Carrefour de l'actualité

Cybersecurity: GEDAI Chair created to tackle insider threats

October 19, 2023 - Source : NEWS

The allusion in the name reflects the founders’ ambitions. By initiating the GEDAI (pronounced “JEDI”), the Institutional Chair on the Detection, Analysis and Automated Management of Internal Breaches and Anomalies, Polytechnique Montréal intends to attack the problem of insider threats, which, when it comes to cybersecurity, are at least as serious as external ones.

Inauguration de l'Institut multidisciplinaire en cybersécurité et cyberrésilience (IMC2) et annonce du projet Alliance menace interne. (Photo : Denis Bernier)
Inauguration of the Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2) and presentation of the GEDAI Chair at Polytechnique Montréal. (Photo: Denis Bernier)

The creation of the GEDAI Chair stems from the Insider Threat Alliance project, which is benefiting from $5.4 million in funding over five years from the Natural Sciences and Engineering Research Council of Canada (NSERC) and MITACS.

Professor Frédéric Cuppens of the Department of Computer and Software Engineering will lead the project, which brings together an array of collaborators including researchers from HEC Montréal and Université de Montréal through the Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2), which Dr. Cuppens heads. The research group will also be supported by industry partners, including National Bank of Canada, Desjardins, Qohash, Mondata and Cybereco.

Daunting threats

Insider threats, also called internal threats, represent the most significant security vulnerability within organizations and businesses, well ahead of external threats, which have been the focus of researchers’ attention in recent years.

Employees, consultants and all manner of third parties who have access to a given computer network constitute potential entry points for a cyberattack or intrusion, whether through malicious intent, negligence or simply being caught off-guard. And such entry points are being increasingly exploited by criminals.

According to IBM, the incidence of internal threat events more than tripled from 2016 to 2020, and there’s no sign of that momentum slowing. Moreover, the Ponemon Institute reports that more than half of organizations have experienced at least one insider threat incident during the past year. Increasing reliance on teleworking suggests that the phenomenon is not going away any time soon.

The research group led by Polytechnique intends to stop those gaps by developing a real-world management solution to help organizations and businesses deal with this growing menace. Their challenge will be to strike the right balance between economic, social and ethical considerations, as well as more technical and legal ones. They intend to address it by taking a multidisciplinary approach that takes account of real-world constraints.

“There are technical challenges and human issues that prevent today’s monitoring tools from being effectively implemented,” Professor Cuppens notes. “We hope that by getting a better picture of users’ realities, we’ll be able to develop a realistic access-management and supervision approach—one that organizations will adopt because it doesn’t add to their members’ workloads.”

The project will be supported by teams led by Professor Nora Boulahia Cuppens and Professor Amal Zouaq of the Department of Computer and Software Engineering at Polytechnique; Professor Alina Dulipovici of the Department of Information Technology at HEC Montréal; and Professor Benoît Dupont of the Faculty of Arts and Sciences – School of Criminology at Université de Montréal.

The researchers will begin by collecting field data so as to identify processes that pose risks for organizations. Since this step requires access to data sources that are sensitive for organizations as well as their employees, the gathering of that information will adhere to regulatory and ethical standards. In parallel, the team will develop an integrated insider threat management solution that will consider socio-technical, economic, ethical and regulatory considerations. The solution will use artificial intelligence, in part, to learn and model knowledge, and to apply automated reasoning.

Inaugural event for the IMC2

The announcement of the GEDAI Chair was made during the IMC2’s inaugural event, held on Wednesday, October 18, at Polytechnique Montréal’s Amphithéâtre Bernard‑Lamarre.

The afternoon event brought together nearly 200 stakeholders in cybersecurity and cyber resilience representing both academic and industry circles.

Following speeches by Maud Cohen, President of Polytechnique Montréal, Daniel Jutras, Rector of Université de Montréal, and Caroline Aubé, Director of Research and Knowledge Transfer at HEC Montréal, attendees heard pre-recorded messages from Pierre Fitzgibbon, Québec Minister of Economy, Innovation and Energy, Minister Responsible for Regional Economic Development and Minister Responsible for the Metropolis and the Montréal Region; Éric Caire, Minister of Cybersecurity and Digital Technology; and Pascale Déry, Minister of Higher Education.

Along with his colleagues, Minister Caire spoke enthusiastically about the founding of the Institute. “The IMC2 is, to me, the embodiment of what needs to be done in cybersecurity,” he said, adding that combining everyone’s strengths is the key to lasting solutions to the challenges facing the sector.

Signature du livre d'or pour l'Inauguration de l'Institut multidisciplinaire en cybersécurité et cyberrésilience (IMC2). (Photo : Denis Bernier)
Signing the Polytechnique Montréal guestbook at the IMC2 inauguration ceremony. Left to right: Caroline Aubé, Director, Research and Knowledge Transfer, HEC Montréal; Marc Gervais, Executive Director, IMC2; Maud Cohen, President, Polytechnique Montréal; Frédéric Cuppens, Full Professor, Department of Computer and Software Engineering, Director, IMC2 and Director, Insider Threat Alliance project; Daniel Jutras, Rector, Université de Montréal. (Photo: Denis Bernier).

Marc Gervais, the Institute’s Executive Director, says the Insider Threat Alliance is another example of that commitment. “Setting up this project and chair reflects IMC2’s vision and desire to leverage the complementary expertise of its members to develop practical solutions for the real world,” he explains.

Drawing on an initial pool of some 40 professors and their research teams, the IMC2 will provide governments, citizens and companies in Québec and the rest of Canada with leading-edge expertise in the form of research projects, training of an emerging generation in the relevant skills, innovation and knowledge sharing, and support for public policymaking. The Institute, the result of a partnership between Polytechnique Montréal, Université de Montréal and HEC Montréal, may eventually include other academic partners.

Learn more

IMC2 website
Professor Frédéric Cuppens's expertise
Department of Computer and Software Engineering website (in French)

Suggested Reading

January 25, 2024

Google makes a major donation of $1.3 million to support the Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2)

April 26, 2024

Polytechnique Montréal Creates Three New Institutional Research Chairs