Читать книгу The Digital Big Bang - Phil Quade - Страница 40

In the area of financial transactions and the issuing of credit cards, we once asked humans to collect and analyze datasets and then make a binary decision about whether to grant credit. Two of these tasks—collecting and analyzing data—might be relatively time consuming and labor intensive, even if making the actual credit decision was relatively quick. In a post-computerized world, the process may be far more thorough (involving more data), happen far more quickly, and may all be done by machine. Simply put, greater connectivity, faster transmission and processing speeds, and machine algorithms have streamlined the process, resulting in faster and potentially more accurate decisions at lower cost. Yes, there are challenges with this approach, ranging from privacy concerns to biased datasets to faulty algorithms, but with appropriate controls and oversight, the risk is manageable.

More than just increasing transaction processing, the speed with which data can be collected, analyzed, and acted on may serve to protect both consumers and banks. For example, by more quickly analyzing spending patterns, banks can more quickly detect anomalous transactions and alert consumers of potential fraud. Perhaps more interestingly, banks themselves benefit from new computer security protections, particularly as they embrace cloud-based services. The reason is simple: In the cloud, we can harness new security capabilities that reduce security response times so that they more closely track the speed of malware distribution. This is best explained by example. Defenders of networks have long highlighted the importance of information sharing. Using the Financial Services Information Sharing and Analysis Center (FS-ISAC) as an example, if Bank A sees an attack, it notifies the ISAC. The ISAC notifies other banks, which then look for indicators of compromise on their networks. Other sectors have ISACs as well.

Although this model works well, it has challenges. First, it requires information sharing, which happens well in some sectors but not as well in others. Second, information distribution and analysis can take time. Third, the information may not flow to all players (for example, in the case of the financial sector, smaller banks may be less engaged). By contrast, as banks move to the cloud, the speed of response can increase dramatically. For example, Microsoft's Advanced Threat Protection strips attachments from emails, runs them in detonation chambers, and looks for malware. If found, that malware can be searched for throughout the cloud. This means if Bank A is attacked, all other banks—and other customers outside the financial sector—can quickly be protected from that attack. Simply put, protections can be broadly deployed to more entities without information-sharing delays. Moreover, as more customers move to the cloud, the amount of telemetry increases and protections improve. Thus, in the context of these financial transactions, speed provides significant benefits.