Bayesian network modeling for analysis of data breach in a bank

Abstract

Nowadays it is impossible to imagine a modern financial institution which operation does not depend upon information technology (IT). There has been a huge emphasis on data security recently. Financial institutions are the primary targets for different kind of abuse because they possess a lot of sensitive information that can easily be converted into money. That is why banks and other financial institutions are trying to protect themselves and their clients from different kinds of malicious activity. Data security is one of the most important aspects of everyday banking and an important part of a sound operational risk management (ORM). In modern world ORM lends itself well to IT and while it is difficult for companies, and in some cases impossible, to control external events, it is feasible to manage people, systems and processes in order to prevent or reduce operational losses. Most of information today is stored and transferred electronically that makes it more exposed to breaches. Leak of financial information about customers or classified business information about, for example, future investments might have negative effect on organization that was not able to protect it. That is why this type of exposure needs to be accounted for in the operational risk management system. Mitigating that risk through effective security controls can help in both lowering the probability of loss and decreasing the institution's capital requirements. Financial institutions use huge amounts of money and other resources to protect sensitive information. But in spite of huge investment into security, data breaches continue to occur. Financial institutions experience data breaches caused either by their own employees or external attackers. The “insider threat” or “insider problem” has received considerable attention and is cited as the most serious security problem in many studies. It is also considered the most difficult problem to deal with, because an “insider” has information and capabilities not known to other, external attackers. Companies do not have much internal information about data breaches. Information that is available from external sources is often not easy to analyze due to the variety of scenarios and/or incompleteness of cases. The companies face a challenge to develop an approach that draws upon information coming from different sources. The flexible modeling framework provided by Bayesian Networks (BN) makes it an appropriate candidate for modeling this challenging issue. In addition, BNs ability to represent complex interrelationships among entities and its mathematically sound interface can make it the best match to create a model for quantitative analysis of sensitive data breach.