Connect with us

Hi, what are you looking for?


Cloud Security

With $600 Million Cybersecurity Budget, JPMorgan Chief Endorses AI and Cloud

JPMorgan Chase spends Roughly $600 Million Annually on its Security Efforts, and Employs Around 3,000 People Involved With Cybersecurity

JPMorgan Chase spends Roughly $600 Million Annually on its Security Efforts, and Employs Around 3,000 People Involved With Cybersecurity

In his annual letter to shareholders, Jamie Dimon, chairman and CEO of JPMorgan Chase discusses the position and role of the bank in America and the American economy. Against a background of strong performance ($32.5 billion in net income on revenue of $111.5 billion in the last year), he talks about the bank’s principles and strategies, comments on current critical issues, and describes the bank’s public policy.

Within this letter (PDF), he makes several statements on cyber and cybersecurity. He endorses cloud, confirms the growing use and value of artificial intelligence (AI), prefers a federal privacy law, and describes the importance of cybersecurity.

“On the importance of the cloud and artificial intelligence, we are all in,” he says. To some degree, the two are linked. The exponential scalability of the cloud “will be especially relevant as we scale up our artificial intelligence efforts.” 

Three advantages offered by the cloud are stressed: scalability, development and security. For development it provides a ‘frictionless’ experience that improves prototyping and increases “the speed of delivering new capabilities to our customers and clients.” On security, he suggests that the cloud can now meet the demands of large enterprises around “security, audit procedures, access to systems, cyber security and business resiliency.”

JPMorgan Cybersecurity SpendingAs a result, JPMorgan Chase will be ‘refactoring’ most of its applications to take full advantage of cloud computing.

Artificial intelligence (AI) and machine learning (ML) “are helping us reduce risk and fraud, upgrade customer service, improve underwriting and enhance marketing across the firm. And this is just the beginning.” The bank has two important AI projects: Algo Central (not mentioned in this letter) and DeepX. 

Algo Central is a trading platform. Its algorithms are designed to allow clients to use predictive analytics to tailor orders, and change the speed and execution style while the trade is live.

“DeepX,” explains Dimon, “leverages machine learning to assist our equities algorithms globally to execute transactions across 1,300 stocks a day, and this total is rising as we roll out DeepX to new countries.”

Advertisement. Scroll to continue reading.

Dimon is equally enthusiastic on the role of ML in fraud prevention and detection. It provides, he says, a better customer experience while improving performance. “We are now able to approve 1 million additional good customers (who would have been declined for potential fraud) and also decline approximately 1 million additional fraudsters (who would have been approved).”

He also expects ML to reduce check fraud and improve Anti-Money Laundering/Bank Secrecy Act protocols and processes. But this is just the beginning. The combination of cloud scalability in storage and computing power, the ability to analyze vast data sets and rapidly change applications means, “we have only begun to take advantage of the opportunities for the company and for our customers.”

Cybersecurity, he says, “may very well be the biggest threat to the U.S. financial system;” but he sees hope in the increasing mobilization of both industry and the federal government to combat the threat. The bank spends around $600 million every year on its security efforts, and employs around 3,000 people involved with cybersecurity.

He makes two points on privacy — always an important subject for banks. He comments on the European approach to privacy, which he says includes the right principles, but is difficult to implement. He believes that the U.S. should have its own privacy laws, but they should be at the national rather than federal level. “Different state laws around privacy rules would create a virtually impossible legal, compliance and regulatory-monitoring situation.”

He finishes his comments on cyber with a veiled swipe against social media giants like Facebook and Twitter. “The most crucial privacy issue of all relates to protecting our democracy.” He points out that the First Amendment does not extend to foreign governments, entities or individuals, yet “foreign governments and others are aggressively using social media and other platforms to confuse and distort information.”

He believes that this should not be allowed, and that there are ways to address the issue. “We will be talking more about this issue in the future,” he says.

Related: Facebook Chief Says Internet Firms in ‘Arms Race’ for Democracy 

Related: State vs. Federal Privacy Laws: The Battle for Consumer Data Protection 

Related: Suspect Arrested in JPMorgan, Dow Jones Data Theft Case 

Related: Financial Regulator’s Algorithm Compliance Concerns Are Relevant to All

Related: 3 Public Cloud Security Myths Debunked

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.