Last year, AMP\u2019s cyber team took a \u201cfairly audacious target\u201d to the board: bring down the number of cyber security vulnerabilities across the company by ten to 15 per cent every month.\n \nBut, as is the case across industry, the ever rising number and scope of vulnerabilities the security team was facing could not be met with a proportionate increase in funding.\n \n\u201cThere\u2019s no way we couldhellip;go back to our executive board and ask for an exponential increase in the funding for cyber, it\u2019s just not going to happen. Throwing bodies at it just isn\u2019t the answer anymore,\u201d explained CTO Chris Bell at AMP's Amplify technology event in Sydney last week.\n\u201cSo we\u2019ve taken a different perspective.\u201d\n \nInstead, AMP has got smarter in the way it deals with security threats: leveraging automation and advanced analytics, hiring a data scientist to its cyber function, introducing gamification concepts to tackling vulnerabilities and ramping up its employee education programme.\n \nAutomation\n \nLast year, AMP rolled out a user behaviour intelligence platform by DTEX, a company founded in Adelaide.\n \nThe platform combines lightweight visibility with analytics to detect insider threats, based on a user\u2019s normal behaviour. AMP integrated it with ServiceNow so that a ticket is automatically raised to the cyber security team when a policy breach occurs.\n \n\u201cIt cuts down the time between when an issue occurs and actually being able to action it from days to hours, hours to minutes,\u201d AMP\u2019s head of cyber security Rahn Wakeley said.\n \n\u201cWe\u2019ve had a lot of success gaining insights into things that would otherwise go undetected by antivirus and firewalls and all that, just based on behaviour,\u201d he added.\n \nA Qualys-based system for scanning and vulnerability management has also been integrated into ServiceNow giving similar benefits, Wakeley said.\n \n\u201cGiven the size and scope of attacks that are happening, [it\u2019s about] how do you better leverage some of the tooling we\u2019ve already got and start to use things like machine learning and advanced analytics to better predict some the issues we\u2019re having and better respond to cyber attacks,\u201d Bell added.\n \nData games\n \nEarlier this year, AMP hired a data scientist to its cyber security team, the first among them not to come from a computer science discipline but rather a hard mathematics background.\n \n\u201cHer job is helping us understand why these vulnerabilities exist, using data science, using performance analytics, hardcore maths, algorithms and so. To work out what is the best possible strategy to reduce a vulnerability, per portfolio and at the aggregate level,\u201d says Wakeley. \u201cWe don\u2019t have necessarily the deep pockets that some of the big banks have. So for us it\u2019s about an unrelenting focus on the basics.\u201d\n \nThe data scientist \u2013 \u201cthe rate at which she\u2019s picked up cyber has blown me away,\u201d adds Wakeley \u2013 also produces regular dashboards for the IT teams.\n \n\u201cIt says to them \u2013 what are their servers, what are their vulnerabilities, how are they going with their peers, who else has already fixed this vulnerability, what did they do,\u201d Wakeley says. \nThe process \u2013 which adds an element of \u2018gamification\u2019 to the work \u2013 allows the IT function to reduce the amount of unnecessary repeat testing of fixes, Wakeley explained.\n \n\u201cIf we\u2019ve done it so many times before maybe we don\u2019t need to put it through two weeks of post verification testing \u2013 that compresses the time and saves us money,\u201d he said.\n \nThere has also been a significant investment in building cyber awareness among AMP\u2019s employees and clients.\n \n\u201cWith the increasing sophistication of attacks, and the humanistic element. You still need eyes on glass and people to be across those things,\u201d Bell said.\n \nThe cyber security team runs regular \u2018lunch and learns\u2019, which are optional sessions for employees to learn about information security. A recent lunch on keeping children protected online was a full house.\n \nThere are also mock phishing campaigns, based on recent examples and a reach out programme for the \u2018perpetual clickers\u2019.\n \nDespite the significant progress, Wakeley says that with cyber security, the work is never over.\n \n\u201cOne of our big focus areas this year is to drive down vulnerabilities. That number [of vulnerabilities] is going up by 11 per cent month on month. So just to stay still you have to be patching at a rate of ten per cent," he said.\n"Just to keep still, we actually have to work a lot harder."