Cybersecurity for Criminal Justice

Every information security group involved has maintained a relationship with law enforcement. This relationship fostered an exchange of ideas and perspectives that helped improve each other’s skill sets and thought processes. Our law enforcement contacts provided guidance and insight for features and functionality that would help monitor our environment and identify potential issues, plus aid in the gathering of evidence to support an investigation, if warranted.

AI is a tremendous help with this collaborative process. It can be used to quickly and easily transform law enforcement insight into actionable processes and systems for an organization. It empowers end users with limited technical skill sets to generate queries that can aid in monitoring and research. It can also aid in the development process by reducing development times and accelerating the production of actionable information.

This leads us to data management, which is a unique challenge for an organization. Data is needed for a company to function, so it cannot be locked down completely, but it still needs to be accessed, controlled, and monitored. The introduction of AI offers an opportunity to identify data and help monitor how it is used and stored within a company.

Ideally, we would have a means to monitor data that traverses a network and resides on end user systems and file shares. We would like to identify data that is being mishandled or shared inappropriately. We would like to capture this data for review and possible reference and initiate an alert that would prompt action by the responsible party.

The monitoring of enterprise resources and assets is where AI can help greatly. It offers the opportunity to build an algorithm that can identify data structures and perform initial checks of data. If a positive hit is made, the associative components can initiate a manual review, response, and evidence capture.