We recently received an email commenting on the use of AI/Machine Learning (AI/ML) to counter the insider threat. We’re sharing Dr. David Charney’s response as many have been interested in this topic:
You caught on to one of the biggest issues of the day, the push for adoption of AI/ML to just about everything including the problems connected with insider threat.
While it may seem that I am opposed to these advances, in fact, just as you say, I do see them as complementary.
The reason I came out seemingly strongly against AI/ML is because of what I see in Washington.
Going back to President Eisenhower, who warned about the Military-Industrial Complex, here at the seat of our Federal government, the Complex has grown way beyond even Eisenhower’s worst imagination.
You may know that the huge corporations that circle our Capitol are known here as Beltway Bandits.
These are the corporations that feed off the government and have enormous multi-million and multi-billion dollar contracts to support and effectuate the whole range of government purchases of products and services.
Naturally, within the IC (Intelligence Community) space, the same thing occurs.
In the IC, there’s high awareness of the threat of domestic insiders as well as of foreign threat actors because of hacking by state-sponsored elements as well as by criminal gangs.
Beltway Bandits jump in to monetize these problems with their brilliant Solutions.
And the only thing they know how to do (or want to do), is to create very expensive mega systems that involve computers and associated software development, etc.
They have the motivation, skills and marketing strength to monopolize the Washington scene.
It all makes perfect sense to them.
It also makes sense to government officials who sign off on the contract because they also see personal benefit.
Getting into bed with the Beltway Bandits by signing up for their gigantic projects means they can now point with pride to the fact that they are clearly really DOING SOMETHING to solve the problems.
They are obviously making real progress on their watch!
Everybody’s happy with the promises that these terrible problems will be solved by launching the proposed futuristic advanced tech.
I actually do believe that to some extent these approaches will truly help.
But I also know that they never seem to succeed as advertised!
Humans are too clever.
If strongly motivated, they can figure out how to defeat just about any technical system you can stand up.
And they are strongly motivated.
A day does not go by that we do not hear of yet one more horrific spying or hacking breach.
That’s why I push so hard for everyone not to forget, at least as regards insider threat, that it always starts in the mind of a single individual.
Individual human psychology is ultimately the greatest vulnerability for companies and agencies.
And in my opinion, that vulnerability has been insufficiently addressed effectively.
My work is an attempt to remind everyone of that and to point to some new ideas (NOIR) to correct the imbalances that I see.
How about allocating just 2% of the funding and resources to human psychology based initiatives?
Right now, I think it’s less than 1%.