Mark Gazit is the CEO of ThetaRay, a cybersecurity and big data analytics company that provides a platform for detection of unknown threat and risks to protect critical infrastructure and financial services.
Mark Gazit has over two decades of experience in the high tech industry, with a track record of maximizing revenue, net earnings, and shareholder value for startup, turnaround, and rapid growth global organizations in emerging markets and economies.
Before joining ThetaRay as CEO, Mark served as a Managing Director of Nice Cyber & Intelligence Solutions, an autonomous division of Nice Systems Ltd. Between 2002 and 2010, he served as Group President & CEO of SkyVision, a global telecommunications company that he took from the start-up stage to an international company serving over 50 countries worldwide.
Could you share the genesis story behind ThetaRay?
Two mathematics professors — Ronald Coifman from Yale, and Amir Averbuch from Tel Aviv University who spent ten years with IBM's T.J. Watson Research Center, Yorktown Heights, NY — decided 15 years ago to research an advanced level of artificial intelligence. They were the pioneers of developing algorithms that go beyond machine learning to actually mimic the way that human intuition, common sense and gut feeling work. Their idea was to assist doctors, investigators and executives in the decision-making process. And it worked! So, they established ThetaRay, and I joined as CEO. We quickly proved that the tech is good at both protecting critical infrastructure against cybersecurity attacks and helping airline companies, but then we found that the biggest need and strongest pain was felt by financial institutions, because the move to digital had created an exponential increase in high risk transactions and threats. So we took those algorithms, converted them into well-defined and well-packaged products, and began helping large financial institutions solve these problems.
How has the world of financial crime changed over the past decade?
It has changed dramatically and permanently. It actually went through a tectonic change even before Covid-19, because of the growth in digital financial services. Suddenly, people didn't have to physically visit a bank to conduct transactions or open an account anymore. This was very convenient for consumers but became a nightmare for banks and created opportunities for the bad guys, because they no longer had to take a shotgun or Uzi into a bank branch to steal money. Instead, they could put a server in some other country, use it to hack the bank and access hundreds of millions of bank accounts, steal a relatively small amount from each, move that money around the world, and then shut down the server and disappear forever. And it's not just hackers doing it; governments have jumped on it too. North Korea stole $81 million from the Bank of Bangladesh by hacking into the SWIFT network. Iran uses cybersecurity hacks to steal money as well. And just recently, it was reported that Hezbollah used French banks to finance terrorist activities in Lebanon. When Covid-19 came along, it simply made a bad situation even worse. People couldn't come to the bank branch anymore, so even opening an account became a digital exercise. In the past, banks could force people to come and physically present themselves. Now it's all possible without even visiting a branch.
Why do existing systems no longer work to fight financial crime?
They were developed to protect banking systems based on long-running wisdom that had existed for hundreds of years. However, the banking world underwent a very fast and sharp transformation over the past decade, so existing systems were unprepared. No matter whether they're based on rules, models or simple machine learning, they still require some sort of prior experience to anticipate what bad guys will do and create the proper solutions. This approach no longer works because most of today's attacks didn't exist even a year ago, so a solution that relies on prior experience is not enough. Also, the response time is pretty slow. It takes a bank an average of four months to create a new model, but only takes bad guys four seconds to create an attack vector. In fact, in many cases, they are A/B testing, trying two or three attack vectors simultaneously to see which one is most successful. This new world of financial crime requires a new world of technology solutions.
ThetaRay has designed a system that works more like human intuition, can you explain how this intuitive AI works?
ThetaRay mimics the way that experienced investigators work. When you take somebody experienced in their field, they have an ability to discern when something doesn't smell right. Think of the gut feelings we have in our everyday lives: When you drive a new car, you may not understand anything about mechanical engineering, but when you hear a weird noise, you know there's something wrong with the car. When a child goes to school, he knows after one day who the good and bad guys are. That's how ThetaRay's system works. It looks at the interdependencies of many different features over time and, very much like experienced investigators, comes to the right conclusions. The difference is that our systems can digest 50 years of experience in a few hours. And when we install our systems, not only do they detect issues that are difficult for other solutions to detect, but they ensure that the alerts are relevant by reducing false alarms by 99%.
What are the different types of machine learning systems that are used?
ThetaRay has developed and uses, among others, an ensemble of proprietary computational tools from machine learning and AI that are based on neural networks, harmonic analysis, stochastic processing, matrix decomposition and geometry of information to efficiently uncover illegal financial activities, with high detection rate and very low false alarms, through unsupervised and semi-supervised methodologies. These methodologies come from different mathematics and ways of thinking. They enable us to have a fast forensic and to trace the root cause of the features that cause an anomalous behavior, so our AI is fully transparent and not a ‘black box.’
How do banks use the ThetaRay platform?
The platform serves many banks and financial institutions, including fintechs and PSPs. It is installed on-prem or in the cloud; we support all major cloud services, including Amazon, Oracle, Microsoft or Google. It monitors all the transactions (without storing the information, of course); when everything's okay, the system is quiet, but if it sees suspicious activity, it notifies the relevant people. It can report anomalous transactions, suspicious entities and systemic financial crime, which is much more difficult to discover. Systemic financial crime is that which involves not just one transaction of somebody stealing 10,000 dollars, but thousands of $5-to-$50 transactions involving different accounts and locations that seem unrelated but are all managed by one single computer or network. So the banks not only increase their level of reliability, but actually identify potentially disastrous financial crimes while reducing their false alarm rates significantly. This increases customer satisfaction and decreases the time to investigation by 50%. Our correspondent banking and cross-border payments solutions are game-changers, enabling banks to boost their profitability and, even more importantly, increase financial inclusion by working with more customers in more countries.
Recently ThetaRay technology detected a child trafficking scheme, could you share some details on this?
One of the largest banks in the world found that a subsidiary in Europe was used to launder money intended to finance child trafficking. It was a very sophisticated scheme involving many cross-border banking transfers related to ‘medical tourism' without clear business activity. It is the kind of crime that is almost impossible to discover unless you know what you're looking for. Our system discovered it in days. The bank immediately filed an SAR, and a law enforcement investigation revealed that it was tied to child trafficking.
Can you give us another example of a success story with the ThetaRay platform?
One of the largest banks in the world installed our systems and became able to manage risk much more successfully. They were previously unable to serve customers with cross-border payments to high-risk countries in Asia and Africa, but when they installed our system, they could start serving those countries. This increased their profitability and customer satisfaction significantly and, in a way, helped improve the world by enabling financial inclusion so residents of those countries could receive money. Previously, people trying to send money into those regions would have to pay huge commissions or, in some cases, were prohibited from doing it at all.
Is there anything else that you would share about ThetaRay?
We use a very unique and sophisticated type of AI. Prof. Coifman has received awards from DARPA and the National Science Foundation; he and Prof. Averbuch are brilliant mathematicians. But this makes some people wonder, “Is it too sophisticated? Is it dangerous? Are we playing with fire?” Every new innovation creates fears. When print was created, people worried that it meant the end of human memory. When cars were invented, people feared that it signaled the end of the family unit, because people could move to other places. But the pros are much stronger than the cons. In this world of financial crime, we have no choice but to create powerful and sophisticated AI that will help us, because the bad guys have been using AI for a while and they follow no rules or regulations. We need to continue developing digital guardians that we can train, educate and nurture to help us protect our systems against the rogue AI. We are very proud to help financial institutions conduct more transactions in a way that is more profitable, while simultaneously developing a much safer world of payments and creating trust where no trust existed before.
Thank you for the great interview, readers who wish to learn more should visit ThetaRay.