NEW YORK, NY – June 19, 2015
Stroz Friedberg, a global cybersecurity, investigations, and risk management company, announced the availability of SCOUT™, a patented enterprise level software tool designed to help companies proactively identify threats. SCOUT™ autonomously detects risk indicators in employee communications, enabling companies to detect, assess, and respond to threats before they cause harm to the organization, its assets, or its people.
The FBI and Department of Homeland Security have indicated that insider threats are an increasing concern, and about a third of U.S. organizations have reported suffering an insider incident, according to a SANS Institute Survey released last month. Until now, insider threat tools have typically focused on technical indicators that identify potentially improper use of technology or data. With SCOUT™, companies can proactively identify an employee’s intent to cause harm by looking for telltale linguistic patterns in digital communications. The SCOUT™ approach provides an added layer of forward-looking intelligence that can detect an individual’s psychological propensity to carry out an attack or violate company policy.
“Business leaders have a duty to protect their companies’ assets and people, no matter where a threat originates,” said Scott Weber, Managing Director and leader of Stroz Friedberg’s SCOUT™ unit. “Attackers from afar continue to receive the lion’s share of attention from cybersecurity professionals, but threats from insiders are just as serious, if not more so, because they are already over the wall. Insider threat detection tools that focus on technical indicators should be combined with behavioral indicators such as SCOUT™ to better defend companies from potential bad actors inside their organizations.” Weber discusses insider threat management in more detail in the latest episode of Stroz Friedberg’s podcast series, “The Business of Truth.”
Protected by 10 U.S. patents, SCOUT™ uses psycholinguistic algorithms and an ontology to analyze digital communications in bulk and identify and measure risk indicators. Word choice and frequency of word-use are assessed across a body of communications to statistically track dozens of risk indicators at once. Over time, SCOUT™ learns subjects’ personalities and decision-making characteristics, psychological states, and impact on group dynamics. Organizations can then detect shifts in behavior, pinpointing the dangerous, but tiny minority of disgruntled employees and other individuals or groups considered to be at-risk for malicious behavior. Because less than .0001 percent of the communications analyzed by SCOUT™ trigger a requirement for human review, companies can effectively balance employee privacy with security imperatives.
“The human response to insider threats is as important as the technology that surfaces it, so organizations need to adopt a multidisciplinary approach to managing this risk,” said Michael Patsalos-Fox, Chief Executive Officer, Stroz Friedberg. “SCOUT™ relies on proprietary technology and professional consultation to ensure companies are able to detect threats without lengthy manual review, allowing them to act expeditiously on real concerns and respect individual privacy.”