Chief Digital & Technology Officer George Ho shares his thoughts on the future of cybersecurity in finance
By George Ho
As any good football coach knows, defence keeps you in the game. That approach holds true in cybersecurity, which is a full-contact battle in its own right. Traditionally, we build walls, patch vulnerabilities, and train our teams to spot threats.
Smarter defences are the next frontier of security. As the threat environment evolves, our response must evolve. Artificial Intelligence (AI) is the catalyst for a fundamental shift, moving cybersecurity from a static, perimeter-based model to a dynamic, predictive, and intelligent framework.
Shifting our mindset from threat detection to threat pre-emption
The threats we face today are not the same as they were even a year ago. Ransomware, phishing, and business email compromise remain prevalent, but their execution has become dangerously sophisticated. Adversaries are now armed with AI, enabling them to launch hyper-realistic social engineering attacks, create convincing deepfakes, and develop malware that adapts in real time to bypass traditional security measures. Fighting these new threats with old technology is like bringing a shield to a drone fight.
The paradigm has shifted. People remain a significant variable in the security equation, but they can no longer carry the primary burden of defence Instead, we must empower them with systems that act as a workforce multiplier. At Aviso, we view AI as precisely that—a force that grants us more visibility into security events, enabling us to identify and neutralize potential issues before they cause widespread damage.
A layered defence model is the new standard for cyber-resilience
A single security solution, no matter how advanced, is a point of potential failure. True cyber resilience comes from a multi-layered, evolving defence model where technology, processes, and people work in concert. It’s not enough to simply deploy an AI platform and consider the job done. Threats are constantly evolving, and so we must continuously improve our security infrastructure.
Our strategy focuses on strengthening our processes to meet globally recognized frameworks, such as the National Institute of Standards and Technology (NIST). This is not a checkbox exercise; it’s a commitment to developing superior capabilities to identify, protect, detect, respond to, and recover from threats. By using technologies that scan for the same vulnerabilities that bad actors look for, we can proactively manage our exposure and close any potential entry points.
Predictive analytics moves security from the back foot to the front foot
The most significant advantage AI offers is the ability to shift from a reactive to a predictive posture. Machine learning algorithms can analyze billions of data points across a network, establishing a precise baseline of what constitutes normal behaviour for every user, device, and application.
When a deviation occurs—an employee logging in from an unusual location, a server initiating an uncharacteristic data transfer, or an email containing subtle linguistic cues of a phishing attempt—the system can flag it instantly. This is real-time anomaly detection with powerful predictive capability. By correlating seemingly unrelated events, AI can identify faint signals of an impending attack before it materializes. This is the difference between cleaning up a breach and preventing one from ever happening.
For our partners and their clients, this predictive capability represents a tangible layer of protection. When our AI systems detect anomalous activity, they can trigger an automated response. This reduces our response time from hours or minutes to mere seconds, allowing us to contain threats before they escalate.
A secure finance industry demands collaboration, not competition
As cyber attacks continue to grow in both frequency and sophistication—especially those leveraging social engineering, impersonation, and AI-generated campaigns—the industry must respond with a united front. Threat actors are already highly organized and collaborative, so it’s time for us, as defenders, to adopt the same strategy. By fostering greater openness about the security challenges we and our competitors encounter, we can strengthen our defences collectively, raise the standard for everyone, and better protect our partners and clients.
At Aviso, we are uniquely positioned to facilitate this spirit of collaboration across our network of credit unions, portfolio managers and introducing brokers. The cost of maintaining state-of-the-art cybersecurity will only increase, but by leveraging our collective scale, we provide access to advanced technologies and deep expertise that might otherwise be out of reach for many firms. In doing so, we help democratize security and increase resilience throughout the entire financial ecosystem.
At the core, our commitment to innovation and security ensures our partners and clients can grow with confidence. Ultimately, we must remember a simple truth: cybersecurity is not a differentiator when done well, but it is a profound disadvantage when done poorly. As we navigate the complexities of this digital age, we’re committed to building a future where the finance industry is innovative and intrinsically secure.
