RBTALKS5: How Pfizer uses AI to detect insider risk
Dec 20, 2024
auto_awesome
Brian A. Coleman, Senior Director for Insider Risk at Pfizer, dives into the transformative role of AI in enhancing insider risk detection. He discusses how AI can identify unauthorized handling of sensitive documents and the subtle movements of data that pose risks. Coleman highlights the development of a tailored AI tool that minimizes false positives and improves incident response. He also addresses the blend of automation with human oversight needed for effective risk management, showcasing innovative strategies to protect valuable corporate information.
Pfizer's AI-driven system enhances insider threat detection by categorizing documents, empowering analysts to focus on relevant data efficiently.
The integration of language models with traditional DLP methods allows Pfizer to proactively identify risks and improve incident response times.
Deep dives
Utilizing AI for Document Categorization
Pfizer has developed an AI-driven system to enhance the speed and efficiency of document analysis related to insider threat cases. This system employs language models to categorize various types of documents, such as HR documents and pay stubs, helping analysts focus on relevant data without needing extensive expertise in scientific processes. By summarizing documents, the AI solution enables analysts to present business owners with a clearer picture of incidents, avoiding the need to sift through thousands of documents. This detailed categorization assists in more intelligent decision-making and significantly reduces the risk of overlooking critical information.
Improving Insider Threat Detection
The AI system is specifically leveraged for identifying insider threats, focusing on cases where individuals may inadvertently handle sensitive information incorrectly. By combining traditional data loss prevention (DLP) methods with advanced language models, Pfizer can more accurately differentiate between important documents and false positives in investigations. This distinction is crucial, as terms appearing in both resumes and critical documents can be misinterpreted, leading to inefficient responses. The early implementation results indicate that this integrated approach is streamlining the detection process and allowing investigators to concentrate on significant matters more effectively.
Proactive Data Protection and Incident Management
Pfizer is working towards proactively defending against data leaks by utilizing their AI capabilities to improve alert responses and decision-making timeframes. The aim is to transition from a reactive to a proactive stance, identifying potential risks before sensitive data can exit the company's systems. Metrics are being tracked, such as the time taken to triage incidents and the rate of accurate categorization of alerts, which offer insight into the effectiveness of this AI approach. As this system evolves, it promises to enhance the overall security framework by integrating lessons learned to fortify data protection mechanisms and ensure a more informed response to incidents.
Brian A. Coleman, Senior Director for Insider Risk, Information Security, and Digital Forensics at Pfizer, talks to us about how his security team is experimenting with AI to improve their insider risk detection systems. The system Brian and his team put together can detect sensitive information or documents handled by unauthorized accounts, but can also spot documents moving around and ending up where they shouldn’t be - either by accident, malice, or as a result of a security breach.
Show notes
Get the Snipd podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered podcast player
Listen to all your favourite podcasts with AI-powered features
Discover highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share & Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered podcast player
Listen to all your favourite podcasts with AI-powered features
Discover highlights
Listen to the best highlights from the podcasts you love and dive into the full episode