Recently, FBI indicted a former Houston employee of JP Morgan Chase for allegedly stealing $400,000 from the bank accounts of fifteen senior citizens. The intruder got unauthorized access to customer accounts and later sold data, including PINs, Social Security numbers and birth dates, as well as debit and bank account security codes, to an informant. This is just one instance out of several other instances of grand larcenies.
Today, when you ask large companies about how resilient their security strategies tend to be, their reply may vary from ‘We’re sound’ to ‘my employees are seasoned professionals, they have been with me for years’, we do background checks’ ‘we are a family and family never steals! But not long afterward, these companies get to know that their data has been stolen and security terminals have been compromised.
Humans as the weakest link
Within no time these companies get into fast paced investigation mode, that surprisingly reveals the fact that the theft committed is not a present incident but a five-year-old long affair, mastered by the ‘bad guy’ in the ‘family’. The intricacies of today’s thefts are always in an evolving state and it won’t be wrong to say that even the biggest of all the organizations are not perfect when it comes to security enhancements. The weakest link in the security chain has always been humans and when this chain is broken, the entire organization falls apart and starts corroding.
Today, a typical organization loses five percent of its healthy revenue to fraud, a potential global fraud loss of $3.7 trillion annually according to the ACFE 2014 Report to the Nations study of global fraud. Yes, call it fraud or breach, it is done within the company and by an insider who could be a seasoned employee or a honcho sitting on a big couch with an embellished designation ‘preying’ on your confidential documents and accounts.
Although, there are many preventive measures adopted by many blue chip companies to brace this ‘weakest link’ and combat employee theft, there aren’t any adequate controls to annihilate the crime from the roots or guarantee that it won’t take place again. However, a person’s past conduct, integrity, and judgment can provide the best hint of their future behavior.
This is where behavioral analytics makes a difference and proves to be the silver bullet for tackling myriad of breach and thefts. Behavioral Analytics is a subset of business analytics which focuses on how and why your employees behave. It helps in strengthening an enterprise’s threat detection and response capabilities.
It does this by first learning the normal patterns of behaviour of every person, application, file and machine in the organization. Then, it detects and measures strange changes in those behaviours. Based on the employee’s client activity or segment activity over time, an employee is flagged as potentially suspicious.
Analytics: Culminating thefts and fraudulent activities
Although, monitoring of employee behaviour by IT is going on for a long time now, this isn’t sufficient to capture and culminate the bigger challenges of sophisticated theft and fraud. So, one has to go beyond the conventional methods of curbing intrusions and clinging on to Analytics to know about the psychology of the insiders and their online activity, thus reducing the chances of data theft, pilfering and IT sabotage.
Behavioural analytics today is capable of telling the difference between employees doing their ‘real’ job and intruders who are focussed only at stealing data. As behaviour analytics technology focuses on behaviour, not static indicators of threat, it can trace attacks that bypass threat intelligence and alert on malicious behaviour earlier in the attack, thereby giving security teams the time and environment they need to quickly respond.
The possibility of detection includes attacks that don’t use malware at all, such as phishing and compromised credentials. While running behaviour analytics on just one employee may not be useful in finding malicious activity, running it on a large scale would give an organization the ability to detect malware or other potential threats.
Aetna Inc., one of the largest insurers uses a combination of improved retrospective reviews and predictive analytics model to identify fraud in the payment process with greater precision. Additionally, Alibaba, the Chinese ecommerce company, has been using analytics effectively to tackle fraud. At Alibaba, any potential fraudster has to pass through extensive stages of verification which is a tough proposition.
With businesses now looking to condense chafing and keep up with emerging fraud methods, it’s time that CIOs and CISO start banking on behavioural analysis since knowing what a user does in his day-to-day activities, it may prove to be a better indicator than who they say, they really are.
In its arduous search to obliterate the shortcomings with regards fraud detection, organizations have come towards behavioural analytics, which is cost effective as it doesn’t require new hardware and works seamlessly on all smartphones, thus ending the pain of buying a wearable technology for authentication.
This clearly elucidates, why behavioural analytics needs to be implemented widely across every corner. While there is no denying the fact that, fraudsters are smart and trained enough to come up with sophisticated ways to vitiate the security walls, they can’t possible impersonate every aspect of user behaviour, thus allowing behavioural analytics to evolve and dupe the fraudsters by every means!
Try deep learning using MATLAB