Of Robots and Response Times: Automating Cybersecurity Analysis
-
Upload
kevin-obrien -
Category
Technology
-
view
62 -
download
5
Transcript of Of Robots and Response Times: Automating Cybersecurity Analysis
- 1. GreatHorn Of Robots and Response Times: Automating Cybersecurity Analysis #REWORKDL
- 2. Why Are We Talking About Security? 1. Affects all of us 2. Well suited to machine learning 3. Huge market, huge opportunity to do good, not a lot of traction (yet)
- 3. A Snippet of History
- 4. Three Fundamental Unsolved Problems Problem One: IT complexity is outpacing our expertise
- 5. Three Fundamental Unsolved Problems Problem Two: Years of technical debt, data overload
- 6. Three Fundamental Unsolved Problems Problem Three: Manual labor is not a solution
- 7. Multiple attack methodologies and vectors Establishment of Command and Control (hands on keyboard) access Low and Slow East-west movement, migration, attacks Constant, coordinated, human effort Specific objective and attack Ubiquitous Hoodie-Clad Hacker Buzzword Time: APT
- 8. Multilayer Analytics For APTs Attack Anatomy Reconnaissance Weaponization Command and Control Data Loss (Breach)
- 9. Events {a, b, c, ...} are indicative of a breach; do you agree? Analyst-Based (Supervised) Unsupervised Result-Driven On a time-series model N, IOCs {x, y, z...} are being seen across industries like yours. Across a data lake of N incidents, weight incident and correlate it to known breach indicator; treat the result as an input to the learning algorithm Training the InfoSec Analyst Robots
- 10. Where Does This All Lead? Multi-Dimensional (Organization) Security Input Predictive Security Output
- 11. Recap and Questions Security needs to evolve from manual to (semi-?) automated analysis Core technical challenges are: Data normalization Incident-to-narrative connection Behavioral analytics Prescriptive / automated response From a CISO/CSO perspective, the outcome needs to demonstrably reduce risk of breach, without increasing analyst workload/cost GreatHorn www.greathorn.com [email protected]
- 12. [email protected] (800) 605-2566 116 Beech St Belmont, MA 02478 thank you