LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A use case in Finance Sector

Similar documents

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Can We Become Resilient to Cyber Attacks?

An New Approach to Security. Chris Ellis McAfee Senior System Engineer

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Fostering Incident Response and Digital Forensics Research

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Into the cybersecurity breach

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

TRITON APX. Websense TRITON APX

Advanced Threat Protection with Dell SecureWorks Security Services

SECURITY MEETS BIG DATA. Achieve Effectiveness And Efficiency. Copyright 2012 EMC Corporation. All rights reserved.

CSM-ACE 2014 Cyber Threat Intelligence Driven Environments

Threat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products

Scaling Big Data Mining Infrastructure: The Smart Protection Network Experience

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Information Technology Policy

Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data

Data Mining + Business Intelligence. Integration, Design and Implementation

Attack Intelligence: Why It Matters

Separating Signal from Noise: Taking Threat Intelligence to the Next Level

The webinar will begin shortly

Big Data Strategies Creating Customer Value In Utilities

場次 :C-3 公司名稱 :RSA, The Security Division of EMC 主題 : 如何應用網路封包分析對付資安威脅主講人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY

High End Information Security Services

Perspectives on Cybersecurity in Healthcare June 2015

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Cybersecurity Awareness. Part 1

Practice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited

FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES

Getting Ahead of Advanced Threats

Cyber Security Metrics Dashboards & Analytics

NEEDLE STACKS & BIG DATA: USING EVENT STREAM PROCESSING FOR RISK, SURVEILLANCE & SECURITY ANALYTICS IN CAPITAL MARKETS

Performing Advanced Incident Response Interactive Exercise

BIG DATA. Shaun McLagan General Manager, RSA Australia and New Zealand CHANGING THE REALM OF POSSIBILITY IN SECURITY

Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective

RSA Security Anatomy of an Attack Lessons learned

Data Science Transforming Security Operations

2015 Analyst and Advisor Summit. Advanced Data Analytics Dr. Rod Fontecilla Vice President, Application Services, Chief Data Scientist

Threat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research

What s New in Security Analytics Be the Hunter.. Not the Hunted

Towards Smart and Intelligent SDN Controller

CyberArk Privileged Threat Analytics. Solution Brief

ALERT LOGIC FOR HIPAA COMPLIANCE

2012 雲端資安報告. 黃建榮資深顧問 - Verizon Taiwan. August 2012

Dealing with Big Data in Cyber Intelligence

Security strategies to stay off the Børsen front page

How To Monitor Your Entire It Environment

How To Create An Insight Analysis For Cyber Security

A Cyber Security Integrator s perspective and approach

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Redefining Incident Response

DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES

Big Data Analytics. An Introduction. Oliver Fuchsberger University of Paderborn 2014

Security Business Intelligence Big Data for Faster Detection/Response

OPERA SOLUTIONS CAPABILITIES. ACH and Wire Fraud: advanced anomaly detection to find and stop costly attacks

THE PERFECT STORM WEATHERING CYBER THREATS IN THE HEALTHCARE INDUSTRY

電子銀行風險 - 認證與核實. Fraud Risk Management The Past and the Future 欺詐風險管理 - 過去與未來

Moving Large Data at a Blinding Speed for Critical Business Intelligence. A competitive advantage

Addressing the blind spots in your security strategy. BT, Venafi & Blue Coat

WEBSENSE TRITON SOLUTIONS

Cybersecurity The role of Internal Audit

10 Things Every Web Application Firewall Should Provide Share this ebook

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Evolving Threat Landscape

Using Network Forensics to Visualize Advanced Persistent Threats

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

Niara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning

and Security in the Era of Cloud

Ty Miller. Director, Threat Intelligence Pty Ltd

Advanced Threats: The New World Order

Palo Alto Networks. October 6

Intelligent Business Operations

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

The Cyber Threat Profiler

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Peter Hill, Oracle Reveleus & Mantas

Extreme Networks Security Analytics G2 Vulnerability Manager

Corporate Security Intelligence Services

Setting the Standard for Safe City Projects in the United States

Achieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR

Banking on Business Intelligence (BI)

IBM Security X-Force Threat Intelligence

Persistence Mechanisms as Indicators of Compromise

Log Analysis: Overall Issues p. 1 Introduction p. 2 IT Budgets and Results: Leveraging OSS Solutions at Little Cost p. 2 Reporting Security

Transcription:

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A use case in Finance Sector

INITIAL SCENARIO IT Security Incidents Physical Incidents Stolen data/credentials Malware / Phishing Denial of Service APTs Money theft Vandalism Employee harassment Social Incidents E-Money Incidents Reputation damage Discredit campaign Mobilize demonstrations Employee harassment Black market cards Transactions fraud Money laundering

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE MAIN PROJECT GOALS Scale beyond the fish tanks Data Lake Mix up the data Correlation Get more out of each byte Machine Learning 3

ARCHITECTURE DATA REALTIME ANALYSIS CEP CORRELATION ENGINE MESSAGE BUS Alerts Handling EVENTS Reporting DATA DATA EVENTS COLLECTION + NORMALIZATION STORAGE BIG DATA REPOSITORY INTELLIGENCE ENGINE LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE 4

THE DATA LAKE IT SECURITY PHYSICAL E-MONEY MALWARE SOCIAL INCIDENTS INCIDENTS INCIDENTS FEEDS NETWORKS DATA NORMALIZATION

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE SOCIAL NETWORKS e-feeling CONCEPT! Calculate people s feeling about the Organization s brand e-feeling Correlation Engine Intelligence Engine Big Data Repository 6

MACHINE LEARNING (ML)

ML TECHNIQUES APPLIED FORECASTING To Forecast an event occurrence based on past events Ex: Number of Attacks to Organization s website in the next 5 days CLASSIFICATIONS To Classify a new event based on a previous events classification Ex: Classify a transaction as FRAUD / NO FRAUD ASSOCIATION RULES Mine data to find relations in events occurred in same time interval Ex: Every time a netscan is detected, a SQLi is seen 80% of times LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE 8

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE MACHINE LEARNING OPERATIONS BIG DATA REPOSITORY Driven by Data Scientists & Validated by Organization 9

ML IN ACTION PATTERN DISCOVERY Discover patterns among different areas Example: When e-feeling for 3 days, #CyberAttacks 90% of the times Implement the patterns to prevent incidents IF e-feeling for 2 days THEN alert of potential CyberAttack if tomorrow e-feeling decreases again LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE 10

ML IN ACTION FORECASTING Forecast occurrence of an event based on modelled past ones Example: Tomorrow s number of attacks to Home banking Implement a rule in the Correlation Engine anticipating the possible incidents IF trend of #HomeBanking attacks in the next days, THEN increase the security threat level LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE 11

ML IN ACTION CLASSIFYING Classify new events based on models created after analyzing previous ones Example: Security Risk Scoring of a Home Banking login Feed the results to other applications to provide them with useful info before taking decisions LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE 12

ML RESULTS SO FAR The Good Ones Improvement of Cyberattacks readiness Better anticipation on people demonstrations calls Decrease of fraud on ATMs Discover new data relationships between areas The Other Ones Numerically good results don t always mean interesting results for the Organization Sometimes, ML attempts take you to deadends LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE 13

LESSONS LEARNT

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE ML & ADAPTATION vs 15

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE ML & KNOWLEDGE 16

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE MULTI-AREA ENGAGEMENT 17

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE DON T SET TOO HIGH EXPECTATIONS 18

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE PATIENCE IS REQUIRED 19

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE ML HOUSEKEEPING 20

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A FINANCE SECTOR USE CASE NEXT STEPS Evaluating new technologies to horizontallyscale in memory the Machine Learning process Keep filling the lake 21

Thanks for your time! Let s keep in touch Josep Román Senior Manager @ Indra jroman@indra.es