Addressing Internal Threats with Analytics

Today in Security: Addressing Internal Threats with Analytics

​​Employees stealing from their own companies costs businesses around the world billions of dollars every year, according to recent studies.

The methods used by these thieving employees vary. Some skim cash from the reserves or walk away with inventory. Some alter numbers on payroll checks. Some pull off various embezzlement schemes, such as reporting false expenses. And some leak or misuse data for malicious intent. 

Now, firms are finding new ways of detecting these threats. One new method is the use of user behaviour analytics (UBA).

Recently, published an interview with Jazz Networks' CEO Hani Mustafa, about how businesses have begun to UBA, in conjunction with machine learning, to help prevent negligence, fraud, data misuse, and sabotage.

In essence, these businesses are using UBA and machine learning techniques to analyze human patterns. Most employees tend to follow predictable patterns, such as physical locations visited, websites frequented, and amounts of data sent. Machine learning can assess changes in those patterns faster than humans can.

Through use of UBA, companies can generate behavioral patterns of employees, and machine learning helps navigate that data by filtering abnormal activity that requires attention. The automation allowed by these tools reduces the workload and false positives for security teams, so they can identify threats faster without exhausting team resources.

UBA can link data back to an individual and create a picture about what's happening in an organization. Establishing that connection between a user and his or her action helps to quickly determine where the potential threat originated.

Having enough visibility into their employees and having fast access to relevant data as it's needed to investigate potential threats. This combination of technology solves both problems, while reducing the manual work required of their teams.

Moreover, these technologies can also be used when the bad actor is outside the organization and targeting an innocent employee within. Data exfiltration often occurs because an innocent person is targeted via a phishing attack. In these instances, the employee may have unintentionally opened the company up to risk. Machine learning and UBA can help with forensics when something goes wrong, and pinpoint behavioral issues that can be corrected in the future.

Of course, the concepts that these technologies embody are not new. Machine learning has been used often in the past to help eliminate extraneous noise and narrow in on key details. Now, larger data sets are becoming the norm, and analytical tools like UBA may help provide the level of advanced analysis needed to create actionable data.

More information on internal fraud trends can be found in the August 2018 issue of Security Management.​ The use of UBA will be further covered in the magazine's News and Trends section in an upcoming issue.