Comprehensive approach to anomaly detection needed for better cyber governance says GCash exec

Mel Migrino, GCash’s Chief Security and Privacy Officer.

To prevent cyberattacks and protect its users against security threats posed by hackers, digital-first companies such as Mynt tap artificial intelligence that can detect anomalies.

Mel Migriño, Chief Security and Privacy Officer at Mynt, which runs GCash, underscored the value of anomaly detection as a key pillar of the company’s cyber governance policy and explained how AI-dependent bots help prevent security issues among digital assets.

“Anomaly detection should be taken seriously and should be supported by a strong change management affecting people and processes. It should enable risk awareness on how we look at innovation. Hence, the need for a risk-conscious organization.” Migriño told participants at The Manila Times 10th Business Forum on Digital Transformation and Innovations last July 16.

Mel Migrino, GCash’s Chief Security and Privacy Officer.
Mel Migrino, GCash’s Chief Security and Privacy Officer.

In the case of GCash, AI-powered bots help maintain the integrity of its systems, which contain information shared by GCash’s 20 million users. AI can be configured to check a system’s integrity, identify anomalies, and strengthen security, Migriño said.

AI-powered bots can also be tweaked to crawl the web and identify systems that are vulnerable to data breach. AI is responsible for tasks that are repetitive or done periodically such as pushing out advertising messages on social media or emails.

“AI tracks what you do on the web and sees the sites you visit online,” Migriño said.

It takes quality investments in technology coupled with constant intelligence-gathering to be ahead of the curve, the tech expert said.

Migriño advised organizations moving toward a digital transition to spend time and effort to transform the prevailing perspective through change management.

“If organizations are used to locked physical file cabinets, securing data to the cloud is not as simple a story as using a padlock and key anymore,” she said.

Security tools can be programmed to detect different kinds of system-wide threats such as attacks (port scanning, dictionary attacks, etc.), traffic anomalies (DNS, DHCP, multicast, etc.), internal security (viruses, malware, etc), unwanted applications (P2P networks, instant messaging, etc.), anomalies in device behavior (change of the long-term behavior, profile of a device), and operational problems (delays, excessive load, etc).

Security practices and habits must also change, and the shift must be managed carefully to be successful in the transition, Migriño said.

GCash is the leading mobile wallet in the Philippines. Its user base has grown exponentially from 2 million to 20 million in just four years, and its merchant partners now number more than 50,000.