud prevention empowers digital businesses, online merchants, and payment service providers around the world to protect against payments fraud, new account creation fraud, and account takeover. With Kount, businesses approve more good orders, uncover new revenue streams, improve customer experience and dramatically improve their bottom line all while minimizing fraud management cost and losses. Through Kount’s global network and proprietary technologies in AI and machine learning, combined with flexible policy management, companies frustrate online criminals and bad actors driving them away from their site, their marketplace, and off their network. Kount’s continuously adaptive platform provides certainty for businesses at every digital interaction. Kount’s advances in both proprietary techniques and patented technology include mobile fraud detection, advanced artificial intelligence, multi-layer device fingerprinting, IP proxy detection and geo-location, transaction and custom scoring, global order linking, business intelligence reporting, comprehensive order management, as well as professional and managed services. Kount protects over 6,500 brands today. Mimecast – Mimecast improves the way companies manage confidential, mission-critical business communication and data. The company's mission is to reduce the risks users face from email, and support in reducing the cost and complexity of protecting users by moving the workload to the cloud. The company develops proprietary cloud architecture to deliver comprehensive email security, service continuity, and archiving in a single subscription service. Its goal is to make it easier for people to protect a business in today’s fast-changing security and risk environment. The company expanded its technology portfolio in 2019 through a pair of acquisitions, buying data migration technology provider Simply Migrate to help customers and prospects move to the cloud more quickly, reliably, and inexpensively. Mimecast also purchased email security startup DMARC Analyzer to reduce the time, effort, and cost associated with stopping domain spoofing attacks. Mimecast acquired Segasec earlier this month, a leading provider of digital threat protection. With the acquisition of Segasec, Mimecast can provide brand exploit protection, using machine learning to identify potential hackers at the earliest stages of an attack. The solution also is engineered to provide a way to actively monitor, manage, block, and take down phishing scams or impersonation attempts on the Web. MobileIron – A long-time leader in mobile management solutions, MobileIron is widely recognized by Chief Information Security Officers, CIOs and senior management teams as the de facto standard for unified endpoint management (UEM), mobile application management (MAM), BYOD security, and zero sign-on (ZSO). The company’s UEM platform is strengthened by MobileIron Threat Defense and MobileIron’s Access solution, which allows for zero sign-on authentication. Forrester observes in their latest Wave on Zero Trust eXtended Ecosystem Platform Providers, Q4 2019 that “MobileIron’s recently released authenticator, which enables passwordless authentication to cloud services, is a must for future-state Zero Trust enterprises and speaks to its innovation in this space.” The Wave also illustrates that MobileIron is the most noteworthy vendor as their approach to Zero Trust begins with the device and scales across mobile infrastructures. MobileIron’s product suite also includes a federated policy engine that enables administrators to control and better command the myriad of devices and endpoints that enterprises rely on today. Forrester sees MobileIron as having excellent integration at the platform level, a key determinant of how effective they will be in providing support to enterprises pursuing Zero Trust Security strategies in the future. One Identity – One Identity is differentiating its Identity Manager identity analytics and risk scoring capabilities with greater integration via its connected system modules. The goal of these modules is to provide customers with more flexibility in defining reports that include application-specific content. Identity Manager also has over 30 direct provisioning connectors included in the base package, with good platform coverage, including strong Microsoft and Office 365 support. Additional premium connectors are charged separately. One Identity also has a separate cloud-architected SaaS solution called One Identity Starling. One of Starling’s greatest benefits is its design that allows for it to be used not only by Identity Manager clients, but also by clients of other IGA solutions as a simplified approach to obtain SaaS-based identity analytics, risk intelligence, and cloud provisioning. One Identity and its approach is trusted by customers worldwide, where more than 7,500 organizations worldwide depend on One Identity solutions to manage more than 125 million identities, enhancing their agility and efficiency while securing access to their systems and data – on-prem, cloud, or hybrid. SECURITI.ai - SECURITI.ai is the leader in AI-Powered PrivacyOps, that helps automate all major functions needed for privacy compliance in one place. It enables enterprises to give rights to people on their data, be responsible custodians of people’s data, comply with global privacy regulations like CCPA and bolster their brands. The AI-Powered PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface. These include a Personal Data Graph Builder, Robotic Automation for Data Subject Requests, Secure Data Request Portal, Consent Lifecycle Manager, Third-Party Privacy Assessment, Third-Party Privacy Ratings, Privacy Assessment Automation and Breach Management. SECURITI.ai is also featured in the Consent Management section of Bessemer’s Data Privacy Stack shown below and available in Bessemer Venture Partner’s recent publication How data privacy engineering will prevent future data oil spills (10 pp., PDF, no opt-in). Top 10 Cybersecurity Companies To Watch In 2020 SOURCE: BESSEMER VENTURE PARTNERS, HOW DATA PRIVACY ENGINEERING WILL PREVENT FUTURE DATA OIL SPILLS , SEPTEMBER, 2019. (10 PP., PDF, NO OPT-IN). Transmit Security - The Transmit Security Platform provides a solution for managing identity across applications while maintaining security and usability. As criminal threats evolve, online authentication has become reactive and less effective. Many organizations have taken on multiple point solutions to try to stay ahead, deploying new authenticators, risk engines, and fraud tools. In the process, the customer experience has suffered. And with an increasingly complex environment, many enterprises struggle with the ability to rapidly innovate to provide customers with an omnichannel experience that enables them to stay ahead of emerging threats.

  • Worldwide spending on information security and risk management systems will reach $131B in 2020, increasing to $174B in 2022 approximately $50B will be dedicated to protecting the endpoint according to Gartner’s latest Information Security and Risk Management forecast.
  • Cloud Security platform and application sales are predicted to grow from $636M in 2020 to $1.63B in 2023, attaining a 36.8% Compound Annual Growth Rate (CAGR) and leading all categories of Information & Security Risk Management systems.
  • Application Security is forecast to grow from $3.4B in 2020 to $4.5B in 2023, attaining a 9.7% CAGR.
  • Security Services is projected to be a $66.9B market this year, increasing from $62B in 2019.

AI, Machine Learning And The Race To Improve Cybersecurity  

The majority of Information Security teams’ cybersecurity analysts are overwhelmed today analyzing security logs, thwarting breach attempts, investigating potential fraud incidents and more. 69% of senior executives believe AI and machine learning are necessary to respond to cyberattacks according to the Capgemini study, Reinventing Cybersecurity with Artificial Intelligence. The following graphic compares the percentage of organizations by industry who are relying on AI to improve their cybersecurity. 80% of telecommunications executives believe their organization would not be able to respond to cyberattacks without AI, with the average being 69% of all enterprises across seven industries.

The bottom line is all organizations have an urgent need to improve endpoint security and resilience, protect privileged access credentials, reduce fraudulent transactions, and secure every mobile device applying Zero Trust principles. Many are relying on AI and machine learning to determine if login and resource requests are legitimate or not based on past behavioral and system use patterns. Several of the top ten companies to watch take into account a diverse series of indicators to determine if a login attempt, transaction, or system resource request is legitimate or not. They’re able to assign a single score to a specific event and predict if it’s legitimate or not. Kount’s Omniscore is an example of how AI and ML are providing fraud analysts with insights needed to reduce false positives and improve customer buying experiences while thwarting fraud.

The following are the top ten cybersecurity companies to watch in 2020:

Absolute – Absolute serves as the industry benchmark for endpoint resilience, visibility and control. Embedded in over a half-billion devices, the company enables more than 12,000 customers with self-healing endpoint security, always-connected visibility into their devices, data, users, and applications – whether endpoints are on or off the corporate network – and the ultimate level of control and confidence required for the modern enterprise.

To thwart attackers, organizations continue to layer on security controls — Gartner estimates that more than $174B will be spent on security by 2022, and of that approximately $50B will be dedicated protecting the endpoint. Absolute’s Endpoint Security Trends Report finds that in spite of the astronomical investments being made, 100 percent of endpoint controls eventually fail and more than one in three endpoints are unprotected at any given time. All of this has IT and security administrators grappling with increasing complexity and risk levels, while also facing mounting pressure to ensure endpoint controls maintain integrity, availability and functionality at all times, and deliver their intended value.

Organizations need complete visibility and real-time insights in order to pinpoint the dark endpoints, identify what’s broken and where gaps exist, as well as respond and take action quickly. Absolute mitigates this universal law of security decay and empowers organizations to build an enterprise security approach that is intelligent, adaptive and self-healing. Rather than perpetuating a false sense of security, Absolute provides a single source of truth and the diamond image of resilience for endpoints.

CentrifyCentrify is redefining the legacy approach to Privileged Access Management (PAM) with an Identity-Centric approach based on Zero Trust principles. Centrify’s 15-year history began in Active Directory (AD) bridging, and it was the first vendor to join UNIX and Linux systems with Active Directory, allowing for easy management of privileged identities across a heterogeneous environment. It then extended these capabilities to systems being hosted in IaaS environments like AWS and Microsoft Azure, and offered the industry’s first PAM-as-a-Service, which continues to be the only offering in the market with a true multi-tenant, cloud architecture. Applying its deep expertise in infrastructure allowed Centrify to redefine the legacy approach to PAM and introduce a server’s capability to self-defend against cyber threats across the ever-expanding modern enterprise infrastructure.

Centrify Identity-Centric PAM establishes a root of trust for critical enterprise resources, and then grants least privilege access by verifying who is requesting access, the context of the request, and the risk of the access environment. By implementing least privilege access, Centrify minimizes the attack surface, improves audit and compliance visibility, and reduces risk, complexity, and costs for the modern, hybrid enterprise. Over half of the Fortune 100, the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies, all trust Centrify to stop the leading cause of breaches – privileged credential abuse.

Research firm Gartner predicts that by 2021, approximately 75% of large enterprises will utilize privileged access management products, up from approximately 50% in 2018 in their Forecast Analysis: Information Security and Risk Management, Worldwide, 4Q18 Update published March 29, 2019 (client access reqd). This is not surprising, considering that according to an estimate by Forrester Research, 80% of today’s breaches are caused by weak, default, stolen, or otherwise compromised privileged credentials.

Deep Instinct – Deep Instinct applies artificial intelligence’s deep learning to cybersecurity. Leveraging deep learning’s predictive capabilities, Deep Instinct’s on-device solution protects against zero-day threats and APT attacks with unmatched accuracy. Deep Instinct safeguards the enterprise’s endpoints and/or any mobile devices against any threat, on any infrastructure, whether or not connected to the network or to the Internet. By applying deep learning technology to cybersecurity, enterprises can now gain unmatched protection against unknown and evasive cyber-attacks from any source. Deep Instinct brings a completely new approach to cybersecurity enabling cyber-attacks to be identified and blocked in real-time before any harm can occur. Deep Instinct USA is headquartered in San Francisco, CA and Deep Instinct Israel is headquartered in Tel Aviv, Israel.

Infoblox – Infoblox empowers organizations to bring next-level simplicity, security, reliability and automation to traditional networks and digital transformations, such as SD-WAN, hybrid cloud and IoT. Combining next-level simplicity, security, reliability, and automation, Infoblox can cut manual tasks by 70% and make organizations’ threat analysts 3x more productive.

While their history is in DDI devices, they are succeeding in providing DDI and network security services on an as-a-service (-aaS) basis. Their BloxOne DDI  application, built on their BloxOne cloud-native platform, helps enable IT professionals to manage their networks, whether they’re based on on-prem, cloud-based, or hybrid architectures.  BloxOne Threat Defense  application leverages the data provided by DDI to monitor network traffic, proactively identify threats, and quickly inform security systems and network managers of breaches, working with the existing security stack to identify and mitigate security threats quickly, automatically, and more efficiently. The BloxOne platform provides a secure, integrated platform for centralizing the management of identity data and services across the network. A recognized industry leader, Infoblox has a 52% market share in the DDI networking market comprised of 8,000 customers, including 59% of the Fortune 1000 and 58% of the Forbes 2000.

Kount – Kount’s award-winning, AI-driven fraud prevention empowers digital businesses, online merchants, and payment service providers around the world to protect against payments fraud, new account creation fraud, and account takeover. With Kount, businesses approve more good orders, uncover new revenue streams, improve customer experience, and dramatically improve their bottom line all while minimizing fraud management cost and losses. Through Kount’s global network and proprietary technologies in AI and machine learning, combined with flexible policy management, companies frustrate online criminals and bad actors driving them away from their site, their marketplace, and off their network. Kount’s continuously adaptive platform provides certainty for businesses at every digital interaction. Kount’s advances in both proprietary techniques and patented technology include mobile fraud detection, advanced artificial intelligence, multi-layer device fingerprinting, IP proxy detection and geo-location, transaction and custom scoring, global order linking, business intelligence reporting, comprehensive order management, as well as professional and managed services. Kount protects over 6,500 brands today.

MimecastMimecast improves the way companies manage confidential, mission-critical business communication and data. The company’s mission is to reduce the risks users face from email, and support in reducing the cost and complexity of protecting users by moving the workload to the cloud. The company develops proprietary cloud architecture to deliver comprehensive email security, service continuity, and archiving in a single subscription service. Its goal is to make it easier for people to protect a business in today’s fast-changing security and risk environment. The company expanded its technology portfolio in 2019 through a pair of acquisitions, buying data migration technology provider Simply Migrate to help customers and prospects move to the cloud more quickly, reliably, and inexpensively. Mimecast also purchased email security startup DMARC Analyzer to reduce the time, effort, and cost associated with stopping domain spoofing attacks. Mimecast acquired Segasec earlier this month, a leading provider of digital threat protection. With the acquisition of Segasec, Mimecast can provide brand exploit protection, using machine learning to identify potential hackers at the earliest stages of an attack. The solution also is engineered to provide a way to actively monitor, manage, block, and take down phishing scams or impersonation attempts on the Web.

MobileIron – A long-time leader in mobile management solutions, MobileIron is widely recognized by Chief Information Security Officers, CIOs and senior management teams as the de facto standard for unified endpoint management (UEM), mobile application management (MAM), BYOD security, and zero sign-on (ZSO). The company’s UEM platform is strengthened by MobileIron Threat Defense and MobileIron’s Access solution, which allows for zero sign-on authentication. Forrester observes in their latest Wave on Zero Trust eXtended Ecosystem Platform Providers, Q4 2019 that “MobileIron’s recently released authenticator, which enables passwordless authentication to cloud services, is a must for future-state Zero Trust enterprises and speaks to its innovation in this space.” The Wave also illustrates that MobileIron is the most noteworthy vendor as their approach to Zero Trust begins with the device and scales across mobile infrastructures. MobileIron’s product suite also includes a federated policy engine that enables administrators to control and better command the myriad of devices and endpoints that enterprises rely on today. Forrester sees MobileIron as having excellent integration at the platform level, a key determinant of how effective they will be in providing support to enterprises pursuing Zero Trust Security strategies in the future.

One Identity – One Identity is differentiating its Identity Manager identity analytics and risk scoring capabilities with greater integration via its connected system modules. The goal of these modules is to provide customers with more flexibility in defining reports that include application-specific content. Identity Manager also has over 30 direct provisioning connectors included in the base package, with good platform coverage, including strong Microsoft and Office 365 support. Additional premium connectors are charged separately. One Identity also has a separate cloud-architected SaaS solution called One Identity Starling. One of Starling’s greatest benefits is its design that allows for it to be used not only by Identity Manager clients, but also by clients of other IGA solutions as a simplified approach to obtain SaaS-based identity analytics, risk intelligence, and cloud provisioning. One Identity and its approach is trusted by customers worldwide, where more than 7,500 organizations worldwide depend on One Identity solutions to manage more than 125 million identities, enhancing their agility and efficiency while securing access to their systems and data – on-prem, cloud, or hybrid.

SECURITI.ai – SECURITI.ai is the leader in AI-Powered PrivacyOps, that helps automate all major functions needed for privacy compliance in one place. It enables enterprises to give rights to people on their data, be responsible custodians of people’s data, comply with global privacy regulations like CCPA, and bolster their brands.

The AI-Powered PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface. These include a Personal Data Graph Builder, Robotic Automation for Data Subject Requests, Secure Data Request Portal, Consent Lifecycle Manager, Third-Party Privacy Assessment, Third-Party Privacy Ratings, Privacy Assessment Automation and Breach Management. SECURITI.ai is also featured in the Consent Management section of Bessemer’s Data Privacy Stack shown below and available in Bessemer Venture Partner’s recent publication How data privacy engineering will prevent future data oil spills (10 pp., PDF, no opt-in).

Worldwide spending on information security and risk management systems will reach $131B in 2020, increasing to $174B in 2022 approximately $50B will be dedicated to protecting the endpoint according to Gartner’s latest Information Security and Risk Management forecast. Cloud Security platform and application sales are predicted to grow from $636M in 2020 to $1.63B in 2023, attaining a 36.8% Compound Annual Growth Rate (CAGR) and leading all categories of Information & Security Risk Management systems. Application Security is forecast to grow from $3.4B in 2020 to $4.5B in 2023, attaining a 9.7% CAGR. Security Services is projected to be a $66.9B market this year, increasing from $62B in 2019. AI, Machine Learning And The Race To Improve Cybersecurity The majority of Information Security teams’ cybersecurity analysts are overwhelmed today analyzing security logs, thwarting breach attempts, investigating potential fraud incidents and more. 69% of senior executives believe AI and machine learning are necessary to respond to cyberattacks according to the Capgemini study, Reinventing Cybersecurity with Artificial Intelligence. The following graphic compares the percentage of organizations by industry who are relying on AI to improve their cybersecurity. 80% of telecommunications executives believe their organization would not be able to respond to cyberattacks without AI, with the average being 69% of all enterprises across seven industries. Top 10 Cybersecurity Companies To Watch In 2020 STATISTA The bottom line is all organizations have an urgent need to improve endpoint security and resilience, protect privileged access credentials, reduce fraudulent transactions, and secure every mobile device applying Zero Trust principles. Many are relying on AI and machine learning to determine if login and resource requests are legitimate or not based on past behavioral and system use patterns. Several of the top ten companies to watch take into account a diverse series of indicators to determine if a login attempt, transaction, or system resource request is legitimate or not. They’re able to assign a single score to a specific event and predict if it’s legitimate or not. Kount’s Omniscore is an example of how AI and ML are providing fraud analysts with insights needed to reduce false positives and improve customer buying experiences while thwarting fraud. The following are the top ten cybersecurity companies to watch in 2020: Absolute – Absolute serves as the industry benchmark for endpoint resilience, visibility and control. Embedded in over a half-billion devices, the company enables more than 12,000 customers with self-healing endpoint security, always-connected visibility into their devices, data, users, and applications – whether endpoints are on or off the corporate network – and the ultimate level of control and confidence required for the modern enterprise. To thwart attackers, organizations continue to layer on security controls — Gartner estimates that more than $174B will be spent on security by 2022, and of that approximately $50B will be dedicated protecting the endpoint. Absolute’s Endpoint Security Trends Report finds that in spite of the astronomical investments being made, 100 percent of endpoint controls eventually fail and more than one in three endpoints are unprotected at any given time. All of this has IT and security administrators grappling with increasing complexity and risk levels, while also facing mounting pressure to ensure endpoint controls maintain integrity, availability and functionality at all times, and deliver their intended value. Organizations need complete visibility and real-time insights in order to pinpoint the dark endpoints, identify what’s broken and where gaps exist, as well as respond and take action quickly. Absolute mitigates this universal law of security decay and empowers organizations to build an enterprise security approach that is intelligent, adaptive and self-healing. Rather than perpetuating a false sense of security, Absolute provides a single source of truth and the diamond image of resilience for endpoints. Centrify - Centrify is redefining the legacy approach to Privileged Access Management (PAM) with an Identity-Centric approach based on Zero Trust principles. Centrify’s 15-year history began in Active Directory (AD) bridging, and it was the first vendor to join UNIX and Linux systems with Active Directory, allowing for easy management of privileged identities across a heterogeneous environment. It then extended these capabilities to systems being hosted in IaaS environments like AWS and Microsoft Azure, and offered the industry’s first PAM-as-a-Service, which continues to be the only offering in the market with a true multi-tenant, cloud architecture. Applying its deep expertise in infrastructure allowed Centrify to redefine the legacy approach to PAM and introduce a server’s capability to self-defend against cyber threats across the ever-expanding modern enterprise infrastructure. Centrify Identity-Centric PAM establishes a root of trust for critical enterprise resources, and then grants least privilege access by verifying who is requesting access, the context of the request, and the risk of the access environment. By implementing least privilege access, Centrify minimizes the attack surface, improves audit and compliance visibility, and reduces risk, complexity, and costs for the modern, hybrid enterprise. Over half of the Fortune 100, the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies, all trust Centrify to stop the leading cause of breaches – privileged credential abuse. Research firm Gartner predicts that by 2021, approximately 75% of large enterprises will utilize privileged access management products, up from approximately 50% in 2018 in their Forecast Analysis: Information Security and Risk Management, Worldwide, 4Q18 Update published March 29, 2019 (client access reqd). This is not surprising, considering that according to an estimate by Forrester Research, 80% of today’s breaches are caused by weak, default, stolen, or otherwise compromised privileged credentials. Deep Instinct – Deep Instinct applies artificial intelligence’s deep learning to cybersecurity. Leveraging deep learning’s predictive capabilities, Deep Instinct’s on-device solution protects against zero-day threats and APT attacks with unmatched accuracy. Deep Instinct safeguards the enterprise’s endpoints and/or any mobile devices against any threat, on any infrastructure, whether or not connected to the network or to the Internet. By applying deep learning technology to cybersecurity, enterprises can now gain unmatched protection against unknown and evasive cyber-attacks from any source. Deep Instinct brings a completely new approach to cybersecurity enabling cyber-attacks to be identified and blocked in real-time before any harm can occur. Deep Instinct USA is headquartered in San Francisco, CA and Deep Instinct Israel is headquartered in Tel Aviv, Israel. Infoblox - Infoblox empowers organizations to bring next-level simplicity, security, reliability and automation to traditional networks and digital transformations, such as SD-WAN, hybrid cloud and IoT. Combining next-level simplicity, security, reliability and automation, Infoblox is able to cut manual tasks by 70% and make organizations’ threat analysts 3x more productive. While their history is in DDI devices, they are succeeding in providing DDI and network security services on an as-a-service (-aaS) basis. Their BloxOne DDI application, built on their BloxOne cloud-native platform, helps enable IT, professionals, to manage their networks whether they're based on on-prem, cloud-based, or hybrid architectures. BloxOne Threat Defense application leverages the data provided by DDI to monitor network traffic, proactively identify threats, and quickly inform security systems and network managers of breaches, working with the existing security stack to identify and mitigate security threats quickly, automatically, and more efficiently. The BloxOne platform provides a secure, integrated platform for centralizing the management of identity data and services across the network. A recognized industry leader, Infoblox has a 52% market share in the DDI networking market comprised of 8,000 customers, including 59% of the Fortune 1000 and 58% of the Forbes 2000. Kount – Kount’s award-winning, AI-driven fraud prevention empowers digital businesses, online merchants, and payment service providers around the world to protect against payments fraud, new account creation fraud, and account takeover. With Kount, businesses approve more good orders, uncover new revenue streams, improve customer experience and dramatically improve their bottom line all while minimizing fraud management cost and losses. Through Kount’s global network and proprietary technologies in AI and machine learning, combined with flexible policy management, companies frustrate online criminals and bad actors driving them away from their site, their marketplace, and off their network. Kount’s continuously adaptive platform provides certainty for businesses at every digital interaction. Kount’s advances in both proprietary techniques and patented technology include mobile fraud detection, advanced artificial intelligence, multi-layer device fingerprinting, IP proxy detection and geo-location, transaction and custom scoring, global order linking, business intelligence reporting, comprehensive order management, as well as professional and managed services. Kount protects over 6,500 brands today. Mimecast – Mimecast improves the way companies manage confidential, mission-critical business communication and data. The company's mission is to reduce the risks users face from email, and support in reducing the cost and complexity of protecting users by moving the workload to the cloud. The company develops proprietary cloud architecture to deliver comprehensive email security, service continuity, and archiving in a single subscription service. Its goal is to make it easier for people to protect a business in today’s fast-changing security and risk environment. The company expanded its technology portfolio in 2019 through a pair of acquisitions, buying data migration technology provider Simply Migrate to help customers and prospects move to the cloud more quickly, reliably, and inexpensively. Mimecast also purchased email security startup DMARC Analyzer to reduce the time, effort, and cost associated with stopping domain spoofing attacks. Mimecast acquired Segasec earlier this month, a leading provider of digital threat protection. With the acquisition of Segasec, Mimecast can provide brand exploit protection, using machine learning to identify potential hackers at the earliest stages of an attack. The solution also is engineered to provide a way to actively monitor, manage, block, and take down phishing scams or impersonation attempts on the Web. MobileIron – A long-time leader in mobile management solutions, MobileIron is widely recognized by Chief Information Security Officers, CIOs and senior management teams as the de facto standard for unified endpoint management (UEM), mobile application management (MAM), BYOD security, and zero sign-on (ZSO). The company’s UEM platform is strengthened by MobileIron Threat Defense and MobileIron’s Access solution, which allows for zero sign-on authentication. Forrester observes in their latest Wave on Zero Trust eXtended Ecosystem Platform Providers, Q4 2019 that “MobileIron’s recently released authenticator, which enables passwordless authentication to cloud services, is a must for future-state Zero Trust enterprises and speaks to its innovation in this space.” The Wave also illustrates that MobileIron is the most noteworthy vendor as their approach to Zero Trust begins with the device and scales across mobile infrastructures. MobileIron’s product suite also includes a federated policy engine that enables administrators to control and better command the myriad of devices and endpoints that enterprises rely on today. Forrester sees MobileIron as having excellent integration at the platform level, a key determinant of how effective they will be in providing support to enterprises pursuing Zero Trust Security strategies in the future. One Identity – One Identity is differentiating its Identity Manager identity analytics and risk scoring capabilities with greater integration via its connected system modules. The goal of these modules is to provide customers with more flexibility in defining reports that include application-specific content. Identity Manager also has over 30 direct provisioning connectors included in the base package, with good platform coverage, including strong Microsoft and Office 365 support. Additional premium connectors are charged separately. One Identity also has a separate cloud-architected SaaS solution called One Identity Starling. One of Starling’s greatest benefits is its design that allows for it to be used not only by Identity Manager clients, but also by clients of other IGA solutions as a simplified approach to obtain SaaS-based identity analytics, risk intelligence, and cloud provisioning. One Identity and its approach is trusted by customers worldwide, where more than 7,500 organizations worldwide depend on One Identity solutions to manage more than 125 million identities, enhancing their agility and efficiency while securing access to their systems and data – on-prem, cloud, or hybrid. SECURITI.ai - SECURITI.ai is the leader in AI-Powered PrivacyOps, that helps automate all major functions needed for privacy compliance in one place. It enables enterprises to give rights to people on their data, be responsible custodians of people’s data, comply with global privacy regulations like CCPA and bolster their brands. The AI-Powered PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface. These include a Personal Data Graph Builder, Robotic Automation for Data Subject Requests, Secure Data Request Portal, Consent Lifecycle Manager, Third-Party Privacy Assessment, Third-Party Privacy Ratings, Privacy Assessment Automation and Breach Management. SECURITI.ai is also featured in the Consent Management section of Bessemer’s Data Privacy Stack shown below and available in Bessemer Venture Partner’s recent publication How data privacy engineering will prevent future data oil spills (10 pp., PDF, no opt-in). Top 10 Cybersecurity Companies To Watch In 2020 SOURCE: BESSEMER VENTURE PARTNERS, HOW DATA PRIVACY ENGINEERING WILL PREVENT FUTURE DATA OIL SPILLS , SEPTEMBER, 2019. (10 PP., PDF, NO OPT-IN). Transmit Security - The Transmit Security Platform provides a solution for managing identity across applications while maintaining security and usability. As criminal threats evolve, online authentication has become reactive and less effective. Many organizations have taken on multiple point solutions to try to stay ahead, deploying new authenticators, risk engines, and fraud tools. In the process, the customer experience has suffered. And with an increasingly complex environment, many enterprises struggle with the ability to rapidly innovate to provide customers with an omnichannel experience that enables them to stay ahead of emerging threats.

Transmit Security – The Transmit Security Platform provides a solution for managing identity across applications while maintaining security and usability. As criminal threats evolve, online authentication has become reactive and less effective. Many organizations have taken on multiple point solutions to try to stay ahead, deploying new authenticators, risk engines, and fraud tools. In the process, the customer experience has suffered. And with an increasingly complex environment, many enterprises struggle with the ability to rapidly innovate to provide customers with an omnichannel experience that enables them to stay ahead of emerging threats.

How AI Is Improving Omnichannel CyberSecurity In 2020

How AI Is Improving Omnichannel CyberSecurity in 2020

  • 52% of financial institutions plan to invest in additional measures to secure existing accounts, and 46% plan to invest in better identity-verification measures.
  • 42% of digital businesses that consider themselves technologically advanced are finding fraud is restraining their ability to grow and adopt new digital innovation strategies.
  • 33% of all businesses across retail, financial institutions, restaurants, and insurance are investing in their omnichannel strategies this year.

These and many other insights are from Javelin Strategy, and Research report published this month, Protecting Digital Innovation: Emerging Fraud and Attack Vectors. A copy of the report can be downloaded here (25 pp., PDF, opt-in). The methodology is based on a survey of 200 fraud and payment decision-makers for businesses headquartered in the United States. Respondents are evenly distributed from four industries, including consumer banking, insurance, restaurants/food service, and retail merchants.

The survey’s results are noteworthy because they reflect how AI and machine learning-based fraud prevention techniques are helping retailers, financial services, insurance, and restaurants to reduce false positives that, in turn, reduces friction for their customers. All industries are in an arms race with fraudsters, many of whom are using machine learning to thwart fraud prevention systems. There are a series of fraud prevention providers countering fraud and helping industries stay ahead. A leader in this field is Kount, with its Omniscore that provides digital businesses with what they need to fight fraud while providing the best possible customer experience.

The following are the key insights from the Javelin Strategy and Research report published this month:

  • Retailers, financial institutions, restaurants, and insurance companies need to invest in fraud mitigation at the same rate as new product innovation, with retail and banking leading the way. Restaurants and insurance are lagging in their adoption of fraud mitigation techniques and, as a result, tend to experience more fraud. The insurance industry has a friendly fraud problem that is hard to catch. Over half of the financial institutions interviewed, 52% plan to invest in additional technologies to secure existing accounts, and 46% plan to invest in better identity-verification measures. Based on the survey, banks appear to be early adopters of AI and machine learning for fraud prevention. The study makes an excellent point that banking via virtual assistants is still nascent and constrained by the lack of information sharing within the ecosystem, which restricts authentication measures to PINs and passwords.

How AI Is Improving Omnichannel CyberSecurity in 2020

  • 57% of all businesses are adding new products and services as their leading digital innovation strategy in 2020, followed by refining the user experience (55%) and expanding their digital strategy teams. Comparing priorities for digital innovation across the four industries reflects how each is approaching their omnichannel strategy. The banking industry places the highest priority on improving the security of existing user accounts at 52% of financial institutions surveyed. Improving security is the highest priority in banking today, according to the survey results shown below. This further validates how advanced banking and financial institutions are in their use of AI and machine learning for fraud prevention.

How AI Is Improving Omnichannel CyberSecurity in 2020

  • Digital businesses plan to improve their omnichannel strategies by improving their website, mobile app, and online catalog customer experiences across all channels in addition to better integration between digital and physical services is how. 40% of respondents are actively investing in improving the integration between digital and physical services. That’s an essential step for ensuring a consistently excellent user experience across websites, product catalogs, buy online and pick up in-store, and consistent user experiences across all digital and physical channels.

How AI Is Improving Omnichannel CyberSecurity in 2020

  • 69% of all digital businesses interviewed are planning to make additional fraud investments this year. Banking and financial institutions dominate the four industries surveyed in the plans for additional fraud investment. 82% of consumer banks are planning to invest in additional fraud detection technologies. Insurers are least likely to invest in fraud detection technologies in 2020. The study notes that this can be attributed to insurers’ unique challenges with first-party fraud or fraud committed by legitimate policyholders, which is poorly addressed by many mainstream fraud controls.

How AI Is Improving Omnichannel CyberSecurity in 2020

  • Using AI-based scoring techniques to detect stolen credit card data being used online or in mobile apps, dominates financial institutions’ priorities today. 34% of financial institutions cite their top fraud threat being the use of stolen credit card data used online or in mobile apps. 18% say account takeovers are their most important area to reduce fraud. Financial institutions lead all others in fraud technology investments to thwart fraud, with managing digital fraud risk being the highest priority of all compared to the three other industries represented in the survey.

How AI Is Improving Omnichannel CyberSecurity in 2020

  • 52% of all financial institutions say that improving the security of existing user accounts leads all digital investment priorities in 2020. What’s significant about this finding is that it outpaces adding new digital products and services and improving identity verification of new users. This is another factor that contributes to financial institutions’ leadership role in relying on AI and machine learning to improve fraud detection and deterrence.   

How AI Is Improving Omnichannel CyberSecurity in 2020

 

 

10 Predictions How AI Will Improve Cybersecurity In 2020

10 Predictions How AI Will Improve Cybersecurity In 2020

Capgemini predicts 63% of organizations are planning to deploy AI in 2020 to improve cybersecurity, with the most popular application being network security.

Cybersecurity is at an inflection point entering 2020. Advances in AI and machine learning are accelerating its technological progress. Real-time data and analytics are making it possible to build stronger business cases, driving higher adoption. Cybersecurity spending has rarely been linked to increasing revenues or reducing costs, but that’s about to change in 2020.

What Leading Cybersecurity Experts Are Predicting For 2020

Interested in what the leading cybersecurity experts are thinking will happen in 2020, I contacted five of them. Experts I spoke with include Nicko van Someren, Ph.D. and Chief Technology Officer at Absolute Software; Dr. Torsten George, Cybersecurity Evangelist at Centrify; Craig Sanderson, Vice President of Security Products at Infoblox; Josh Johnston, Director of AI, Kount; and Brian Foster, Senior Vice President Product Management at MobileIron. Each of them brings a knowledgeable, insightful, and unique perspective to how AI and machine learning will improve cybersecurity in 2020. The following are their ten predictions:

  1. AI and machine learning will continue to enable asset management improvements that also deliver exponential gains in IT security by providing greater endpoint resiliency in 2020. Nicko van Someren, Ph.D. and Chief Technology Officer at Absolute Software, observes that “Keeping machines up to date is an IT management job, but it’s a security outcome. Knowing what devices should be on my network is an IT management problem, but it has a security outcome. And knowing what’s going on and what processes are running and what’s consuming network bandwidth is an IT management problem, but it’s a security outcome. I don’t see these as distinct activities so much as seeing them as multiple facets of the same problem space, accelerating in 2020 as more enterprises choose greater resiliency to secure endpoints.”
  2. AI tools will continue to improve at drawing on data sets of wildly different types, allowing the “bigger picture” to be put together from, say, static configuration data, historic local logs, global threat landscapes, and contemporaneous event streams.  Nicko van Someren, Ph.D., and CTO at Absolute Software also predict that“Enterprise executives will be concentrating their budgets and time on detecting cyber threats using AI above predicting and responding. As enterprises mature in their use and adoption of AI as part of their cybersecurity efforts, prediction and response will correspondingly increase.”
  3. Threat actors will increase the use of AI to analyze defense mechanisms and simulate behavioral patterns to bypass security controls, leveraging analytics to and machine learning to hack into organizations. Dr. Torsten George, Cybersecurity Evangelist at Centrify, predicts that “threat actors, many of them state-sponsored, will increase their use and sophistication of AI algorithms to analyze organizations’’ defense mechanisms and tailor attacks to specific weak areas. He also sees the threat of bad actors being able to plug into the data streams of organizations and use the data to further orchestrate sophisticated attacks.”
  4. Given the severe shortage of experienced security operations resources and the sheer volume of data that most organizations are trying to work through, we are likely to see organizations seeking out AI/ML capabilities to automate their security operations processes. Craig Sanderson, Vice President of Security Products at Infoblox also predicts that “while AI and machine learning will increasingly be used to detect new threats it still leaves organizations with the task of understanding the scope, severity, and veracity of that threat to inform an effective response. As security operations becomes a big data problem it necessitates big data solutions.”
  5. There’s going to be a greater need for adversarial machine learning to combat supply chain corruption in 2020. Sean Tierney, Director of Threat Intelligence at Infoblox, predicts that “the need for adversarial machine learning to combat supply chain corruption is going to increase in 2020. Sean predicts that the big problem with remote coworking spaces is determining who has access to what data. As a result, AI will become more prevalent in traditional business processes and be used to identify if a supply chain has been corrupted.”
  6. Artificial intelligence will become more prevalent in account takeover—both the proliferation and prevention of it. Josh Johnston, Director of AI at Kount, predicts that “the average consumer will realize that passwords are not providing enough account protection and that every account they have is vulnerable. Captcha won’t be reliable either, because while it can tell if someone is a bot, it can’t confirm that the person attempting to log in is the account holder. AI can recognize a returning user. AI will be key in protecting the entire customer journey, from account creation to account takeover, to a payment transaction. And, AI will allow businesses to establish a relationship with their account holders that are protected by more than just a password.”
  7. Consumers will take greater control of their data sharing and privacy in 2020. Brian Foster, Senior Vice President Product Management at MobileIron, observes that over the past few years, we’ve witnessed some of the biggest privacy and data breaches. As a result of the backlash, tech giants such as Apple, Google, Facebook and Amazon beefed up their privacy controls to gain back trust from customers. Now, the tables have turned in favor of consumers and companies will have to put privacy first to stay in business. Moving forward, consumers will own their data, which means they will be able to selectively share it with third parties, but most importantly, they will get their data back after sharing, unlike in years past.
  8. As cybersecurity threats evolve, we’ll fight AI with AI. Brian Foster, Senior Vice President Product Management at MobileIron, notes that the most successful cyberattacks are executed by highly professional criminal networks that leverage AI and ML to exploit vulnerabilities such as user behavior or security gaps to gain access to valuable business systems and data. All of this makes it extremely hard for IT security organizations to keep up — much less stay ahead of these threats. While an attacker only needs to find one open door in an enterprise’s security, the enterprise must race to lock all of the doors. AI conducts this at a pace and thoroughness human ability can no longer compete with, and businesses will finally take notice in 2020.
  9. AI and machine learning will thwart compromised hardware finding its way into organizations’ supply chains. Rising demand for electronic components will expand the market for counterfeit components and cloned products, increasing the threat of compromised hardware finding its way into organizations’ supply chains. The vectors for hardware supply-chain attacks are expanding as market demand for more and cheaper chips, and components drive a booming business for hardware counterfeiters and cloners. This expansion is likely to create greater opportunities for compromise by both nation-state and cybercriminal threat actors. Source: 2020 Cybersecurity Threats Trends Outlook; Booz, Allen, Hamilton, 2019.
  10. Capgemini predicts 63% of organizations are planning to deploy AI in 2020 to improve cybersecurity, with the most popular application being network security. Capgemini found that nearly one in five organizations were using AI to improve cybersecurity before 2019. In addition to network security, data security, endpoint security, and identity and access management are the highest priority use cases for improving cybersecurity with AI in enterprises today. Source: Capgemini, Reinventing Cybersecurity with Artificial Intelligence: The new frontier in digital security.
10 Predictions How AI Will Improve Cybersecurity In 2020

Source: Capgemini, Reinventing Cybersecurity with Artificial Intelligence: The new frontier in digital security.

7 Ways AI Reduces Mobile Fraud Just In Time For The Holidays

7 Ways AI Reduces Mobile Fraud Just In Time For The Holidays

  • There has been a 680% increase in global fraud transactions from mobile apps from October 2015 to December 2018, according to RSA.
  •  70% of fraudulent transactions originated in the mobile channel in 2018.
  • RSA’s Anti-Fraud Command Center saw phishing attacks increase 178% after leading banks in Spain launched instant transfer services.
  • Rogue mobile apps are proliferating with, 20% of all reported cyberattacks originating from mobile apps in 2018 alone.

On average, there are 82 new rogue applications submitted per day to any given AppExchange or application platform, all designed to defraud consumers. Mobile and digital commerce are cybercriminals’ favorite attack surfaces because they are succeeding with a broad base of strategies for defrauding people and businesses.

Phishing, malware, smishing, or the use of SMS texts rather than email to launch phishing attempts are succeeding in gaining access to victims’ account credentials, credit card numbers, and personal information to launch identity theft breaches. The RSA is seeing an arms race between cybercriminals and mobile OS providers with criminals improving their malware to stay at parity or leapfrog new versions and security patches of mobile operating systems.

Improving Mobile Fraud Prevention With AI And Machine Learning

Creating a series of rogue applications and successfully uploading them into an AppExchange or application store gives cybercriminals immediate access to global markets. Hacking mobile apps and devices is one of the fastest-growing cybercriminal markets, one with 6.8B mobile users worldwide this year, projected to increase to 7.3B in 2023, according to The Radicati Group. The total number of mobile devices, including both phones and tablets, will be over 13B by the end of 2019, according to the research firm. And a small percentage of mobile fraud transactions get reported, with mobile fraud losses reported totaling just over $40M across 14,392 breaches according to the U.S. Federal Trade Commission. Mobile fraud is an epidemic that needs to be fought with state-of-the-art approaches based on AI and machine learning’s innate strengths.

Traditional approaches to thwarting digital fraud rely on rules engines that thrive on detecting and taking action based on established, known patterns, and are often hard-coded into a merchant’s system. Fraud analyst teams further customize rules engines to reflect the unique requirements of the merchants’ selling strategies across each channel. Fine-tuning rules engines makes them effective at recognizing and taking action on known threat patterns. The challenge for every merchant relying on a fraud rules engine is that they often don’t catch the latest patterns in cybercriminal activity. Where rules-based approaches to digital fraud don’t scale, AI, and machine learning do.

Exploring The 7 Ways AI Is Reducing Mobile Fraud

Where rules engines are best suited for spotting existing trends in fraud activity, machine learning excels at classifying observations (called supervised machine learning) and finding anomalies in data by finding entirely new patterns and associations (called unsupervised machine learning). Combining supervised and unsupervised machine learning algorithms are proving to be very effective at reducing mobile fraud. The following are the seven ways AI and machine learning are reducing mobile fraud today:

  1. AI and machine learning reduce false positives by interpreting the nuances of specific behaviors and accurately predicting if a transaction is fraudulent or not. Merchants are relying on AI and machine learning to reduce false positives, saving their customers from having to re-authenticate who they are and their payment method. A false positive at that first interaction with a customer is going to reduce the amount of money that they spend with a merchant, so it’s very important to interpret each transaction accurately.
  2. Identifying and thwarting merchant fraud based on anomalous activity from a compromised mobile device. Cybercriminals are relying on SIM swapping to gain control of mobile devices and commit fraud, as the recent hack of Twitter’s founder Jack Dorsey illustrates. Hackers were able to transfer his telephone number using SIM swapping and by talking Dorsey’s mobile service provider to bypass the account passcode. Fortunately, only his Twitter account was hacked. Any app or account accessible on his phone could have been breached, leading to fraudulent bank transfers or purchases. The attack could have been thwarted if Jack Dorsey’s mobile service provider was using AI-based risk scoring to detect and act on anomalous activity.
  3. AI and machine learning-based techniques scale across a wider breadth of merchants than any rules-based approach to mobile fraud prevention can. Machine learning-based models scale and learn across different industries in real-time, accumulating valuable data that improves payment fraud prediction accuracy. Kount’s Universal Data Network is noteworthy, as it includes billions of transactions over 12 years, 6,500 customers, 180+ countries and territories, and multiple payment networks. That rich data feeds Kount’s machine learning models to detect anomalies more accurately and reduce false positives and chargebacks.
  4. Combining supervised and unsupervised machine learning algorithms translates into a formidable speed advantage, with fraudulent transactions identified on average in 250 milliseconds. Merchants’ digital business models’ scale and speed are increasing, and with the holidays coming up, there’s a high probability many will set mobile commerce sales records. The merchants who will gain the most sales are focusing on how security and customer experience can complement each other. Being able to approve or reject a transaction within a second or less is the cornerstone of an excellent customer buying experience.
  5. Knowing when to use two-factor authentication via SMS or Voice PIN to reduce false negatives or not, preserving customer relationships in the process. Rules engines will often take a brute-force approach to authentication if any of the factors they’re tracking show a given transaction is potentially fraudulent. Requesting customers authenticate themselves after they’re logged into a merchant’s site when they attempt to buy an item is a sure way to lose a customer for life. By being able to spot anomalies quickly, fewer customers are forced to re-authenticate themselves, and customer relationships are preserved. And when transactions are indeed fraudulent, losses have been averted in less than a second.
  6. Provide a real-time transaction risk score that combines the strengths of supervised and unsupervised machine learning into a single fraud prevention payment score. Merchants need a real-time transaction risk score that applies to every channel they sell, though. Fraud rules engines had to be tailored to each specific selling channel with specific rules for each type of transaction. That’s no longer the case due to machine learnings’ ability to scale across all channels and provide a transaction risk score in milliseconds. Leaders in this area include Kount’s Omniscore, the actionable transaction safety rating that is a result of their AI, which combines patented, proprietary supervised and unsupervised machine learning algorithms and technologies.
  7. Combining insights from supervised and unsupervised machine learning with contextual intelligence of transactions frees up fraud analysts to do more investigations and fewer transaction reviews. AI and machine learning-based fraud prevention systems’ first contribution is often reducing the time fraud analysts take for manual reviews. Digitally-based businesses I’ve talked with say having supervised machine learning categorize and then predict fraudulent attempts is invaluable from a time-saving standpoint alone. Merchants are finding AI, and machine learning-based approaches enable to score to approve more orders automatically, reject more orders automatically, and focus on those gray area orders, freeing up fraud analysts to do more strategic, rewarding work. They’re able to find more sophisticated, nuanced abuse attacks like refer a friend abuse or a promotion abuse or seller collusion in a marketplace. Letting the model do the work of true payment fraud prevention frees up those fraud analysts to do other worth that add value.

Conclusion

With the holiday season rapidly approaching, it’s time for merchants to look at how they can protect mobile transactions at scale across all selling channels. AI and machine learning are proving themselves as viable replacements to traditional rules engines that rely on predictable, known fraud patterns. With 70% of fraudulent transactions originating in the mobile channel in 2018 and the influx of orders coming in the next three months, now would be a good time for merchants to increase their ability to thwart mobile fraud while reducing false positives that alienate customers.

Sources:

RSA 2019 Current State of Cybercrime Report (11 pp., PDF, opt-in)

The Radicati Group, Mobile Statistics Report, 2019 – 2023 (3 pp., PDF, no opt-in)

U.S. Federal Trade Commission, Consumer Sentinel Network, Data Book 2018 (90 pp., PDF, no opt-in)

 

 

How AI Is Protecting Against Payments Fraud

  • 80% of fraud specialists using AI-based platforms believe the technology helps reduce payments fraud.
  • 63.6% of financial institutions that use AI believe it is capable of preventing fraud before it happens, making it the most commonly cited tool for this purpose.
  • Fraud specialists unanimously agree that AI-based fraud prevention is very effective at reducing chargebacks.
  • The majority of fraud specialists (80%) have seen AI-based platforms reduce false positives, payments fraud, and prevent fraud attempts.

AI is proving to be very effective in battling fraud based on results achieved by financial institutions as reported by senior executives in a recent survey, AI Innovation Playbook published by PYMNTS in collaboration with Brighterion. The study is based on interviews with 200 financial executives from commercial banks, community banks, and credit unions across the United States. For additional details on the methodology, please see page 25 of the study. One of the more noteworthy findings is that financial institutions with over $100B in assets are the most likely to have adopted AI, as the study has found 72.7% of firms in this asset category are currently using AI for payment fraud detection.

Taken together, the findings from the survey reflect how AI thwarts payments fraud and deserves to be a high priority in any digital business today. Companies, including Kount and others, are making strides in providing AI-based platforms, further reducing the risk of the most advanced, complex forms of payments fraud.

Why AI Is Perfect For Fighting Payments Fraud

Of the advanced technologies available for reducing false positives, reducing and preventing fraud attempts, and reducing manual reviews of potential payment fraud events, AI is ideally suited to provide the scale and speed needed to take on these challenges. More specifically, AI’s ability to interpret trend-based insights from supervised machine learning, coupled with entirely new knowledge gained from unsupervised machine learning algorithms are reducing the incidence of payments fraud. By combining both machine learning approaches, AI can discern if a given transaction or series of financial activities are fraudulent or not, alerting fraud analysts immediately if they are and taking action through predefined workflows. The following are the main reasons why AI is perfect for fighting payments fraud:

  • Payments fraud-based attacks are growing in complexity and often have a completely different digital footprint or pattern, sequence, and structure, which make them undetectable using rules-based logic and predictive models alone. For years e-commerce sites, financial institutions, retailers, and every other type of online business relied on rules-based payment fraud prevention systems. In the earlier years of e-commerce, rules and simple predictive models could identify most types of fraud. Not so today, as payment fraud schemes have become more nuanced and sophisticated, which is why AI is needed to confront these challenges.
  • AI brings scale and speed to the fight against payments fraud, providing digital businesses with an immediate advantage in battling the many risks and forms of fraud. What’s fascinating about the AI companies offering payments fraud solutions is how they’re trying to out-innovate each other when it comes to real-time analysis of transaction data. Real-time transactions require real-time security. Fraud solutions providers are doubling down on this area of R&D today, delivering impressive results. The fastest I’ve seen is a 250-millisecond response rate for calculating risk scores using AI on the Kount platform, basing queries on a decades-worth of data in their universal data network. By combining supervised and unsupervised machine learning algorithms, Kount is delivering fraud scores that are twice as predictive as previous methods and faster than competitors.
  • AI’s many predictive analytics and machine learning techniques are ideal for finding anomalies in large-scale data sets in seconds. The more data a machine learning model has to train on, the more accurate its predictive value. The greater the breadth and depth of data, a given machine learning algorithm learns from means more than how advanced or complex a given algorithm is. That’s especially true when it comes to payments fraud detection where machine learning algorithms learn what legitimate versus fraudulent transactions look like from a contextual intelligence perspective. By analyzing historical account data from a universal data network, supervised machine learning algorithms can gain a greater level of accuracy and predictability. Kount’s universal data network is among the largest, including billions of transactions over 12 years, 6,500 customers, 180+ countries and territories, and multiple payment networks. The data network includes different transaction complexities, verticals, and geographies, so machine learning models can be properly trained to predict risk accurately. That analytical richness includes data on physical real-world and digital identities creating an integrated picture of customer behavior.

Bottom Line:  Payments fraud is insidious, difficult to stop, and can inflict financial harm on any business in minutes. Battling payment fraud needs to start with a pre-emptive strategy to thwart fraud attempts by training machine learning models to quickly spot and act on threats then building out the strategy across every selling and service channel a digital business relies on.

AI Is Predicting The Future Of Online Fraud Detection

Bottom Line: Combining supervised and unsupervised machine learning as part of a broader Artificial Intelligence (AI) fraud detection strategy enables digital businesses to quickly and accurately detect automated and increasingly complex fraud attempts.

Recent research from the Association of Certified Fraud Examiners (ACFE)KPMGPwC, and others reflects how organized crime and state-sponsored fraudsters are increasing the sophistication, scale, and speed of their fraud attacks. One of the most common types of emerging attacks is based on using machine learning and other automation techniques to commit fraud that legacy approaches to fraud prevention can’t catch. The most common legacy approaches to fighting online fraud include relying on rules and predictive models that are no longer effective at confronting more advanced, nuanced levels of current fraud attempts. Online fraud detection needs AI to stay at parity with the quickly escalating complexity and sophistication of today’s fraud attempts.

Why AI is Ideal for Online Fraud Detection

It’s been my experience that digitally-based businesses that have the best track record of thwarting online fraud rely on AI and machine learning to do the following:

  • Actively use supervised machine learning to train models so they can spot fraud attempts quicker than manually-based approaches. Digitally-based businesses I’ve talked with say having supervised machine learning categorize and then predict fraudulent attempts is invaluable from a time-saving standpoint alone. Adopting supervised machine learning first is easier for many businesses as they have analytics teams on staff who are familiar with the foundational concepts and techniques. Digital businesses with high-risk exposure given their business models are adopting AI-based online fraud detection platforms to equip their fraud analysts with the insights they need to identify and stop threats early.
  • Combine supervised and unsupervised machine learning into a single fraud prevention payment score to excel at finding anomalies in emerging data. Integrating the results of fraud analysis based on supervised and unsupervised machine learning into one risk score is one way AI enables online fraud prevention to scale today. Leaders in this area of online fraud prevention can deliver payment scores in 250 milliseconds, using AI to interpret the data and provide a response. A more integrated approach to online fraud prevention that combines supervised and unsupervised machine learning can deliver scores that are twice as predictive as previous approaches.
  • Capitalizes on large-scale, universal data networks of transactions to fine-tune and scale supervised machine learning algorithms, improving fraud prevention scores in the process. The most advanced digital businesses are looking for ways to fine-tune their machine learning models using large-scale universal data sets. Many businesses have years of transaction data they rely on initially for this purpose. Online fraud prevention platforms also have large-scale universal data networks that often include billions of transactions captured over decades, from thousands of customers globally.

The integration of these three factors forms the foundation of online fraud detection and defines its future growth trajectory. One of the most rapid areas of innovation in these three areas is the fine-tuning of fraud prevention scores. Kount’s unique approach to creating and scaling its Omniscore indicates how AI is immediately redefining the future of online fraud detection.

Kount is distinct from other online fraud detection platforms due to the company’s ability to factor in all available historical data in their universal data network that includes billions of transactions accumulated over 12 years, 6,500 customers, across over 180 countries and territories, and multiple payment networks.

Insights into Why AI is the Future of Online Fraud Detection

Recent research studies provide insights into why AI is the future of online fraud detection. According to the Association of Certified Fraud Examiners (ACFE) inaugural Anti-Fraud Technology Benchmarking Report, the amount organizations are expected to spend on AI and machine learning to thwart online fraud is expected to triple by 2021. The ACFE study also found that only 13% of organizations currently use AI and machine learning to detect and deter fraud today. The report predicts another 25% plan to adopt these technologies in the next year or two – an increase of nearly 200%. The ACFE study found that AI and machine learning technology will most likely be adopted in the next two years to fight fraud, followed by predictive analytics and modeling.

PwC’s 2018 Global Economic Crime and Fraud Survey is based on interviews with 7,200 C-level and senior management respondents across 123 different nations and territories and was conducted to determine the true state of digital fraud prevention across the world. The study found that 42% of companies said they had increased funds used to combat fraud or economic crime. In addition, 34% of the C-level and senior management executives also said that existing approaches to combatting online fraud was generating too many false positives. The solution is to rely more on machine learning and AI in combination with predictive analytics as the graphic below illustrates. Kount’s unique approach to combining these technologies to define their Omniscore reflects the future of online fraud detection.

AI is a necessary foundation of online fraud detection, and for platforms built on these technologies to succeed, they must do three things extremely well. First, supervised machine learning algorithms need to be fine-tuned with decades worth of transaction data to minimize false positives and provide extremely fast responses to inquiries. Second, unsupervised machine learning is needed to find emerging anomalies that may signal entirely new, more sophisticated forms of online fraud. Finally, for an online fraud platform to scale, it needs to have a large-scale, universal data network of transactions to fine-tune and scale supervised machine learning algorithms that improve the accuracy of fraud prevention scores in the process.

Why AI Is The Future Of Cybersecurity

These and many other insights are from Capgemini’s Reinventing Cybersecurity with Artificial Intelligence Report published this week. You can download the report here (28 pp., PDF, free, no opt-in). Capgemini Research Institute surveyed 850 senior executives from seven industries, including consumer products, retail, banking, insurance, automotive, utilities, and telecom. 20% of the executive respondents are CIOs, and 10% are CISOs. Enterprises headquartered in France, Germany, the UK, the US, Australia, the Netherlands, India, Italy, Spain, and Sweden are included in the report. Please see page 21 of the report for a description of the methodology.

Capgemini found that as digital businesses grow, their risk of cyberattacks exponentially increases. 21% said their organization experienced a cybersecurity breach leading to unauthorized access in 2018. Enterprises are paying a heavy price for cybersecurity breaches: 20% report losses of more than $50 million. Centrify’s most recent survey, Privileged Access Management in the Modern Threatscape, found that 74% of all breaches involved access to a privileged account. Privileged access credentials are hackers’ most popular technique for initiating a breach to exfiltrate valuable data from enterprise systems and sell it on the Dark Web.

Key insights include the following:

  • 69% of enterprises believe AI will be necessary to respond to cyberattacks. The majority of telecom companies (80%) say they are counting on AI to help identify threats and thwart attacks. Capgemini found the telecom industry has the highest reported incidence of losses exceeding $50M, making AI a priority for thwarting costly breaches in that industry. It’s understandable by Consumer Products (78%), and Banking (75%) are 2nd and 3rd given each of these industry’s growing reliance on digitally-based business models. U.S.-based enterprises are placing the highest priority on AI-based cybersecurity applications and platforms, 15% higher than the global average when measured on a country basis.

  • 73% of enterprises are testing use cases for AI for cybersecurity across their organizations today with network security leading all categories. Endpoint security the 3rd-highest priority for investing in AI-based cybersecurity solutions given the proliferation of endpoint devices, which are expected to increase to over 25B by 2021. Internet of Things (IoT) and Industrial Internet of Things (IIoT) sensors and systems they enable are exponentially increasing the number of endpoints and threat surfaces an enterprise needs to protect. The old “trust but verify” approach to enterprise security can’t keep up with the pace and scale of threatscape growth today. Identities are the new security perimeter, and they require a Zero Trust Security framework to be secure. Be sure to follow Chase Cunningham of Forrester, Principal Analyst, and the leading authority on Zero Trust Security to keep current on this rapidly changing area. You can find his blog here.

  • 51% of executives are making extensive AI for cyber threat detection, outpacing prediction, and response by a wide margin. Enterprise executives are concentrating their budgets and time on detecting cyber threats using AI above predicting and responding. As enterprises mature in their use and adoption of AI as part of their cybersecurity efforts, prediction and response will correspondingly increase. “AI tools are also getting better at drawing on data sets of wildly different types, allowing the “bigger picture” to be put together from, say, static configuration data, historic local logs, global threat landscapes, and contemporaneous event streams,” said Nicko van Someren, Chief Technology Officer at Absolute Software.

  • 64% say that AI lowers the cost to detect and respond to breaches and reduces the overall time taken to detect threats and breaches up to 12%. The reduction in cost for a majority of enterprises ranges from 1% – 15% (with an average of 12%). With AI, the overall time taken to detect threats and breaches is reduced by up to 12%. Dwell time – the amount of time threat actors remain undetected – drops by 11% with the use of AI. This time reduction is achieved by continuously scanning for known or unknown anomalies that show threat patterns. PetSmart, a US-based specialty retailer, was able to save up to $12M by using AI in fraud detection from Kount. By partnering with Kount, PetSmart was able to implement an AI/Machine Learning technology that aggregates millions of transactions and their outcomes. The technology determines the legitimacy of each transaction by comparing it against all other transactions received. As fraudulent orders were identified, they were canceled, saving the company money and avoiding damage to the brand. The top 9 ways Artificial Intelligence prevents fraud provides insights into how Kount’s approach to unsupervised and supervised machine learning stops fraud.

  • Fraud detection, malware detection, intrusion detection, scoring risk in a network, and user/machine behavioral analysis are the five highest AI use cases for improving cybersecurity. Capgemini analyzed 20 use cases across information technology (IT), operational technology (OT) and the Internet of Things (IoT) and ranked them according to their implementation complexity and resultant benefits (in terms of time reduction). Based on their analysis, we recommend a shortlist of five high-potential use cases that have low complexity and high benefits. 54% of enterprises have already implemented five high impact cases. The following graphic compares the recommended use cases by the level of benefit and relative complexity.

  • 56% of senior execs say their cybersecurity analysts are overwhelmed and close to a quarter (23%) are not able to successfully investigate all identified incidents. Capgemini found that hacking organizations are successfully using algorithms to send ‘spear phishing’ tweets (personalized tweets sent to targeted users to trick them into sharing sensitive information). AI can send the tweets six times faster than a human and with twice the success. “It’s no surprise that Capgemini’s data shows that security analysts are overwhelmed. The cybersecurity skills shortage has been growing for some time, and so have the number and complexity of attacks; using machine learning to augment the few available skilled people can help ease this. What’s exciting about the state of the industry right now is that recent advances in Machine Learning methods are poised to make their way into deployable products,” said Nicko van Someren, Chief Technology Officer at Absolute Software.

Conclusion

AI and machine learning are redefining every aspect of cybersecurity today. From improving organizations’ ability to anticipate and thwart breaches, protecting the proliferating number of threat surfaces with Zero Trust Security frameworks to making passwords obsolete, AI and machine learning are essential to securing the perimeters of any business.  One of the most vulnerable and fastest-growing threat surfaces are mobile phones. The two recent research reports from MobileIronSay Goodbye to Passwords (4 pp., PDF, opt-in) in collaboration with IDG, and Passwordless Authentication: Bridging the Gap Between High-Security and Low-Friction Identity Management (34 pp., PDF, opt-in) by Enterprise Management Associates (EMA) provide fascinating insights into the passwordless future. They reflect and quantify how ready enterprises are to abandon passwords for more proven authentication techniques including biometrics and mobile-centric Zero Trust Security platform.

%d bloggers like this: