How AI will Impact Information Security

Artificial Intelligence (AI) is continuing to evolve, and more institutions are implementing it in different ways, such as chatbots, automation of back-office functions, and sales-driven customer relationship management.

This revolution means the architecture of banking will evolve rapidly to include various changes, including public cloud, such as Microsoft Azure/Google Cloud, hosting of infrastructure, Application Programming Interfaces (APIs) to exchange data, and data lakes to assimilate, normalize, and gather data on customers just to name a few.

Historically, with these advances, benefits and challenges arise, both foreseeable and unforeseeable. Here are five impacts that are foreseeable at this point.

1. Security Orchestration, Automation and Response (SOAR)- This is automated detection and response of security threats. Traditional models use automated detection, leaving the response to mostly manual intervention. Detection has been improved with AI and now is contributing to more swift and accurate response to threats.
2. Larger data amount and points at risk- AI requires more data volume and points to make decisions and analysis effective and efficient. Gathering this data via APIs and storing in data lakes makes this information more available than the previous data silos because separate storage means more systems to compromise vs. having all in one. If these are compromised, Data breaches could have a larger impact on customers and be more voluminous and, therefore, more costly to institutions.
3. Algorithmic Bias- Historical data and decision-making models are new and can result in bias and unfair treatment. AI models make decisions based on previous data points and do not consider laws, ethics, and other human characteristics. These should be accounted for in governance level controls, which most institutions do not have in place due to historical manual processes.
4. Increased adoption of customer security authentication- AI will enhance biometric and behavioral recognition, making authentication more effective and acceptable for end users. The more traditional level of authentication, passwords, has been ineffective for decades but remains in many instances due to the historical shortcomings and inconvenience of more secure methods. Hopefully, this is the beginning of the end of passwords!
5. Increased errors in information- Creating the data required for AI means institutions will need to collect, normalize, and correlate data to produce information where never been done before. To successfully do so, it will be essential take on a data governance program, which will be new. Data Governance ensures that data is accurate, defined, and used appropriately. Based on how similar challenges have presented themselves in the past, such as COVID-19, cloud computing, etc., it is likely that Managed Service Providers, Compliance consultants, and core providers will provide this as a service to institutions to quickly produce a marketable product.

AI will be an interesting advancement for institutions, ultimately making operations more efficient and cost-effective. There will be some challenges, bumps, and lessons to learn along the way; however, those lead to growth and can be worthwhile.

Sources:

https://www.forbes.com/councils/forbestechcouncil/2025/03/10/the-future-of-core-banking-in-the-cloud-era /

McKinsey-building-the-ai-bank-of-the-future.pdf  

https://www.veriff.com/kyc/guides/why-a-killer-kyc-strategy-matters-to-neobank-customers