Logo and page links

Main menu

Secure Practice

Secure Practice is in the information security industry. They want to develop a service that profiles employees in terms of the cyber security risk they pose to the companies. The purpose is to be able to follow up with adapted safety training based on which profile categories the employees fall into.

Under the motto that employees who know how to protect themselves, also protect the company, Secure Practice offers services for cyber security to the business community. They measure what they call human cyber risk in businesses.

- Today we do it in a fairly harmless way, says Erlend Andreas Gjære, general manager of Secure Practice.

- What can AI do for us?

At the same time, they have worked with machine learning in other parts of the service offering, including identifying suspicious e-mails. This has led them to wonder what other artificial intelligence can be used for in the future.

The hope is that AI can help them target and adapt the security training, by identifying whether the employee knows a lot or little about cyber security, whether they are interested in the topic or not and so on. The more they know about the employee's digital behavior, the better effect the training will be able to give.

- Then there are some things we can measure and put in the system, which are starting to approach profiling, says Gjære.

And then the question arises: What does an employer have the opportunity to profile their employees on? There, Gjære finds the legislation a bit diffuse, and he hopes Secure Practice can find the answers together with the DPA in the sandbox.

Updates

May 2021:

The project plan for the sandbox work is ready.