Thomas Mazzaferro, chief AI data and analytics officer at Truist Bank, said the bank partners with providers that use AI for threat detection and to scan the environment to take down attacks. Mazzaferro said his bank uses AI not only for detection but also to scan the entire ecosystem, both on-premise and in the cloud, to map where critical data resides and understand exposure. Truist uses machine learning models for scanning in cases where it has “defined inputs, defined logic, and defined outputs,” he said. For detecting undefined threats and attack vectors, where patterns may differ from normal, the bank uses solutions based on generative AI, which is more tolerant to unstructured data. Models that Truist trains internally on the bank’s own data are less valuable than models trained by vendors on data from multiple banks, Mazzaferro said. He indicated a preference for partnering with vendors and focusing on integrating these solutions and automating the response to alerts and triggers because combining data provides more threat patterns for the models to recognize. He said the focus should be on minimizing bias and ensuring models perform as expected. This happens when a bank establishes guardrails and monitors model outputs in near real time to ensure they remain within defined thresholds. Truist maintains a “champion-challenger” mindset, training a discovery model in parallel with production models so that if a deployed model performs inappropriately, there is an alternative to assess. Mazzaferro noted that while the technology exists, the bigger challenge is overcoming the “human behavioral piece” and resistance to changing how teams think about their work.