Skip to main content

Identifying the Insider Threat – How AI Enables Situational Awareness in Discrete Matters

By March 18, 2019 January 20th, 2022 No Comments

As discussed in part one of our 4-part blog series on AI and physical security, most people responsible for security in their organization have heard of artificial intelligence (AI) but many harbor fears and misconceptions. In a recent webinar on finding physical security blind spots with artificial intelligence, we conducted a quick poll asking the audience how they view AI The results were better than expected with 70% answering “Brilliant!” However, there were 20% of attendees who said “Terrifying” and another 10% who said it was “A myth.” The 30% who did not think AI in security is brilliant may have some of the most common fears and misconceptions, including:

  1. AI technology is future-speak and not ready yet;
  2. AI is too expensive and beyond the scope of current budget; and,
  3. AI forces them to give control over to sentient machines that can run amuck or take over as in the Terminator movies.

Let us set the record straight. These are all fallacies as is the notion that AI for physical security is something that would be nice to have, a luxury of sorts, but is simply not necessary now. Trust me, you need it and here’s why – one of the most common challenges or pain points confronting an organization’s security in any industry is the insider threat. Having a clear view on a brewing situation can actually save you from a massive breach and losing millions of dollars.

The Power of Suggestion

AI as it applies to security, recognizes patterns; it suggests or recommends things, it isn’t cognitive. In other words, it identifies things that are out of the ordinary or different, normal or aberrant, alerting you to a potential or emerging threat. So, it senses via your security systems, sensors, cameras, and other detection equipment that something peculiar is happening; i.e., an employee that suddenly begins to work later than normal, or loiter in areas that they normally do not access. This is important to detecting unusual activity indicating a possible insider threat should be investigated.

Security guards, on the other hand are subject to distractions, fatigue, hunger and other human frailties – including bias, judgement and persuasion. AI-based security systems work 24×7 looking at everything, in minute detail – they don’t miss anything. And, because they are agnostic, they examine everything objectively and logically. Rather than replacing human security guards, they assist them by providing actionable insights derived from high-speed, real-time analysis of observed and detected behavior. Because of their ability to rapidly review and assess activity and events, they accelerate situational awareness enabling your security team to take proactive action. AI-based systems are also risk adaptive and learn from previous behavior and patterns.

The Inside Scoop on Catching an Insider Threat

How does this relate to insider threats? Let’s look at an example in the financial sector, where obviously you’re dealing with large amounts of money, large transactions, huge amounts of sensitive data, and the trust of thousands, if not millions, of customers. A young financial advisor in a brokerage house on Wall Street has a lot of information on high-value clients. He feels that he isn’t being treated fairly or being promoted fast enough – a classic disgruntled employee. He’s thinking that he can poach the clients and take them to another firm. So, he starts to come in later and copies files on these clients. It’s even possible that the guard on duty is in on the scheme and is in collusion with the employee.

A traditional system only reports policy breaches. When a rule is broken, an alarm occurs. Insider threats come from employees who appear to follow the rules. They come in beyond their scheduled time, when there are less people around to see what they are doing. While the employee’s supervisor may see the actions as that of an employee working even harder and worthy of more trust – an AI-based security system doesn’t see it this way – without bias, it identifies the employee’s behavior an anomaly and sees an emerging pattern that is worthy of investigation.

AI can look at additional behaviors during an unusual situation and recognize high-risk activity that may not be an official policy breach. It notices that during the off-hours visits, the employee is spending time at a copier or locations they do not normally visit and gets “interested” – digging deeper. And while the photocopy machine records that copies have been made, video surveillance definitely captures who made the copies and at what time; this information is relayed to the AI-based security system. The system analyzes the new data and can then establish the activity as being within the parameters of normal or abnormal behavior and reports it for the security team to take action if appropriate.

AI for Physical Security: A Top Choice for your Bottom Line

The bottom line is the AI system will observe and report/alert so the supervisor has situational awareness and can avert a potentially costly insider threat or breach situation. Human beings cannot be expected to see and hear everything that is going on all the time; it just isn’t possible. But, an AI system will always be on guard, looking, listening, analyzing behavior, correlating patterns and doing so in real-time so you have a proactive, preventative means of thwarting insider threat actions that can disrupt your operations and impact your bottom line.

To see how AI shines a light on these types of threats and others you may not see,, view our on-demand webinar, Finding Your Physical Security Blind Spots with AI

Reconasense. Making Security Intelligent.

Contact us now for a comprehensive demo and see first-hand how we can help make your security smarter and your world safer.

Request a Demo