SourceSecurity.com US Edition
Home  |  Settings  |  Marketing Options  |  eNewsletters  |  About Us  |  FAQs    Join SourceSecurity.com on LinkedIn
REGISTERTerms
Smart

Integrated Systems - News

How can software identify active shooter risks before they become threats?
Large commercial enterprises are using Haystax products to identify potential insider threats.

As a society, we have been studying crime for years, with an eye to prevention. Now that mass shootings have seized our attention, experts have begun studying this particularly violent crime, again with an eye to prevention.

“Our view is that inside a large enterprise — a corporation or government agency — anyone can be the risk you may face someday,” says Bryan Ware, CEO of McLean, Virginia-based Haystax Technology, a business that identifies risks before they come threats.

Insider trust model

Haystax looks for threats at all levels, from petty theft to mass murder.

Law enforcement agencies use Haystax software products to prevent attacks and manage large events. Fire departments use Haystax software to manage life safety. Today, large commercial enterprises are using Haystax products to identify potential insider threats.

How does software identify someone that poses a threat? “We started by building a software model that thinks like a human being – that is, thinks by using concepts,” Ware says. “We also asked why we trust people. What characteristics does an individual possess that build trust in others?

Using individual data to assess risks

“Our models pull in data on individuals from background investigations, log in and log out times and many other factors. All in all, our insider trust model includes 700 factors that all of us have to some degree.”

"Our models pull in data on
individuals from background
investigations, log in and log
out times and many other factors" 

Haystax uses those 700 factors to build models for everyone employed by its clients. When people go through divorce or run into financial difficulties or develop substance abuse problems, they change, Ware continues. By fusing all of these factors together and monitoring for changes, it becomes possible to make decisions about an individual’s level of risk.

“There is a pattern to everyone’s life,” Ware says. “What does it mean when the pattern changes? We have developed algorithms that track these changes and produce risk factors on each individual on a continuous basis. We can tell who the highest risk personnel are.

“Suppose we find that a manager is going through life difficulties. We might suggest a different level of supervision.”

During the investigation of virtually every mass shooting, descriptions of the shooters in the days before the shooting are similar
Many friends, relatives and work associates notice disturbing changes in
behaviour before the tragedy occurs

Identifying violent risks

Experts that study mass murders say that perpetrators often have similar personalities: During the investigation of virtually every mass shooting, descriptions of the shooters in the days before the shooting are similar: He is typically male, single, white and in his 30s or 40s. He had grown sullen and withdrawn in recent weeks. He bought his guns legally. Some, but not all, exhibit signs of mental illness. As a rule, they are outsiders.

And many friends, relatives and work associates notice disturbing changes in behaviour before the tragedy occurs.

"In Orlando, the shooter was a
security guard. Wouldn’t it
have made sense to have
monitored him in some way?"

“It’s true,” Ware says. “In every single case we’ve looked into, there is always a lot of information in advance in the heads of friends and family and in databases. While we don’t want to become a society of tattletales, we need to think about these issues as a society.

“I believe we will see more and more of these kinds of threats in our workplaces. In Orlando, the shooter was a security guard. Wouldn’t it have made sense to have monitored him in some way?”

What privacy issues does this high level of individual scrutiny raise?

“Good question,” Ware says. “We can’t violate expectations of privacy. Many of our customers are high security government agencies and businesses. When they hire someone, that individual consents to being monitored.”

Ware goes on to note that companies with lower security concerns would require a lower level of monitoring — a level tailored to the company’s particular needs. Still, it would be important that employees know about and consent to being monitored.

Latest in

See privacy and cookie policy
SourceSecurity.com
Browsing from the Americas? Looking for SourceSecurity.com US Edition?
View this content on SourceSecurity.com US Edition, our dedicated portal for our Americas audience.
Do not show me this again
International EditionUS Edition