In a global context of increasing cyber threats, private sector actors are being pushed to enhance their already existing countermeasures, build up new defensive tools, and widen their detection scopes. Due to its leading position in the market and the additional risks coming from the Extended Enterprise, Airbus Group is increasingly at risk and has been facing attacks that have become more and more sophisticated over the last few years. Airbus has answered this growing threat by developing several teams in charge of designing new tools and methods across the group to undermine future attacks.
If most of the efforts are aimed towards protecting the group’s network from external menaces, one of the teams is focusing on insider threats. The Insider Protection team is leveraging AI power to improve the operational capabilities of the Security Operations Center by supplying a Key Trust Indicator. In this presentation, we will explore how this indicator is built based on users’ behaviours, and how the team is designing the product with close ties to business analysts and compliance teams to ensure safe usage and avoid new vulnerabilities.
Download the slides for this talk.Download ( PDF, 10810.09 MB)