SOURCE: Interset

Interset

August 23, 2016 09:15 ET

"Machine Learning: a Primer for Security" Covers What Security Professionals Need to Know in Latest ISSA Journal

OTTAWA, ON--(Marketwired - Aug 23, 2016) - A cover story in the August 2016 edition of the Information Systems Security Association (ISSA) Journal by Interset CTO Stephan Jou says the cybersecurity industry is still behind the curve in demonstrating the kind of success that machine learning has achieved in some other industries. But with rapidly growing volumes of data and better behavioral monitoring and machine learning that leverages new data sources and big data, security clearly will achieve more breakthroughs in the coming year. Download Machine Learning: A Primer for Security.

The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners that strives to provide objective expertise to support sound decision making, developing and connecting cybersecurity leaders globally.

"In the day-to-day world of data security, analytics practitioners who have embraced machine learning are regularly catching bad actors, such as externally compromised accounts or malicious insiders," the paper states. "We do this by using machine learning and analytics to detect indicators of compromise and predict which accounts are compromised or are employees likely to leave with stolen data. We succeed when we define what is normal, then determine anomalies using machine learning. Machines are simply faster at repetitive tasks like finding inconsistencies in the patterns of data usage, and machines do not tire from scouring through billions of data events per day.

"Machine learning can reduce the cost of standing up and maintaining a security program, as well as the time required to detect and respond to a breach once the inevitable occurs," Jou states. He cautions that, while it's popular to focus attention on the algorithm, it's more important to focus on the data and corresponding use case. By automating and prioritizing risks, machine learning enables skilled experts to focus attention on high-threat anomalies that signify targeted attacks, compromised accounts, and insider threats.

"Many companies' experiences with analytics date back to when scientists and integrators had to spend months, or even years, to understand the business and how every aspect of the dataset intersected with users and machines. This is no longer the case. Modern machine learning works with the data in your organization, observing it persistently through continuous user, file, and machine monitoring," writes Jou.

The primer explains how feature engineering of datasets, not algorithm selection, is where data scientists spend most of their time and energy. This process involves taking data -- for example, raw firewall, source code, application logs, or app logs -- understanding the semantics of the dataset, and picking the right columns or calculated columns that will help surface interesting stories related to use cases.

The paper concludes, "A skilled cyber hunter fed with amazing data sources and machine learning will save time, because the math never gets tired and rarely, if ever, makes a mistake. This leaves the experts far more freedom to focus on edge cases and provide feedback and guidance to the analytics engine to improve behavioral models."

About Interset

Interset provides highly intelligent, accurate insider and targeted outsider threat detection. Our solution unlocks the power of behavioral analytics, machine learning, and big data to provide the fastest, most flexible, and affordable way for IT teams of all sizes to operationalize a data-protection program. Utilizing agentless data collectors, lightweight endpoint sensors, advanced behavioral analytics, and an intuitive user interface, Interset provides unparalleled visibility into sensitive data. This enables early attack detection and actionable forensic intelligence with reduced false positives and noise. Interset solutions are deployed to protect critical data across the manufacturing, life sciences, high-tech, finance, government, intelligence communities, aerospace and defense, and securities brokerage industries.

For more information, visit Interset.com and follow us on Twitter @intersetca.

Contact Information