Advanced Analytics in Cyber Security

Similar documents
IBM Security Investor Briefing 2018

Vendor Security Risk Management and Benchmarking

PREVENT MAJOR DATA BREACHES WITH THREAT LIFECYCLE MANAGEMENT Seth Goldhammer, Senior Director of Product Management at LogRhythm

SOLUTION BRIEF BUSINESS-DRIVEN, OMNI-CHANNEL FRAUD MANAGEMENT RSA FRAUD & RISK INTELLIGENCE

VULNERABILITY MANAGEMENT BUYER S GUIDE

TechnicalPitch Cibersegurança. Rui Barata Ribeiro Security Software Sales da IBM Portugal

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

The CISO s Ultimate Guide to Reporting to the Board. Win respect, earn more budget and change the world one security improvement at a time.

A brief history of fraud. Physical theft. Sale of fake and stolen payment cards. Identity theft and application fraud

People, process and technology

VULNERABILITY MANAGEMENT BUYER S GUIDE

Modern Payment Fraud Prevention at Big Data Scale

Automatically Find and Fix Insecure Database settings with Oracle Management Cloud PRO4284

OVERVIEW. March 13, 2015

No digitalization without risks

An all-in-one risk management platform delivering fraud detection, transactions screening and customer due diligence capabilities

SOLUTION BRIEF HELPING ADDRESS GDPR CHALLENGES WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

RSA ARCHER IT & SECURITY RISK MANAGEMENT

Integrate Powerful Communications into Your Apps and Services

Fraud and identity verification consulting case study maximize bookings and reduce operational costs by using the right data

VIA Insights: Telcoms CONNECT to Digital Operations

Network Access Control (NAC) Market, Global, Forecast to 2022

Trusted by more than 150 CSPs worldwide.

BBM Enterprise SDK CPaaS (Communications Platform as a Service) Build Powerful Communications Experiences, Safely and Securely

Protecting your critical digital assets: Not all systems and data are created equal

Fulfilling CDM Phase II with Identity Governance and Provisioning

Cyber Security. & GRC Metrics That Tell a Story! Presented by: Swarnika Mehta Manager, KPMG Cyber Security Services

Next-generation enterprise risk management

Insights and analytics by IBM MaaS360 with Watson

Fraud Controls to Tackle the Mobile Revolution

Financial Institutions Consulting. Quality service. Personal attention.

Solutions. Take Communication Surveillance to the next level

SOLUTION BRIEF RSA IDENTITY GOVERNANCE & LIFECYCLE SOLUTION OVERVIEW ACT WITH INSIGHT TO DRIVE INFORMED DECISIONS TO MITIGATE IDENTITY RISK

Disruptive Technologies Data Science & AI-Machine Learning

Securely Enabling the Enterprise of Things

Considerations when Choosing a Managed IT Services Provider. ebook

Louis Bodine IBM STG WW BAO Tiger Team Leader

Enable Business Transformation In Banking & Financial Services Organizations through Connected Devices. Arvind Radhakrishnen.

2018 Global Big Data Analytics Customer Value Leadership Award

Security intelligence for service providers

Automating the Defense: Really Taking Advantage of Automated Sharing

Developing Connected Products - What s needed? Driven to enable your success!

Key Benefits. Overview. Field Service empowers companies to improve customer satisfaction, first time fix rates, and resource productivity.

CONSULTING & CYBERSECURITY SOLUTIONS

Symantec s 2015 Financial Analyst Day

Cloud Accounting. Presentation by: Ronald N. Bwosi Managing Partner, Ronald's & Associates, Friday, 11 th May 2018

Insurance Accounting & Systems Association (IASA): NY/NJ Chapter Spring 2014

IBM QRadar SIEM. Detect threats with IBM QRadar Security Information and Event Management (SIEM) Highlights

Strategic Plan

wipro.com Media Capabilities Enhancing user experience

Transforming Business Needs into Business Value. Path to Agility May 2013

TOP 6 SECURITY USE CASES

SAP Road Map for Governance, Risk, and Compliance Solutions

Financial Services Compliance

7 Leading Companies that Transformed their Business with Analytics

Tackling the Insider Threat

BUYER S GUIDE: MFA BUYER S GUIDE. Evaluating and getting started with modern MFA solutions

KPMG International. kpmg.com

Optiv's Third- Party Risk Management Solution

KPMG International. kpmg.com

A Data-rich World for a Better World: From Sensors to Sense-Making

Build a Future-Ready Enterprise With NTT DATA Modernization Services

13 WAYS TO BUILD AN EFFECTIVE GSOC

The Evolution of Data and the Impact of New Technologies on Agency Finance & Procurement

The Hybrid Enterprise: Working Across On-premises, IaaS, PaaS and SaaS

The credit card industry: navigating an evolving environment. EY Advisory Services

Mastercard Asia Pacific Risk Leadership Conference Bali, Indonesia July 30 - August 2, 2018 DRAFT AGENDA

Mastercard Asia Pacific Risk Leadership Conference Bali, Indonesia July 30 - August 2, 2018 DRAFT AGENDA

Predictive Project Analytics 2.0 Keep your project on target with Deloitte s data-driven insights. Risk Advisory

How to Engage with Subscribers to Increase Profitability

Credit Risk Manager CRM

How to drive profitability in uncertain times. How advanced analytics can help your business to become a quality-connected enterprise

Network maintenance evolution and best practices for NFV assurance October 2016

Optimizing Outcomes in a Connected World: Turning information into insights

Crowe Portfolio Analyzer for Sureties and Agents solution

Are your profits tangled in the evolving web of fraud tactics?

Genpact Intelligent Operations SM

Asset Performance Management from GE Digital. Enabling intelligent asset strategies to optimize performance

IIROC 2015 Financial Administrators Section Conference

Features Benefits. Why Claro Enterprise Solutions. Product Description. Geo-fencing and real-time tracking via Google maps

PERSPECTIVE. Assuring the digital utilities transformation. Gaurav Kalia Client Solution Manager

Baptist Health South Florida

RBC Capital Markets Financial Institutions Conference 2018

2018 Global Vulnerability Management Market Leadership Award

LEADING WITH GRC. The Return of the ERM Extending Beyond It s Past Scope. Brenda Boultwood, SVP Industry Solutions, MetricStream

SRP. Sustainability Resource Planning ENVIRONMENT ENERGY ASSETS

Quantifying the Value of Investments in Micro Focus Quality Center Solutions

Enterprise intelligence in modern shipping

AI Trends in the Financial Sector. Microsoft Future Decoded Conference 6 th November 2018 Budapest

Driving excellence in IT Operations Navigating the digital world with next generation IT operating models. KPMG.com.au

Azure IoT Suite. Secure device connectivity and management. Data ingestion and command + control. Rich dashboards and visualizations

Identity as a Critical Next Step in Security

Cognitive IoT unlocking the data challenge

CONSIDERATIONS IN PRIVATE EXCHANGE MARKETPLACES

IT Strategic Plan Portland Community College 2017 Office of the CIO

PASW Modeler. Achieve Your Goals with Deep, Predictive Insight

cpi connected platform experience connectivity

Automate Regulatory Reporting with Oracle Financial Services Data Governance for US Regulatory Reporting

WHITE PAPER FAST ANALYTICS OVER SLOW DATA

Future Readiness of GIC Talent Models

Transcription:

Advanced Analytics in Cyber Security Michael McFadden Fraud, Security & Compliance August 1, 2017 2017 Fair Isaac Corporation.. This presentation is provided 2017 Fair for the Isaac recipient Corporation. only and. cannot be reproduced 1 or shared without Fair Isaac Corporation s express consent.

Topics for Today s Session Streaming analytics to detect and stop cyber threats Empirical analytics to assess cyber security posture 2017 Fair Isaac Corporation.. 2

Streaming analytics to detect and stop threats 2017 Fair Isaac Corporation.. 3

New Entry Points Bring New Risk IOT More devices more risk 1994 2001 2005 2007 2011 2012 2013 2014 2015 2016 Online Banking 1Million online users FFIEC announces regulation for online banking Apple launches iphone and banking by phone launches Online Banking is now mainstream 20%+ of all smartphone users use a mobile banking app One in three Americans state they stay with their bank because their mobile banking services makes it convenient US m- commerce makes up 29% of web sales 57% of US smartphone owners have used their devices for online banking Smart phone users will account for 96% of total mobile banking Aite prediction 2017 Fair Isaac Corporation.. 4

Over 6 BILLION records exposed in first half of 2017* There has been an alarming trend in the TARGETING OF TAX DATA. The number of confirmed successful attacks increased by 25%. * Help Net Security July 25, 2017 https://www.helpnetsecurity.com/2017/07/25/data-breaches-2017 2017 Fair Isaac Corporation.. 5

Current State of the Art in Cyber Security Pattern-matching Technical analysis (unpacking or detonating malware) to define signatures Cyber Criminals know the rules well enough to break them and avoid detection Exploit the Interoperability and demands for convenience Use Social Media for Phishing 2017 Fair Isaac Corporation.. 6

The gap between breach and discovery When a breach occurs, the majority of sensitivedata is stolen within minutes increasing thischallenge Seconds Minutes Hours Days Weeks Months Years ATTACK TO COMPROMISE COMPROMISE TO DATA LOSS TIME TO DISCOVERY DISCOVERY TO REMEDIATION 10% 8% 0% 0% 75% 38% 0% 1% 12% 14% 2% 9% 2% 25% 13% 32% 0% 8% 29% 38% 1% 8% 54% 17% 1% 0% 2% 4% In 60% of breaches, data is stolen within hours 54% of breaches are not discovered for months Source: Verizon 2013 Data Breach Investigations Report 2017 Fair Isaac Corporation.. 7

Shortcomings of the current "state-of-the-art" detection TOO MANY UNDIFFERENTIATED ALERTS TOO MANY NEW / MORPHING / EVOLVING THREATS SLIPPING THROUGH TOO FEW QUALIFIED RESOURCES TO INVESTIGATE AND RESOLVE CYBER THREATS MOST OF TODAY S SECURITY SOLUTIONS HAVE FUNDAMENTAL FLAWS: Based on what happened yesterday (or last week or last year) Require human interpretation of events Lack the means to adapt and self-correct No effective method to differentiatealerts Threats have become dynamic, making rule-based approaches less effective Devices, access points, and use cases have grown exponentially Network complexity has evolved beyond expert capacity to understand 2017 Fair Isaac Corporation.. 8

Machine Learning Analytics are the New Imperative in Cyber 9 2014 Fair Isaac Corporation..

Cybersecurity Analytics Streaming data analysis Real-time threat detection Enables automated containment and faster remediation Scalable distributed processing Self-learning UEBA Emerging threat detection Layered analytics model - Not limited to heuristics or peer group comparisons Responsive to analyst feedback through global consortium Continuous adaptation reduces false positives Continuous entity scoring Entity profiling devices, users, etc. Precise risk ranking with score range Simple results - score with detailed reasons to guide triage and response Adaptive real-time analytic models for accurate anomaly and threat detection 2017 Fair Isaac Corporation.. 10

Cyber Security Analytics Key Highlights Addresses Major Security Gaps Reduces threat dwell time through real-time detection Reduces false positives precise detection using self-learning analytical model Improves efficiency of security professionals Prioritizes threat risks through granular scoring Simple Results Score plus detailed reasons to guide analyst in investigation Adaptable Self-learning AI technology Flexible model - Accommodates new data sources and entity types (IoT) Scalable - Doesn t require large data store, fast streaming engine Modular design - Integrates with existing security eco-system solutions Proven Technology Analytic Models have been used across industries to detect and stop fraud Numerous threat behaviors detected such as: Reconnaissance activity Command and Control (C&C) communication Data Exfiltration 2017 Fair Isaac Corporation.. 11

Empirical analysis to assess cyber security posture 2017 Fair Isaac Corporation.. 12

Can your vendors and partners be trusted with your data? Customer records for at least 14 million subscribers, including phone numbers and account PINs, were exposed. Records were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a vendor of Verizon Over a week before the data was eventually secured. 2017 Fair Isaac Corporation.. 13

Key challenges in cyber risk quantification The space is nascent, and commercial solutions are just coming on the scene. Available metrics are expert-driven, lacking an empirical, quantitative connection between conditions, behaviors, and outcomes. Typical scores or ratings are backwards-looking assessments, or focus on current state rather than future outcomes - which is what is actually needed to drive business decision making. As good metrics evolve, transparency will be key in allowing market forces to increase our collective security posture. The state of the art in cyber breach insurance is preactuarial, and currently more art than science. A large proportion of cyber risk remain un-quantified and uncovered, or are silent cyber risks, not expressly excluded from other E&O policies. 2017 Fair Isaac Corporation.. 14

Parallel Paths a Historical Perspective 1990s Consumer Credit Scoring 2017 Enterprise Security Scoring Opportunity Apply predictive analytics to drive efficiency and scale in consumer credit underwriting and portfolio management Solution Consumer Credit Scoring Rank-order consumers based on likelihood of paying their credit obligations Result Adoption of Credit Scoring now ubiquitous in credit decisions Greatly expanded access to consumer credit Opportunity Apply predictive analytics to drive efficiency and scale in active vendor management and executive-level security oversight Solution Enterprise Security Scoring Rank-order organizations based on likelihood of suffering a material data breach Result Empirically-derived assessment of risk Trusted metric for active vendor management Consistent breach insurance underwriting and portfolio monitoring 2017 Fair Isaac Corporation.. 15

Enterprise Security Scoring Predictive score based on supervised, empirical analysis of continuously updated data collected at internet scale Score or Grade encapsulates the future likelihood of a significant breach event Compares external network observations to previously breached networks Combines condition and behavior signals Reason codes detail primary risk vectors enabling contextual explanation of results Accessed on-demand 2017 Fair Isaac Corporation.. 16

Security Scoring The Data Scope and nature of exposure Data elements continually monitored at internet scale, reflecting: Policy effectiveness Management behaviors Conditions and behaviors Passive Scan Info Internet Presence Data richness that supports empirical analysis, not judgment-based grades Data utilized reflects historical risk indicators from global organizations Machine learning used to evaluate historical risk indicators to understand correlated pre breach behaviors Risk indicators are then used in the predictive model as labels Evidence of compromise Details of global breach incidents Compiled Sources Breach Events Enterprise Security Scoring Commercial Sources 2017 Fair Isaac Corporation.. 17 Firm demographics

Different Views of your Risk Posture Internal Self Assessment Enable CISOs to demonstrate security performance over time Provides detailed threat info across all evaluated network assets Supports drill-down to primary threat vectors Strengthens defenses with actionable information Supports investment decisions and resource allocation Third Party/Vendor Risk Assessment Supports CROs and CISOs in active vendor management Vet the risk of potential partners Monitor the risk of your entire partner portfolio Benchmark across categories or segments of partners Supports breach insurance underwriting 2017 Fair Isaac Corporation.. 18 Profile Name Network Assets Security Score Endpoint Security Infrastructure Security Services Security Octondo Golf Resort 3.02 in 5 prefixes 620 1 77 244 Eaveo Recording Company 1.09 in 9 prefixes 750 30 19 9 Isova Football Club 0.06 in 1 prefix 800 7 340 23 Coragen Fitness World 12.01 iin 7 prefixes 510 300 1 38 Last Updated 2017-07-05 02:08 2017-07-05 02:08 2017-07-05 02:08 2017-07-05 02:08

Enterprise Security Scoring Key Highlights Empirical Leverages an extensive array of analytic techniques Supervised modeling approach correlates signals with real outcomes Evaluates both condition and inferred behavior An empirically-derived benchmark of cyber risk, rather than an opinion-based ranking Predictive Predictive model focuses on future outcomes rather than transient threats Visibility into enterprise security behaviors to mitigate future potential failures Aligns to forward-looking business objectives and outcomes Actionable User controls scope of analysis and definition of enterprise Enables sharing and collaboration Integrates with ticketing and workflow systems for systematic remediation NIST controls cross-reference supports compliance initiatives Inform, Predict Odds of Breach, Remediate, Repeat 2017 Fair Isaac Corporation.. 19

FICO Overview 2017 Fair Isaac Corporation.. 20 Profile Products and Services Clients and Markets Offices The leader in advanced analytics and decision management Founded: 1956 NYSE: FICO / $881M revenue FY2016 Analytics and decision management systems Reducing the time from insight to action FICO Scores used for 96% of US credit underwriting Predictive analytics for risk management AI systems for security threat and fraud detection Advanced analytics for cyber risk quantification Tools for analytics authoring and decision management 10,000+ clients in 90+ countries Industry focus: Banking, government, insurance, logistics 20+ offices worldwide, HQ in San Jose, California 3,100 employees Regional Hubs: San Rafael and San Diego (CA), New York, London, Birmingham (UK), Johannesburg, Milan, Moscow, Bensheim, Munich, Madrid, Istanbul, Sao Paulo, Bangalore, Beijing, Singapore

Thank You Michael McFadden Fraud, Security & Compliance michaelmcfadden@fico.com (858) 369-8425 2017 Fair Isaac Corporation.. This presentation is provided 2017 Fair for the Isaac recipient Corporation. only and. cannot be reproduced 21 or shared without Fair Isaac Corporation s express consent.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback