Fraud Management & Cybercrime , Incident & Breach Response , Managed Detection & Response (MDR)
Machine Learning: Sizing Up Its Role in InfoSecExpert Describes How Systems Could Help Detect Fraud, Prevent Breaches
By identifying abnormal data access behaviors, machine learning systems could improve breach prevention and fraud detection in the healthcare arena and other sectors, contends artificial intelligence expert Robert Leithiser.
"Machine learning systems, which are derived from algorithms used in artificial intelligence ... apply the algorithms to data sets to try to predict what's going to happen in the future to that data," he explains in an interview with Information Security Media Group.
"Data security really involves the idea of behaviors," he says. Many data breaches involve intruders using the username and passwords of authorized users to access systems. "And once they are in, they become like an individual who is trusted on the inside, and then they are able to leak data out," he says. By monitoring systems in real time, machine learning systems can help detect inappropriate access and activities, and prevent data theft, he contends.
In the healthcare sector, the use of machine learning systems so far is relatively limited, Leithiser acknowledges. For example, some organizations are using the systems to detect unusual billing behavior by doctors who file fraudulent medical claims for the same patient treated in two different and distant cities or states on the same day.
Today, machine learning systems are applied in security situations "where there is already a lot of known data - things like malware, things like spam," he says. But many of the biggest threats "are more subtle, like an employee who decides to use [a company's] information against the organization. Threats from the inside are more difficult for machine learning systems [to detect], but I believe it can be done."
In the interview (see audio link below photo), Leithiser also discusses:
- How machine learning systems "learn" and how they differ from data analytics, especially in the context of data security;
- Why the theft of intellectual property will be the next big target of cybercriminals ;
- How machine learning system technology can be applied in other sectors besides healthcare to help improve data security.
Leithiser, who is founder and chief software architect at start-up artificial intelligence software firm Authentic Intelligence, has nearly 35 years of experience with IT systems, with a focus on application development and databases. Previously, he worked nearly 13 years at Microsoft as a principal consultant for the public sector. Currently, he is focused on applications of artificial intelligence, including machine learning with predictive analytics for contextual data security, which encompasses collecting and analyzing data access patterns across the entire data lifecycle.