Banks must be wary of AI security risks, regulator says

NYDFS Superintendent Adrienne Harris says financial services firms have to keep their cybersecurity measures up to snuff, lest they fall victim to cyber threats.

October 21, 2024 by Gabrielle Saulsbery, Banking Dive

The New York State Department of Financial Services issued new guidance Wednesday advising financial firms to assess and address cybersecurity risks arising from the use of artificial intelligence.

The guidance, which imposes no new rules or regulations, highlights four AI-related risks that financial sector workers need to be aware of, including social engineering, cyberattacks, theft of nonpublic information, and increased vulnerabilities due to supply chain dependencies.

The regulator warned of the use of deepfakes – AI-generated videos, photos or audio recordings – which are sometimes created in an attempt to “convince employees to divulge sensitive information about themselves and their employers. When deepfakes result in the sharing of credentials, threat actors are able to gain access to Information Systems containing Nonpublic Information.”

“AI-driven social engineering attacks have led to employees taking unauthorized actions, such as wiring substantial amounts of funds to fraudulent accounts,” the regulator cautioned.

Banks must be wary of AI security risks, regulator says

NYDFS Superintendent Adrienne Harris says financial services firms have to keep their cybersecurity measures up to snuff, lest they fall victim to cyber threats.

Stay connected to the credit union community with our free newsletter!

You have Successfully Subscribed!