More Related Content

Slideshows for you(20)

Similar to Why Your Organization Should Leverage Data Science for Risk Intelligence and Business Decision Making (20)


Recently uploaded(20)


Why Your Organization Should Leverage Data Science for Risk Intelligence and Business Decision Making

  1. IT’S SCIENTIFIC - YOUR ORGANIZATION NEEDS DATA SCIENCE! Adam Harting, ISP® | Manager, Data Sciences & Analysis Global Security Services |Raytheon Company Resolver Int:rsect 2018 |San Diego, CA
  2. WHAT IS DATA SCIENCE & ANALYSIS?  The use of scientific methods, processes, algorithms, and systems to extract knowledge and insights from various data sources to create actionable business intelligence.  Intersection of fields in mathematics, social science, computer science, and business analysis.  Applying the practice of hypothesis testing, modeling, and machine learning methodologies to business processes.  Deepen understanding of phenomena ranging from physical and biological systems to human social and economical behavior. Mathematics & Statistics Computer Science Business Domain Knowledge Data Analytics Data Science Advanced Analytics Machine Learning "This hot new field promises to revolutionize industries from business to government, health care to academia." — The New York Times —
  3. DSA JOB LANDSCAPE Source: Data Sciences is the number one growing career in the United States and the Best Job In America according to Glassdoor’s 2018 Rankings. IBM predicts the demand for Data Scientists will soar 28% by 2020. Source:
  4. BIG DATA CAUSES BIG PROBLEMS  Virtually every sector in the world market has access to more data than a decade ago.  Data is being collected at an alarming rate that exceeds the capacity to extract value from it.  There is a cascade of overwhelming data on everything.  The pressing question for every organization is how to use data effectively – organization situational awareness, company risk, sustainability, process improvement, compliance… Big Data Scale = Terabytes (10^12) and Petabytes (10^15 - 1 million gigs)
  6. WHAT CAN DSA DO? Operational Metrics & Process Improvement •Day-to-day visualizations to measure overall health of operations and status of work items throughout each global discipline •Situational awareness •Data support for process improvements and sustainability measures Business Intelligence •Business development & risk assessment intelligence packages •Foreign posture analysis •Information system and network analysis •Employee behavioral analysis •Risk methodologies and mitigation strategies Predictive & Prescriptive Analytics •Risk based methodology analyses & intelligence packages •Behavioral analysis •Threat Management •Insider Threat analysis
  7. THE POWER OF DSA WITHIN AN ORGANIZATION  Empowers your company leaders to make data- driven business decisions through the use of data sciences and analytics.  Companies need a data science platform to overcome barriers to reproducibility and collaboration.  Explores data, shares analyses, and deploys predictive models for business decision making.  Optimized leadership metrics and measures to ensure timely and effective reports are used to influence business. Design & Construction Insight & Reporting Transforming & Action
  8. BUSINESS INTELLIGENCE “In God we trust; all others must bring data.” – William Edwards Deming –
  9. WHAT IS BUSINESS INTELLIGENCE (BI)?  The exploration of business information.  Common BI tools and methodologies:  reporting  analytical processing  data and process mining  organizational and business performance management  baseline and benchmarking  predictive and prescriptive analytics BI at “the click of a button”
  10. ANALYZING BUSINESS INTELLIGENCE Business Intelligence External Sources Other Company Sources Incident/Risk Management Systems • Reactive Intelligence • Proactive Intelligence • Predictive Intelligence
  11. EVOLUTION OF DATA ANALYSIS CompetitiveAdvantage Analytics Maturity Driving Risk Decision Making Optimization & Automation Predictive & Prescriptive Modeling Predictive Analytics Raw Data Visualizations & DashboardsStandard Reports/Metrics React & Respond Predict & Act
  12. MEASURING AND MANAGING RISK USING DATA SCIENCE “Risk comes from not knowing what you’re doing.” – Warren Buffett –
  13. WHAT IS RISK? LikelihoodofOccurrence Severity of Occurrence  The increased likelihood or probability that a given undesirable or detrimental event will occur causing damage, liability, loss or collective negative impact on operations.  The probability or threat of loss or damage that could occur due to lack of mitigations and/or protective measures by company or customer requirements.
  14. Risk Mitigation Strategies ADVANCING RISK MANAGEMENT Data Analysis Risk Assessment Risk Baseline for a specific area of interest Un-mitigated Threat Profile • Areas of interest that has measured and validated risks without mitigations • Organization(s) can apply concentrated attention on specific areas of risk • Strategic planning on resource allocation Validates Risk Baseline/Mitigations/ Identifies Additional Risks Currently Applied to Area(s) of Risk Identifies Additional Risks
  15. INFLUENCING THE BUSINESS – CASE STUDIES “What gets measured, gets managed.” - Peter Drucker -
  16. MEASURING THE BUSINESS ENVIRONMENT  Enterprise Security Incident Summaries  daily investigation metrics : case load : time management : investigation performance : root cause analysis  security incidents by organization : organization analysis : impacted programs  physical security case load : incident categorization by officer  Business Continuity & Preparedness Threat and Vulnerability Assessments  facility threat and vulnerability assessments : risk score : business continuity  Cyber Security  IS posture : IS status : locations : certifications : accreditations  Company’s Global Exposure to Terrorism and Acts of Violence  location proximities : attack trends : attack methodologies : target types : historical trends  Monitoring Internal Risk Assessments  assessment trends : organizational health  Global Event Identification Tool  facility location identifier : estimates of impact to global event  Human Behavior Analysis  insider Threat : threat management : human/event indicators
  17. CASE STUDY 1 Human Behavior Analysis
  18. WHERE’S WALDO? • Workplace Violence and Insider Threat incidents are on the rise • Used scientific methodologies and processes to compare events/incidents to indicators • Utilized network theory and analysis to visually show nodal cluster connections and patterns • Established monitoring and mitigation strategies to minimize or eliminate the threats of espionage and acts of violence
  19. CASE STUDY 2 International Growth and Risk
  20. WHERE TO BUILD NEXT? • Company was looking to establish a new facility in a non-us country to improve market share • Area(s) of interested had significant risks • Data Science team was asked to measure and evaluate historical risk data (violence and acts of terrorism) and evaluate the levels of risk • DSA used open source data from esteemed University and internal company locations to establish risk baselines for each prospect • Analysis gave leaders a unique lens on where to establish the new facility
  21. HEAT MAP • Intelligence products have historically been high level static reports that provide general threats and risks in certain countries and/or regions • Good place to start, but misleading – entire countries and/or regions do not have the same risks/threats throughout • Requires a significant amount of text to explain the details risks/threats for each country • Does not relate risks and threats back to the businesses and networks in scope • Does not provide the level of detail needed in order to make well-informed business decisions • Strictly a data visualization – NOT providing strategic information
  22. SCATTER ANALYSIS • Level of granularity significantly increased and begins to show a truer distribution of risks/threats • We now start to see that not all areas of countries and/or regions have the same level and/or types of risks/threats • We still do not see how the risks/threats relate to our business/network • Scatters with this many nodes are very noisy and do not provide clear enough information to make well informed business decisions • Strictly a data visualization – NOT providing strategic information
  23. BLENDED SCATTER ANALYSIS • New start getting a sense of the risks/threats as they relate to our specific network when we overlay the nodes of our network over the historical threat events • This visualization still requires a significant amount of analysis to interpret the data and draw out specific that will allow us to make well informed business decisions • Strictly a data visualization – NOT providing strategic information
  24. BASIC INTEL PACKAGE • Intel packages should not just visualize data, they should provide information • This intel package tells us how many incidents there were within range (100 miles) of our facilities – the range is determined by whatever your org’s comfort zone is • It also tells us what types of attacks and what the targets were of those attacks within range of our network and its individual nodes • We also get a historical 5 year trend • Package still requires further analysis • What are the trends by site? • What are the distances of incidents from our facilities? Are they more than 50 miles or are they within 5 miles?
  25. ADVANCED INTEL PACKAGE • We now see which facilities have risks/threats within varying ranges • We also see the risk/threat types and the target types within each range for each facility • We are able to start making better informed business decisions from an intel package like this, but it is historically focused • We do not know what is projected for the future
  26. FORECASTING RISK • Done through the development of algorithms / forecasting models • Determines whether we project risks to increase or decrease in the coming days/weeks/months/years • Allows us to pinpoint the specific risk/threat areas which we need to mitigate against or avoid • Allows for better allocation of resources to properly address areas of concern
  29. Questions? “If you torture the data long enough, it will confess.” - Ronal Coase -