Phocea Tech

Ludovic Nachury – 12/02/18

How Novasecur AIs risk atypical associations

Artificial intelligence is one of the buzzwords of the moment, as evidenced by the debate held about it in plenary at the AMRAE meeting of risk professionals. Meeting during which I was able to discover Novasecur, a local company with a real precedence on the subject and a particularly interesting sharing philosophy.

This company created in 2010 has about twenty employees, with headquarters in Paris and R & D in Aix. Originally specialized in multidimensional risk mapping, it quickly headed towards artificial intelligence. « It started in 2012, » explained Cédric de Serpos, its CEO, « we attended a presentation by IBM Watson who made us understand that this was the place to go. In 2013, we began to run POCs. At that time, it was machine learning. The first POC consisted of providing advice based on declarative data, such as internal audit or anomalies reporting, by comparing them to the transactional part. We also worked for one of our clients, a multinational whose British subsidiary was subject to some type of cyber attack. Thanks to machine learning, we have been able to correlate this with a series of totally different events occurring in another country, in Romania.

From Machine Learning to Weak AI

Recently, Novasecur has moved on to what it calls the « cognitive stage, » which makes it possible to design weak, level 4, AIs (level 5 is the strong AI, the one that is able to feel emotions by itself and that simply does not exist now). « We get interesting results on some recommendations. This requires that clients agree to let the AI run, and see what comes out. Our tool allows us to bring out atypical associations, which we would never have thought, while explaining to the client how we come to formulate such a recommendation. AI should not be a black box concept, you have to explain. » A logic that Novasecur applies in particular to the Sapin II (transparency and anti-corruption) French law, for which it will make its AIs work on each pillar.

Yes, its AIs, because each AI of the company remains a specific product, trained to learn the business issues it will work on. And since they are many, they can work together. « Today, our AIs are already talking to each other. What we want to put in place are places of expertise, where the AIs ​​of different companies could exchange with each other.

Blockchain and Processes

Another notable innovation of Novasecur, which would deserve a specific article, is its use of the blockchain. The company relies on the Ghost protocol (the one of Ethereum) for risks that are difficult to treat. It is applied not only to information protection but also to processes protection: the company analyzes each process so that it can be sliced ​​into as many micro-part as possible, each of them being transformed into a micro-contract, the basic Ethereum guaranteed unit. This use of the blockchain makes it possible to confirm not only the integrity of a process but also its anteriority.