AI Threat Modelling: Protecting Information with Zero Trust in 2025

The financial services industry is grappling with a growing number of threats that seek to steal billions and disrupt businesses, destroying decades of trust.

Cybercriminals continue to expand their marketing capabilities, targeting companies’ gaps in information security. From trying to tools LLMs recent adversarial use AI techniques for identity theft and dedication artificial illusionCyber ​​criminals, criminal groups and government actors are all targeting financial services.

This is how it is Price Companies (formerly Guaranteed Rate) is dealing with the growing number of information-based threats – and what other industries and business leaders can learn from their experience.

How Rate Companies Protect themselves from AI-driven threats

Financial institutions face more than $3.1 billion in view of the known fraud, which grew by 14.2% in the last year, while deepfakes jumped by 3,000% and is expected to rise another 50 to 60% in 2024. Not to mention that smishing articles, MFA fatigue and deep viewing have become more common.

As the second largest lender in the US, Rate has billions of transactions made daily, making the company a prime target for cybercriminals.

VentureBeat recently sat down (virtually) with Katherine Mowen, SVP of information security at the financial institution, to find out how they are developing AI at the foundation of Rate, with a focus on protecting customers, employees and partners.

“Because of the nature of our business, we face very high and ongoing threats,” Mowen told VentureBeat. “We’ve seen others in the real estate industry get crushed, so we had to make sure that doesn’t happen to us. I think what we’re doing now is fighting AI with AI.”

Mowen explained that addressing AI threats is critical to protecting customers and the billions of dollars in revenue the company generates each year. He added that “even the best security measures don’t matter if an attacker just steals user credentials.”

These realizations pushed Rate to improve fuzzy recognition and integrate real-time response strategies. The company has taken a zero-reliance approach and assumptions, placing every decision about identification with continuous verification.

Today, Rate is working with a “trust never, always verify” approach to verifying your identity, which is the core concept of zero trust. Using an AI-based threat model, Rate is able to identify potential opportunities and monitor all activities and workflows in real time, another cornerstone of a solid zero-based approach.

The company recognized the need to address the ever-increasing window to detect and respond – the average eCrime period is almost over. 62 minutes. To deal with this problem, the agency adopted a “1-10-60” SOC model: 1 minute to detect, 10 minutes to act and 60 minutes to be a threat.

Lessons learned from Rate in developing AI threat protection

To expand and cope with the changing nature of the mortgage business – the workforce can rise from 6,000 to 15,000 depending on demand – Price needs a cybersecurity solution that can expand the license and integrate several security layers. Each AI threat vendor has unique pricing for building modules or software together to achieve this. The solution that has made Rate more logical is CrowdStrike’s flexible license, Falcon Flex, which allowed Rate to stand on the Falcon platform.

Mowen explained that Rate was also faced with the challenge of finding each regional and satellite office with limited access, managing their data and access and setting access time limits while managing each project. The scale relies on AI threat models to accurately define access, monitor all transactions and process operations in real-time, which is a two-corner requirement to create a scalable zero trust framework.

Here’s an analysis of Rate studies that used AI to thwart known threats:

Identifying and managing information is key to the table and is where security teams need to win quickly

Rate’s data protection team began tracking a growing number of threats, involving private data targeting credit officers working remotely. Mowen and his team evaluated a number of platforms before choosing CrowdStrike’s Falcon Identity Protection based on its ability to detect the most common attacks on them. “Falcon Identity Security gave us the visibility and control to protect against these threats,” said Mowen.

The use of AI to reduce the noise-to-signal ratio in (SOC) and ultimately should be a priority.

Rate’s previous salesperson was making more noise than possible information, Mowen said. “Now, if we’re on the site at 3 in the morning, it’s always scary,” he said. The scale is based on CrowdStrike’s Falcon Complete Next-Gen monitoring and response (MDR) and the integration of Falcon LogScale and Falcon Next-Gen security and event management (SIEM) to centralize and analyze logs in real time. “Falcon LogScale lowered our total cost of ownership compared to the complex SIEM we had before, and it’s easy to integrate,” Mowen said.

Define a clear, measurable and mapping strategy for achieving cloud security at scale

As the business continues to grow organically and through acquisitions, Level needs cloud security that can scale, collaborate and adapt to market trends. Real-time visibility and detection of erroneous changes in cloud pricing were essential. The scale also required integration across different cloud environments, including real-time visibility across the entire security landscape. “We manage a workforce that can grow or shrink quickly,” Mowen said.

Look for every opportunity to combine tools to improve the final look

In order for AI threat models to be able to detect attacks, endpoint detection and response (EDR), information security, cloud security and additional modules must all be under one console, Mowen said. “Integrating our cybersecurity tools into a unified system makes everything – from management to incident response – more efficient,” he said. CISOs and their information security teams need tools to provide a clear, accurate view of all assets through a single monitoring system, which can flag errors, vulnerabilities and unauthorized access.

“The way I think, your attack position is not your only thing – it’s time. How long do you have to respond?”, said Mowen, emphasizing that accuracy, precision and speed are important.

Redefining resilience: Identity-centric zero trust and AI security strategies for 2025

Here are some key takeaways from VentureBeat’s interview with Mowen:

• The notices are out, and if your company doesn’t see it, it will in 2025: Identity is considered a weak point in many technologies, and attackers are constantly developing products to exploit it. AI threat detection can protect information through continuous verification and error detection. This is necessary to keep customers, partners and employees safe from the ever-increasing threats.

• Beat the AI ​​with the AI: Using AI-powered defenses against AI-based tactics, including fraud, deep and artificial fraud, works. Self-recognition and response will reduce the time needed to identify and defeat attacks.

• Always prioritize real-time feedback: Follow Mowen’s guidance and adopt the “1-10-60” SOC model. Speed ​​is of the essence as attackers set new standards based on how quickly they can access corporate networks and install ransomware, search for information management systems and reorganize transactions.

• Create a zero trust core for information security, strengthen access, continuously verify information and monitor any incidents if a breach has already occurred: Each organization must define its own strategy to achieve zero trust. The fundamentals are self-evident, especially in highly targeted industries including financial services and manufacturing. A confidence interval of zero assumes that a violation has already occurred, making the assessment necessary in any method to be reliable.

• If possible, streamline the SOC workflow to reduce fatigue and free up second- and third-level analysts.: What you can take away from Rate is how AI threat analysis works together with system optimization in the SOC. Consider how AI can be used to combine AI and human technology to continuously monitor and contain emerging threats. Always consider how human-centered design improves AI accuracy while also providing SOC professionals with on-the-job learning opportunities.