Managing Insider Risk: Breathalyzers and Behavioral Analytics

By John Boatman, April 12, 2017 | SHARE

Embedded in Jamie Dimon’s recent revelation that one of his foreign-exchange traders used a mobile device to make a $100-million trade was an important message about individual trustworthiness as a risk factor.

During an interview with Yahoo! Finance the JPMorgan Chase chief joked that, as a consequence of such behavior, future smartphones may need built-in breathalyzers, “so you don’t feel macho after dinner and a drink or two and say ‘I’m going [to] long the yen!’”

It was a clever quip, but one that also reveals Dimon’s deeper understanding of the crucial role human behavior plays in enterprise risk. The problem he highlights is that even the most secure devices, fully encrypted communications and stringent trade-validation protocols won’t amount to much if the bank doesn’t also truly ‘know its trader’ — or for that matter every other individual entrusted to perform its most sensitive jobs.

We’ve written frequently about understanding human behavior as the central element of risk management, because we believe that:

  1. There’s a direct relationship between organizational risk and personal trustworthiness;
  2. Trustworthiness, when properly modeled and analyzed, represents a more holistic and predictive indicator of risk, in contrast to narrower and more passive approaches like monitoring a person’s network activity; and
  3. The earliest indications and warnings of enterprise-wide risk often occur when a single person’s behavioral patterns or actions change over time.

This latter point is particularly important, though not widely discussed. Conventional wisdom in the private sector, and to a somewhat lesser degree in government, is that once a job applicant has been vetted and hired, little additional evaluation is needed beyond the often perfunctory annual performance review.

We believe instead that an automated approach that continuously measures personnel trustworthiness — through the use of modeling, artificial intelligence techniques, behavioral assessment tools and current data from internal (and even public) records — should gain broader acceptance.

It’s the reason Haystax Technology first builds a model of ‘whole-person’ behavior, before even a single piece of data is collected. And it’s why our Constellation Analytics Platform™ approaches user behavior analytics (UBA) holistically, like an ever-expandable team of expert analysts who are continuously on the lookout for signs of malicious, negligent and inadvertent behaviors by trusted insiders.

No organization — whether in finance, healthcare, law or any other profession — is immune from the growing threat from adverse insider events. As the volume, velocity and variety of threat data increases, and as organizations embrace technologies that empower their employees to make critical decisions at the edges of (or even outside) established controls, they take on significant additional risks that can’t be managed in conventional ways.

Smartphone breathalyzers may help, but what’s really needed is more predictive and holistic user behavior analytics.