高度な分析で人事とセキュリティの脆弱性を特定

Technology   |   Andy MacIsaac   |   Aug 13, 2020 TIME TO READ: 8 MINS
TIME TO READ: 8 MINS

Author’s Note: This article describes a use case related to employee well-being and issues related to national security posed by insider threats. For those who work in sensitive areas of government (such as the Department of Defense (DOD) and the Intelligence Community), there is always a delicate balance between security, ethics, and privacy. Each agency should have a well-defined data governance and ethical use strategy that protects both the employee and the ability of the agency to fulfill its mission objectives.

 

The basis of any security clearance in the United States starts with a background check based on information individuals provide on the Standard Form 86 (SF 86). Financial information, employment history, family relationship, social networks, and educational background are just some of the personal information that those seeking a security clearance need to provide. The information is detailed, and omissions or inaccuracies can result in clearance not being granted and even worse — could lead to federal charges. The sharing of all this personal information could seem excessive or even intrusive, but when evaluated through the lens of protecting state secrets and sensitive information in a high-stakes environment, the protocols are necessary.

 

What is not readily apparent is the amount of stress that jobs dealing with national security issues can generate. In 2018, a study of 128 tactical cyber operators, including both civilian and military personnel, attempted to measure the dangerous impact of stress on employees, specifically on levels of fatigue, frustration, and cognitive workload. The study found that longer operations (those over five hours) drove 10% higher levels of fatigue and frustration. The authors of the study wrote that, “We’re not trying to take stress away from tactical cyber-operations. Stress is not bad when it’s managed. When it’s unmanaged and people don’t feel they have control, that’s where we see the negative effects.”

 

It is the attempt to identify levels of rising stress and frustration and other sources of potential threats to employees that makes human resources analytics imperative, and makes the focus on the well-being of people in these critical roles more important than ever.

 

The authors of the study put forth the following, “The National Security Agency (NSA) is part of the Department of Defense and is here to protect the nation. A mistake could affect things for a lot of people, so we have to make sure they [operators] also take care of themselves.”

 

For those who manage the human resources and internal security functions such as human resource officers (HROs) and facility security leaders (FSOs) at organizations that employ individuals with security clearances have dual concerns about the personal welfare of their employees, and they need to be diligent in finding vulnerabilities or possible threats that could potentially pierce the veil of required secrecy.

 

According to one recent article on Military.com, human resource and security offices are “Concerned about stress in the workplace, because too much stress or chronic stress can lead to poor judgment. No employee ever exploded in violence, committed suicide, stole government property, became a spy, or engaged in any other destructive or self-destructive behavior because they were happy and relaxed. They were stressed out and desperate. A safe and secure office environment is one in which employees know how to recognize and manage the negative aspects of stress.”

 

To evaluate possible vulnerabilities impacting employees of organizations involved in national security issues, HR and security leaders of these organizations need to access and analyze a lot of information to put together a complete a picture of behaviors that can indicate stress or be significant factors in causing stress. The following is a potential use case which illustrates how these teams can use Alteryx Analytic Process Automation (APA™) to streamline their analytic processes to find potential threats, protect their employees, and if necessary, determine interventions that will help their employees and protect their organizations.

 

With the Alteryx APA Platform, analysts can leverage over 80+ supported data connections, making it extremely easy to connect into different data sources, prep and blend the data into an acceptable structure, and then aggregate that data into a unified dataset. The dataset can then be output in a variety of different file types or third-party dashboards of choice. In this example below featuring dummy data, we simulate the aggregation of a job satisfaction survey, an employee HR database, and collected SF-86 information. This provides us a dataset for analysis that includes variables such as salary, debt, marital status, loans, mental illness diagnosis, etc.

 

 

Alteryx makes it easy to filter for desired subsets of data. In the above workflow, we have identified employees that have reported recent mental health and marital hardships. These can be included into a report that is sent via email to alert the necessary officials. Using the Join category of building blocks, the platform enables the ability to dereference personally identifiable information (PII) with unique Employee ID’s or another “primary key” to protect privacy.

 

To provide the necessary help to these individuals, users can perform spatial analytics to determine the closest health or counseling resources available to them to get the aid they may need. This same concept can be applied to find those with reported financial or gambling hardships access to the help they need.

 

 

With Alteryx, users can very easily create interactive visual insights and graphs for data analysis. In this example below, we can create a bar graph to analyze the financial history of an employee that is known to have reported debt and gambling issues. With this analysis it would be possible to identify anomalies or trends in their financial activity. By analyzing the previous four years of financial trends, we can see that there seems to be some anomalies in May, August, and October of 2019. This data can also be run through a machine learning algorithm (Neural Network) to confirm this behavior is in fact an anomaly and could indicate the need for further investigation and/or intervention.

 

 

With the intrusion of social media platforms into our lives, it stands to reason that what we may say or the content we interact with can provide some insight into our state of mind. In this environment, text and sentiment analysis can play a critical role in identifying alarming behavior and potential vulnerability. Alteryx allows users to quickly create an analytics story around a user’s social media or communication activity. In this example below, social media data was ingested.

 

 

We can identify an increasing trend in negative sentiment being posted to the account with interactive charting. The analysis shows a high level of negative sentiment in 2019. With the creation of a word cloud around the 2019 posts, we can identify words like “depression,” “suicide,” “hate,” and more being used within the posts. These types of words can be used to trigger an alert of a possible situation where an individual could use some help.

 

 

Each section of this analytic workflow highlights different formats of visualizations, analysis, algorithms, and insights. Now that this workflow is created, it can be shared within a governed environment. With the Alteryx APA Platform, a collaborative and governed environment can be created where enterprise-wide users can run workflows, share, control user access, and schedule workflows to completely automate analytic processes. The functionality is created through a customizable user interface that allows authorized members of your organization to run workflows with different input variables. Alteryx also provides drag and drop integration with other third-party visualization products such as Tableau, Power BI, Qlik, and more.

 

The prototyped solution illustrated here is not an exhaustive overview of what could accomplished in the way of analysis that HR and security teams need. Additional analysis could include:

  • Social network analysis to show links between entities as well as known foreign adversaries.
  • Financial and banking network analysis with models to map out financial and banking networks to identify patterns of financial vulnerability and potential foreign adversary involvement.
  • Natural Language Processing (NLP) based analytics to conduct sentiment analysis across organizational-sponsored communication (e.g., email, instant messaging) comparing it to social media or sentiment analysis associated with an individual. This would create benchmark models to help with employee triage and intervention.

STAY PUT.

WATCH

See how Coca-Cola, PwC, and IDC help accelerate digital transformation with APA.

READ

See how the convergence of analytics, data science, and process automation is driving digital transformation success.

TEST DRIVE

See the Alteryx APA Platform in action.

Tags