Asset managers have been harnessing the power of digital innovation to strengthen their functions for many years. The ability to process large quantities of data from exchanges, custodians, pricing services and portfolio managers with some level of automation offers them considerable advantages in terms of efficiency and accuracy and provides a platform for growth. 

Artificial intelligence (AI) and machine learning (ML) undoubtedly represent the next leap forward in digital innovation. Asset managers have therefore been busy in recent years developing and applying new uses cases in areas such as operations, risk management, trading and client services. One area that has not received the same level of focus among many asset managers, however, is cybersecurity. The indications are that this is changing, and it has to. 

Quite simply, AI is faster than any human at analysing, detecting, monitoring and responding to cyber attacks. AI-based tools can be used to detect patterns of behaviour, automate processes, and instantly identify anomalies. They can inspect vast data sets to detect the patterns that indicate a weakness in or a threat in an asset manager’s cyber defences in record time and thanks to ongoing advances in machine learning, they adapt to evolving threats in real time.

A cat-and-mouse game

In some cases, AI already allows countermeasures to be generated and executed autonomously, which brings great added value and time savings for an asset manager’s cyber security team. On the other hand, cyber criminals are also utilising the technology, for example to quickly find personal or business-critical information in captured data. AI enables them to carry out more sophisticated and inconspicuous cyberattacks than before. 

Take the example of phishing emails. With the help of GenAI, cyber criminals can now easily create fake emails in many languages that appear more consistent, professionally formulated, and illustrated. Asset managers can use AI-based solutions that learn continuously and automatically adapt the rules to recognise and comb out such suspicious emails – but this approach, in turn, also motivates attackers to use AI tools even more effectively to write catchier texts. It’s a cat-and-mouse game in which cyber criminals and defenders try to outdo one another. 

As in any cat and mouse game, AI is being used both defensively and offensively. Take the example of “zero-day exploits” – cyberattacks that exploit unknown security flaws in an asset manager’s software, hardware or firmware. The fact that there is no protection against the new security vulnerability at the time of publication means that affected organisations should not only inform themselves about the new vulnerabilities, but also reduce the risk to their own IT as much as possible. For example, systems with unpatched vulnerabilities can be temporarily decommissioned. AI is being used on the defensive side to reverse-engineer these exploits, enabling developers to create patches for known vulnerabilities before they become public knowledge. On the offensive side, meanwhile, AI can detect and analyse anomalies from network traffic or user behaviour patterns on endpoints such as laptops or mobile devices that may indicate unauthorised access to the asset manager’s system.

AI complements human skills, but cannot replace them

Although AI offers great advantages through its ability to process massive quantities of data and draw conclusions from it, there remains a need for creative problem-solving when an asset manager’s organisation is confronted by sophisticated challenges and complex real-world situations. Human intervention is indispensable when it comes to training the AI, managing the source input it relies upon, or stepping in to rectify any mistakes. What’s more, as algorithms and machine learning are trained using historical data, they can make errors when dealing with previously unknown threats that don’t reveal themselves in the existing patterns.

In short, AI will continue to help asset managers automate processes and procedures and make them more efficient, which in turn will free up their cyber teams to spend more time on non-repetitive tasks. However, AI that can replicate all human capabilities is still years away. Asset managers will continue to rely on an interplay of human and artificial intelligence for a long time to come.