Greg Henderson, senior director, Fraud, Security and Intelligence, SAS, visited Australia recently to spend time with customers and prospective customers, and took time from his schedule to speak with iTWire.
Online fraud, security exploits, hacking – “it’s not a set of disjoint problems. One thing we see across financial crimes and the security spectrum is a lot of interconnection between bad actors. They may appear isolated on the surface, but they are connected”, Henderson said.
Companies are worried about exfiltration of their data by internal staff to competitors, and by malice from hackers. However, Henderson explains it's his experience that hacking activity is most often about stealing information for sale, and primarily identity information to commit fraud. This is frequently committed by criminal groups with substantial ties to terrorist groups.
“We’re trying to look at all the interconnections between this and look at all the threat points and solve a bigger problem in the context of identity fraud while not losing sight of the forest through the individual trees we're looking at on a daily basis.
“If stopping cybercrime reduces terrorism or cuts off funding then we have done good in the world by doing that.”
In a practical sense, the fraud and security division at SAS brings to market solutions tailor-made for businesses in the fraud and security space — for example, anti-money laundering regulation in banks, compliance, credit card and payment fraud, health insurance, telco fraud, fraud by customers or retail fraud, fraud at retail locations by the retailer themselves as opposed to the end customer, as well as fraud in the government space — tax fraud, benefits fraud, security type applications whether national or border security, investigations, and local police management.
It’s a vast space and range of industries but fundamentally distils to applying big data and analytics technology to solve discrete problems seeking to identify bad actors or activities, surfacing them up for remediation.
Without analytics, already time-constrained human workers need to trawl through data looking at all the good records to find those which seem bad. Collecting more and more data gives more valuable information but simultaneously makes the job more difficult for a human. Applying analytics means tools can instead handle all the processing and inspection, freeing people to much more valuably devote their time to identified risks.
These problems aren’t purely financial. SAS also applies its solutions to child safety, covering children at risk and being monitored by social services for events that increase that child’s risk so caseworkers are alerted, and to border security looking for illegal activity including the illicit transportation of goods or people.
An example Henderson gives is a state within the US which experienced an increase in tragic outcomes relative to child safety, meaning death or severe abuse or neglect.
As with most government agencies, it was understaffed and underresourced, Henderson said. So, it turned to SAS to apply analytics to help get the best results with the resources it had.
SAS built a model on historical data like case files and interventions; it ran analytics over two years’ worth of data and applied against the third year. The model correctly identified 84% of the tragic outcomes in the highest 10% of children it determined were at risk.
“The practical standpoint is if you have limited resources you can focus better attention on these and submit remediations and interventions which can prevent tragic outcomes,” Henderson said.
The state can now exercise greater planning in targeting that 10% of children predicted to be at greatest risk, while still continuing its ongoing care of the other 90% of children.