AI Digital Twins helping Bank in Cyber threat hunting!

Written By Peter Vogel

DarkReading.com reported that JPMorganChase is “ Keeping tabs on the online activities of over 320,000 employees worldwide is no small task. It wouldn't be that hard for an attacker to hide in a crowd of that many users and the massive amount of data they generate.”  The March 24, 2024 article entitled " How a Large Bank Uses AI Digital Twins for Threat Hunting” (https://www.darkreading.com/threat-intelligence/how-large-bank-uses-ai-digital-twins-threat-hunting) included these comments from Andrew Plummer, a chief scientist for artificial intelligence (AI) and machine learning in cybersecurity and technology controls:

Plummer set out to create an AI-powered system of digital fingerprints and digital twins to help human analysts sort through the mountains of user logs generated by employees and AI agents. While some of the agents are used by employees, others were created for the more than 6,000 applications running within the bank's environment.

Innovations like these are the next step in threat hunting and key to keeping companies a step ahead of attackers, Plummer told RSAC Conference attendees in San Francisco.

An advertising concept, digital fingerprints refer to consumer profiles companies create based on all the user data they collect, such as where the consumer might shop, what they did and didn't like, or what TV shows they would watch. In a cybersecurity context, digital fingerprints are based on data relating to the employee's work patterns and habits — the "casual and cognitive" aspects of their behavior, Plummer explained.

If the employee did something out of the ordinary, the AI would be able to spot it quickly, investigate further, and rate the anomaly in regard to how potentially malicious it could be, along with whether it should be flagged for future investigation.

That's where the digital twin comes in. Digital twins simulate processes or systems and incorporate real-time, real-world data. Widely used in manufacturing and design, digital twins are increasingly being used to analyze the impact of cyberattacks and vulnerabilities on software and hardware.

What do you think?

Peter Vogel
Next

You may be losing access to Microsoft Copilot Chat!