Beyond the breach: Zero Trust as the engine for financial resilience

Zero Trust: Chasing operational resilience in financial services

In an era defined by aggressive cybersecurity threats and increasingly complex hybrid IT environments, the financial services industry stands at a crossroads. The reality is that new threats, complex IT estates and stringent regulations mean that the old ‘castle-and-moat’, prevent-detect-respond model is no longer fit for purpose.

As news continued to come out about Anthropic’s powerful Mythos AI, a group of AI and security leaders from global Financial Services organisations shared their thoughts and strategies. All agreed that the accelerating speed of cyberattacks is forcing them to rethink and evolve their security models.

The closed-door private briefing took place on Day 2 of the HotTopics Studio at Abbey Road Studios. It was sponsored by Zscaler, which also had two security experts in attendance.

Code-level risk and unethical AI

“We all started with big perimeter defences,” one leader commented. “Now, we’re at the point where we are defending at the micro level. Where I would like to go, and am being forced to go, is that every line of code is a potential risk.”

Their organisation’s approach is to augment its capabilities to meet the fast-moving threat, while providing guardrails that are built into its systems. Meanwhile, it is training its people in understanding and mitigating AI and AI-driven cyberattacks. Serious ethical dilemmas get flagged, funnelled down and triaged by the AI team, with ongoing policy and micro-level discussions also taking place.

Another leader said that user awareness was a key issue for all FS firms. “You have to enhance employees’ knowledge and awareness of why we have certain things in place, and the implications to the company of their roles and actions. You need to re-baseline the employee landscape before you go forward into tools and processes,” they said.

They also discussed the need to design security controls and policies with users in mind, rather than merely creating technical controls for technical problems.

One leader warned that it’s essential to consider ethical consequences in every single AI/AI security use case. “Not enough people are questioning ethical AI. It tends to be the younger people who are not in those meetings. As an industry we're getting better at it, but the people in this room are the ones who have to push a bit more.”

Managing shadow AI

Many FS firms forbid staff from using unauthorised AI tools, but leaders recognised some workers either want to use them or are already using them without permission.

One leader spoke about about hearing financial traders talking in the corridors about how they had started to use AI “to give them a very slick interface to engage with various wealth management individuals and get answers.” The point is, Shadow AI is already here.

Some leaders are countering Shadow AI by adopting, authorising and controlling best-of-breed AI solutions. Others are creating an internal LLM on their own data centre infrastructure, that they can control, secure and keep clean from a data perspective. However, one person commented, “There are still ways where it can be circumvented and users can take the information outside.”

Another observed, “No one wants to bypass a control to do their job. They bypass it because they have to get their job done. If we can give them what they need, they'll use it safely and securely - whether it's an internally written LLM, or controlled and secure access to an industry one.”

Human in the loop, human in control

Another way to manage AI usage and ethics, whether sanctioned or shadow, is to have a “human in the loop” or “human in control”, delegates agreed. “Our main currency is trust. Risk is on the other side. To translate the financial and human risk into the trust we give our customers, we need to have a human in the loop,” said one leader.

With human in the loop or human in control, it's important to understand the AI tools yourself, said one participant. “Things are moving so fast. As people in the room, having these discussions, we need to have a more hands-on understanding of what's out there. That way, we can meet users halfway and say: we understand you want to use this technology, but we need to put some guardrails in place.”

Having a human overseeing the whole AI project workflow can also help from an AI compliance and legal perspective. At present, regulators are more comfortable with this than having self-learning AI agents watching and analysing trends, signals, patterns of activity and potential compromises, one leader felt. But they added that agents will do this work in five to 10 years’ time.

Limiting the blast radius

Tools like Mythos reveal flaws in decades-old mission critical IT systems – “the 30-year-old money machine we don’t talk about”, one expert said.

And it can find vulnerabilities and exploit them faster than anything the industry has experienced before. Security-by-design, zero trust, and modern defensible architecture provides a promising way forward that can limit the impact of an attack, leaders concurred. But it needs to be implemented right now when you're not being attacked, outside of the “the fog of war,” one of them advised.

“These days, it's a question of when you get compromised, not if,” they said, noting that Zero Day attacks can compromise and impede an organisation within minutes. “Principles like least privilege, guardrails, and patching things fast are all still good. But our response has to change so we can get ahead. Zero Trust can limit the blast radius.”

Ultimately, FS organisations will need a response rate that’s exponentially faster than it is today, one delegate concluded. “And that probably is going to mean that we need our own good guy agent going up against the bad guy agents, because I can't personally respond at machine speed.”