The threat from within: using real-time monitoring to manage insider risk
The people who have the ability to hurt us most are the ones closest to us: family, friends, romantic partners, and the like. The same can be said for businesses: insiders are often the biggest security threat for any organization. In this super-connected age, insider risk can come from anywhere: employees, associates, business partners or third-party service providers.
According to Public Safety Canada, “An insider risk can be defined as anyone with knowledge or access to an organization’s infrastructure (both physical and computer networks) who maliciously, or by chance, misuses their trusted access to harm the organization’s employees, customers, assets, reputation or interests.”
Know your employees
Organizations that have a fiduciary responsibility to customers and that have access to large volumes of sensitive information are especially vulnerable. Employees with access to that information are expected to undergo more rigorous checks and monitoring than others.
Screening for new employees is fairly standard, but what about those more experienced, long-serving, trusted employees who move into positions that give them access to sensitive data? Is that trust implicit and extended as a matter of course? It is, in many organizations. According to Don Aviv, president of Interfor International, “This ‘one-and-done’ approach is a mistake. In our line of business, we’ve seen so many instances of insiders committing financial crimes for years, because they were beloved and trusted and no one suspected them.”
Know your partners
The potential risks posed by third-party relationships, including vendors, contractors, consultants, and service providers cannot be underestimated either. What’s more, businesses are increasingly being held accountable for the actions of their third-party relationships.
Valital’s responsible AI-powered platform was created as a way to help organizations better detect the potential risks posed by individual stakeholders. Through ongoing monitoring and analysis of adverse online news, Valital is able to use open-source intelligence to flag misconducts in real time, helping organizations make better, more confident decisions about the people with whom they choose to do business.
Be vigilant and resilient
Valital uses Natural Language Processing (NLP), a form of AI that enables computers to extract language from unstructured text. The AI learns human language and uses content and context to perform real-time search and pulse analyses of online media, blogs, and tweets, flagging misconducts related to universally recognized misbehaviours: discrimination, financial crime/fraud, harassment, violence, and abuse.
Human beings simply aren’t able to do the level of research needed to find this kind of information, especially since online search algorithms change often and the list of information sources grows by the day.
Organizations have to be vigilant and resilient, taking nothing for granted, especially where insiders are concerned.