Students develop “health check” to prevent cyberattacks

Digitalisation has revolutionised most industries. But when every system is online, companies become more vulnerable to cyberattacks. Through DNV GL’s summer project, eight students have helped develop a tool to easier identify security holes – and it is fully automated.

“It is very rewarding working with cyber security, since it affects us all, both in large companies and in our everyday life. Today, mostly cyber experts are searching for security holes. But with our “health check” tool, Scanning Artificial Intelligence (SCAI), companies can find out in a much simpler way if their system is healthy or if it needs any sort of treatment”, said Anders Bergfjord Fjellvikås, student summer project manager and final year Master of Science in Economics and Business at the Norwegian School of Economics.

Together with seven other students, he has been part of the team that has developed SCAI. SCAI uses artificial intelligence to carry out risk analysis for online systems. The diagnosis set will identify potential security threats such as software that needs updating, and unknown units that are connected to the network.

“Security holes are often a result of lack of knowledge or carelessness among employees that use the IT-systems. One example could be connecting your cell phone to an unsecured network, and then charging it through a computer connected to a secure network. This could threaten the integrity of the secure network. That is why cyber security also affects us in our day to day life”, Fjellvikås explains.

Employees become cyber-detectives 

SCAI conducts a full scan of a company’s IT-systems, resulting in a report showing which vulnerabilities exist within the network. The tool will identify errors and security holes so that the user’s own IT personnel can close the security gap themselves or consult DNV GL’s help desk directly.

DNV GL assists a whole range of clients with IT-security measures. According to Elisabet Line Haugsbø, DNV GL cyber security engineer and summer project manager, SCAI will also improve how DNV GL and its clients can collaborate.

“We believe SCAI will make our clients feel safer through closer dialogue with us and more frequent check-ups. The automated reports will mean money saved, because the SCAI-users are doing more of the risk analysis themselves”, Haugsbø said.

Haugsbø normally works with ethical hacking, where she helps shipping companies find security holes before unwanted guests get the chance to do the same.

“The technology is getting more advanced, but by involving the employees in finding security holes, we hope to increase awareness about secure use of the employer’s IT-systems”, Haugsbø explained.

For more information, visit: www.dnvgl.com

28th August 2018