arrow left facebook twitter linkedin medium menu play circle

A Data Breach is Just the Beginning

Stolen data can be used anywhere. In fact, it will be. The question is, can you stop the attack before it’s too late?

By Yinglian Xie 2019年8月2日

Photo of Yinglian Xie

about Yinglian Xie
Yinglian Xie is CEO and Co-Founder of DataVisor. She was previously at Microsoft Research, where her focus was on advancing the security of online services with big data analytics and machine learning. Yinglian completed both her Ph.D. and post-doctoral work in Computer Science at Carnegie Mellon University, and currently holds over 20 patents in her field. A highly-regarded researcher, author, and conference contributor, Yinglian is widely regarded as one of the most influential figures in the areas of artificial intelligence, machine learning, and big data security.

The news about the Capital One data breach was a shot heard around the world. This is understandable. They’re a very large company, and the breach was very large. However, a breach is only the beginning. The real concern is what happens next. The downstream effects of an event like this are far more impactful than the breach itself. Before we know it, the stolen data lands in the hands of fraudsters who waste no time in using the information for massive-scale attacks.

As reported by several media outlets, the details of this particular data breach are remarkably simple. By seemingly all accounts, one person took advantage of one misconfiguration, and just like that, the data was loose. There are, of course, ongoing inquiries into whether other companies may have fallen victim as well. Regardless, the real question remains the same: how will the stolen data be used, and what can we do to protect against the inevitable attacks?

As we consider this question, it’s important to remember who the real victims are—all good customers. For those customers whose data was exposed in the breach, their information is at risk of being exploited to conduct various downstream attacks, causing potentially serious damage. Other service providers could be severely impacted as well, as they face increased fraudulent account opening requests from attackers with stolen credentials or synthetic IDs. 

In the course of preparing for these uphill battles, it’s important to understand the challenges modern financial institutions face when it comes to creating exceptional experiences for other legitimate customers as security measures are tightened and scrutiny intensifies.

On the one hand, consumers want convenience, speed, and accessibility, and businesses are under constant pressure to provide these benefits. Mobile banking’s ongoing rise can be directly ascribed to this demand, as mobile offers all the above. Simultaneous to this, enterprises are under equally relentless pressure to deliver safety, security, and ironclad protection from fraud.

From this tension emerges another crucial question: how do financial institutions protect good customers, without compromising their experience, as they face increasing levels of suspicious activity?

To address this challenge successfully, more and more companies are now thinking beyond supervised machine learning and rules-based approaches. These legacy solutions are prone to high false positives that result in poor customer experiences due to their reliance on simple anomaly detection. Instead, companies are leveraging the power of unsupervised machine learning (UML) to expose hidden patterns and connections that indicate coordinated malicious activity. Using UML removes the need for historical labels, lengthy training times, and frequent re-tuning, thereby enabling nimble, real-time detection.

In undertaking these transformations, organizations achieve the most crucial goal of all: stopping attacks before they launch and before any damage can happen. By enabling holistic data analysis and constant monitoring at scale, systems can expose suspicious accounts, actions, and events that would otherwise go unnoticed if viewed in isolation. This makes it possible to literally know the unknown, and protect against even the most sophisticated and previously unknown attack types. 

The results are what we all want—exceptionally high detection accuracy, the elimination of false positives, and frictionless customer experiences. Stolen data can be used anywhere. In fact, it will be. The question is, can you stop the attack before it’s too late, and mitigate the impact on good user experience?