AI can help protect HR data from hackers

The sensitive nature of HR data has always made it a prime target for bad actors. The massive ransomware attack against industry vendor UKG is just one example of increased attempts by cybercriminals to breach social security numbers, bank account information, compensation data and more.

But data security experts say a trend has recently made HR data even more attractive to hackers: the big quit.

More and more employees continue to come and go in organizations, which has increased the risk of issues such as not properly disabling access to corporate networks, leaving credentials exposed or employees who take confidential data without even realizing it.

“With the influx of people still leaving their jobs, there may be many vulnerabilities that are not being addressed by cybersecurity teams,” said Justin Fier, vice president of tactical risk and response for Darktrace, a cybersecurity software provider in Cambridge, UK. “HR has a rich data set, and whenever it exists, you have to expect bad actors to come after it.”

One of the ways organizations are protecting themselves against these growing threats is by using a new generation of artificial intelligence and machine learning tools designed to automatically detect and alert to anomalous actions in their technology ecosystems. These software tools are increasingly integrated into HCM technology suites, as well as offered by third-party vendors to integrate with HR applications, in part to compensate for the continued shortage of cybersecurity professionals who would typically perform such monitoring.

Identification of anomalies

Security experts say one of the most effective uses of this new AI is for anomaly detection. The technology first establishes what is normal in the use of an organization’s systems, including cloud, software-as-a-service, on-premises, and messaging platforms, and then is able to automatically detect any abnormalities when employees access and use these systems. . AI can analyze thousands of metrics to reveal small discrepancies that could indicate an emerging threat, experts say.

“Technology identifies things that aren’t supposed to be there,” said Alexander Wurm, principal analyst who leads data science coverage at research and consulting firm Nucleus Research. “Anomaly detection identifies anomalous events occurring in networks or databases, then typically sends alerts and prioritizes based on the risk individual users may pose.”

The technology has particular value in remote work environments where home-based employees or contractors routinely access corporate networks using their own devices, Wurm said.

“Every time someone interacts with a network, information about their IP address, what they accessed and more is fed into a machine learning algorithm so the technology can tell if what they are doing is considered usual or unusual activity,” Wurm said. .

The “self-learning” AI that vendors like Darktrace use for data security is different from previous versions of the technology, Fier said. Previous iterations identified threats based on historical attack data, first requiring that data to be cleaned, tagged, and moved to a central repository. Fier said Darktrace’s AI instead learns in real time “on the job” and updates its understanding as technological environments change.

“We’re not here to tell our customers the difference between right and wrong,” Fier said of Darktrace’s anomaly detection capabilities. “We are here to tell them the difference between the usual and the unusual.”

HCM Technology Vendors Introduce AI-Based Data Security

HR technology vendors have started integrating this kind of AI-powered data security into their platforms. Oracle is one of them, having recently introduced an AI-powered surveillance solution on its Fusion Cloud HCM platform that automates security scanning to protect against cybercriminals and limit access to sensitive employee data.

According to Aman Desouza, Senior Director of Risk Cloud Product Strategy for Oracle. AI allows HR to see blind spots and shine a light on data vulnerabilities, he said.

Experts say HR needs to get more involved in data security issues as the scope and complexity of threats increase. “Data security is no longer just an issue for IT today,” Desouza said. “You need to involve the broader organization in this effort, which includes HR, lines of business and the employees themselves.”

Oracle’s AI tools can monitor and detect online activity based on time and frequency, sending instant alerts on suspicious activity based on when and how sensitive HR records are consulted. This could allow HR or security teams, for example, to detect abnormal activity such as employees accessing data over the weekend or when large amounts of data are accessed over short periods of time. According to data security experts, clicking on data faster than humans can read it can be a sign of fraudulent activity, such as when bots are used maliciously to breach HR data.

AI can monitor activity by location, sending alerts based on where HR data is accessed from. Systems can also be monitored based on role and responsibility, Desouza said. If an employee moves to another department, for example, they may still have previous privileges to access sensitive data they no longer need in their new role.

Desouza said the big resignation and increased internal mobility of workers have created increased security risks for organizations. “Employees are increasingly moving in and out of their roles, changing the scope of their work, or leaving organizations altogether,” he said. “Many more are now accessing corporate networks remotely or while on vacation somewhere in the world. You want to be able to monitor all of these scenarios in your HR technologies to ensure data security.”

Experts say that more and more cybersecurity software vendors are also using machine learning to protect email communications from malicious actors. Technology can learn what type of email has been flagged in the past for things like phishing attacks, for example, and then proactively prevent similar emails from reaching primary employee inboxes in the future.

A major risk: the human element

According to experts, one of the biggest data security risks in any organization remains human interaction, which is why automated processes can provide additional protection.

“You tend to see the greatest risk wherever there are human touchpoints,” Wurm said. “That’s why automating processes like onboarding and deleting can have value both in improving data security as well as improving process efficiency or revenue gains. time.”

For example, relying on manual rather than automatic disabling of network access when employees leave the company increases the risk of error, as it can be easy to lose sight of the systems employees had access to. and who comes and goes. “There is an increasing use of automation by IT teams as a way to limit the risk of human error in protecting sensitive data,” Wurm said.

Dave Zielinski is director of Skiwood Communications, a business writing and publishing company in Minneapolis.

Norma A. Roth