Traditional enterprise risk management consisted of reactive reactionary efforts to specific domains such as cyber security, fraud detection, regulatory compliance, and legal compliance. Often, the goal was simply to minimize, not preclude, any damage.
But with expanding regulations and noncompliance penalties, and the influx of big data, this paradigm has been replaced by proactive risk management measures that span the enterprise, and not just business units. It has become clear that virtually all data yields information about potential threats—once properly aggregated, contextualized and analyzed.
Enterprise knowledge graphs are the foundation for the rapid integration and analysis of all data types for any specific risk management purpose. They enable organizations to collate data according to domain, yet contextualize data between domains for increased understanding of specific domain threats.
The ensuing of data access across both internal and external sources is indispensable for implementing comprehensive user behavior analytics to not only glean how to mitigate risk and any applicable damage, but also prevent it.
The core of the proactive approach to risk management is to aggressively look for data indicative of potential threats. Organizations do so most effectually by combining data across domains for a single use case, such as fraud detection. In several instances, it’s useful to collect as much data as possible to aggregate them, identify patterns of user behavior, pinpoint anomalies, and act accordingly.
Knowledge graphs are ideal for these deployments because they seamlessly align all data types and structures for a specific purpose, such as connecting data from external interactions for the ultimate customer 360-degree view. Better yet, knowledge graphs are linkable so that graphs for say, cyber security, can readily join with those from sales and marketing.
Once contextualized according to cyber security needs, these additional data enable a more inclusive view of this domain for advanced pattern recognition and anomalous behavior detection. This linked enterprise data approach is applicable to both individual nodes of data and entire graphs, which is how these tools enable horizontal data access across the organization. Thus, data of any variation is readily integrated and aggregated according to risk management use case.
Enriched data adds context
Once organizations are able to quickly combine data across the enterprise for any type of use case, their risk management capabilities increase exponentially. For example, some of the richest data for counteracting cyber security actually comes from transactional systems, marketing departments, and customer domain master data management hubs—in addition to standard security log data for whatever security tools are in place. Linking this data for user behavior analytics identifies both typical and atypical patterns of use.
Contextualizing current or recent transactions in view of those patterns can optimize cyber security issues, since organizations can compare the behavior of typical users to those eliciting suspicion. For example, the former may access a customer facing financial institution’s website to review recent transactions; the latter would likely immediately initiate transfers or perhaps change (email or physical) addresses when first signing in. Marketing data about cookies being recently reset for long standing customers, in addition to sporadic changes in IP address information, may also indicate unsolicited activity when properly contextualized.
The composite of all of these sources offers the greatest information for the behavior of a particular customer or an organization’s customers in general. This approach also demonstrates points of correlation between domains, as many of these security concerns relate to fraud detection, and might have legal and regulatory repercussions as well.
Contextualized machine learning
It’s important to realize there’s a limit to the value of just running aggregated, user behavior analytics for anomaly detection. Many anomalies aren’t actually threats, but simply denote errors in operations or IT configurations. What’s needed is the ability to understand those anomalies in the context of their causes and effects.
Enterprise knowledge graphs specialize in the contextual understanding of data (in relation to events and otherwise), particularly when fortified with dynamic machine learning. They use standard data models and taxonomies to comprehend relationships between data that people might not notice. When this granular context of data’s meaning is coupled with machine learning, the underlying algorithms can detect patterns denoting risk management threats for any domain.
For example, machine learning algorithms can monitor enterprise network connections to detect even the slightest irregularities suggestive of security compromises. By augmenting this capability with security subject matter experts, the system gets adds an additional layer of contextualization to learn which aberrations are really threats.
Incorporating enterprise knowledge graphs with AI into the risk management process drastically increases risk mitigation. Their organization wide access to data across domains is the foundation for contextualized, user behavior aggregate analytics. The result is a newfound ability to seek out threats instead of simply reacting once noncompliance or data losses occurs.
This article is published as part of the IDG Contributor Network. Want to Join?