The typical cybersecurity application involves safeguards and mechanisms to protect against outside compromise. However, insider threat can be extremely destructive – when an employee is compromised and is acting from within or an employee is acting in a non-malicious yet risky manner that leaves the organization vulnerable to attack. Insider threat can be difficult to detect as a compromised employee is acting permissibly and is therefore not explicitly breaking rules yet is creating a pattern of suspicious behavior.
Pandata partnered with FirstEnergy (a Fortune 500 utility company) to develop an AI solution around insider threat detection to create a Holistic Risk Profile for all employees based on physical and digital behavior. This approach builds on user behavior analytics – profiling behavior to determine first what constitutes normal, then determine what is abnormal, and finally, what is malicious.
Through a partnership with the internal cybersecurity analysts, we incorporated human expertise alongside machine learning to develop a model that both detects abnormality and attributes risk to patterns of behavior. While the work is still ongoing, this AI solution reduces the number of events a cybersecurity analyst needs to investigate from tens of thousands to tens allowing them to focus on the infrequent yet noteworthy events that would have otherwise been missed.
Hard-coded rules can only go so far – threats are constantly evolving and can catch analysts off-guard, especially with the sheer volume of information that needs to be processed. This use-case was especially challenging due to the lack of labeled data. Incorporating human intuition through human-in-the-loop AI resulted in a solution that was better than either individually.
Before designing an AI solution, it’s critical to understand some of the top challenges regulated industry leaders face when considering AI.
In this resource, globally recognized AI Strategist and Pandata CEO, Cal Al-Dhubaib, shares some of the challenges he’s repeatedly seen throughout his years of working with leaders in regulated industries—and how to overcome them.
Fill out the form to access these insights.