Protecting businesses from insider threats with machine learning
Employing user behaviour analytics to detect internal threats
Machine learning and AI are the latest tools being utilised by businesses to help prevent cybercrime and stop cyberattacks. However, what if these same tools could be used to help stop insider threats such as employees leaking or misusing company data?
TechRadar Pro spoke with Jazz Networks' CEO Hani Mustafa who explained how businesses have begun to employ user behaviour analytics (UBA) to help prevent negligence, fraud, data misuse and even sabotage.
Are employees that leak and misuse data to harm sellers a big problem for Amazon and other e-commerce platforms?
Yes, however employees that maliciously or unintentionally misuse data are a problem for everyone. E-commerce platforms can have a more seemingly immediate impact (if customer and payment data is exfiltrated), but the damages to any company can be detrimental.
How will the company use machine learning to prevent this kind of behaviour in the future?
Humans tend to follow predictable patterns – like physical locations, websites frequented, amount of data sent, applications used – and machine learning can see changes in those patterns faster than humans can. Adding layers of automation to the investigation process reduces the workload and false positives for security teams, allowing them to identify real threats faster without exhausting team resources.
Can you tell us a bit more about user behavior analytics (UBA) and how it can be used to produce internal threat intelligence?
UBA ties data back to an individual and creates a clear picture about what’s happening in an organization, and most importantly, why. Establishing that connection between a user and their action helps to quickly determine where (or with whom) a potential threat originated.
Are companies using UBA in conjunction with machine learning and has this approach been successful so far?
Absolutely. UBA allows you to generate behavioral details of employees, and machine learning helps navigate that data by filtering abnormal activity that requires attention. We’ve found that customers are looking to solve two main challenges: having enough visibility into their employees and having fast access to relevant data as it’s needed to investigate potential threats. This combination of technology solves both problems, while reducing the manual work required of their teams.
In addition to detecting malicious employee behaviour, can this technology be used to prevent the types of employee negligence that often leads to data breaches?
Many companies think that because they have rigorous background checks and seemingly ethical employees, ‘insider threats’ do not apply to them. Data exfiltration often occurs because an innocent person is targeted (through things like phishing attacks) at times when they’ve unintentionally opened the company up to risk. Machine learning and UBA can help with fast forensics when something goes wrong, and pinpoint behavioral issues that can be corrected in the future.
How do you think employees will respond to their employers using UBA and machine learning to keep a closer eye on their work?
While it may feel uncomfortable, many employee contracts already include verbiage about company-issued technology and intellectual property. Network monitoring isn’t new - and employees have likely been monitored on the network if they’ve worked inside of an office. UBA and machine learning simply ties this data back to an individual in efforts to reduce the ways a single employee can bring risk to a company.
Do you believe more companies will adopt machine learning next year?
Yes, however this concept itself isn’t new. Ranging from self-driving cars to cybersecurity monitoring, machine learning helps eliminate noise and narrow in on the necessary details. With larger data sets becoming the norm, other algorithms cannot provide the level of advanced analytics needed to create actionable data. The ability to scale security solutions relies on technologies like this to alleviate work required by human teams, so they can focus on high-impact events.
Hani Mustafa, CEO of Jazz Networks
- We've also highlighted the best AI platforms for business
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Hani has 17+ years’ experience in security related roles, including systems, networks, and software security. Since becoming one of the youngest Cisco Certified Internetwork Experts in security worldwide in 2004, Hani has built multiple commercially successful security products for long-established companies and startups. He is creative person with a positive attitude.