SlideShare a Scribd company logo

Big Data Analytics for Cyber Security: A Quick Overview

Femi Ashaye
Femi Ashaye

Update of slide on "addressing cyber security", emphasising the data centric approach introduced previously through use of Big Data Analytics.

1 of 8
Big Data Analytics for Cyber Security: A Quick Overview By Femi Ashaye
 Introduction – Addressing Cyber Security (2013)  Managing Cyber Threats (2013)  Big Data Analytics in SIEM  Managing Cyber Threats (2016)  Cyber Security Control Model  Conclusion Agenda
 Previous presentation on Cyber Security http://www.slideshare.net/fashaye/addressing-cyber-security-26632216 addressed approach required to deal with Cyber threats in mid 2013 – threat landscape in 2016 has increased and evolved.  Risk based approach of 2013 is still relevant, utilising relevant, but more linear, ISO 27001 processes and activities (Plan->Do->Check->Act->Check->Act->Check->Act->Check->.... ):  Risk Assessments conducted to understand likelihood of threats and vulnerabilities and impact to the organisation (Plan & Check)  Prevent, detect and respond to security incidents, reviewing existing state of security (Check & Act)  Measurement of control effectiveness and maturity of overall security to enable when, where and how to improve overall security posture (Check & Act)  SIEM provides recording of security incidents and risk related information such as:  Malicious traffic to specific systems  Suspicious activity across domain boundaries  User session activity.. and more...  Outcome is that the approach is required to understand the scale and impact of Cyber Threats.  Indicators for risk exposure and control effectiveness identifies key risks over time.  Data and system centric processes and key controls already exists for dealing with Cyber Threats.  Might require help from other disciplines such as criminologists, sociologists, psychologists. lawyers etc.. leading to people and behaviour centric controls. Introduction – Addressing Cyber Security (2013)
Managing Cyber Threats (2013) Threat Firewall Identity and Access Manager DLP Vulnerability Vulnerability Scanner Asset Preventative and Detective Controls IDS/IPS Suspicious Login or Access Event Malicious Port Scanning Event Malware Event Data Theft Event Mitigates or stop attack against... Discovers attack against.. Suspicious Network Access Event Application; DB and OS etc.. information Asset Inventory and compliance Information Un-patched OS/Application Denial of Service Event Mounts attack on.. Can be exploited to attack Discovers and protects against Discovers and protects against.  Threat Correlation/Aggregation  Vulnerability Correlation/Aggregation  Asset Correlation/Aggregation  Event Logging and Reporting Risk Information SIEM & Logger AV Gateway ALARM Security Incidents
 Digitalisation (specifically Internet-of-things) and business ecosystems introducing proliferation and disparate connected systems and devices, means variety of security data are creeping up to higher volumes now more so than ever (Gartner – Security data expect to slowly double up every year through to 2016, since 2014).  Threat landscape in 2016 has evolved, and is increasing. Cyber criminals typically blend into background operational noise, performing undetected reconnaissance of networks over long period of time, before carrying out attacks. Identifying these threats amongst the growing volumes of security data presents greater challenges  Data centric controls outlined, but not detailed, in 2013 approach is now more relevant. Big Data analytics applied to Cyber Security provides another level of context. It identifies threat anomalies, patterns and predict threats not typically derived from the traditional risk-based context.  Traditional SIEM not able to capture proliferation of new data - New generation of SIEM tools incorporate Big Data Analytics to provide Security Analytics.  Security analytics will better consolidate all security data from disparate security tools, business applications, IT applications, cloud applications, digital business ecosystems and business processes to deal with enterprise level threats at real-time.  Security analytics will have the capabilities to seamlessly mine data, structured and unstructured, to enhance threat landscape analysis and provide better visualisation of such data to further aid forensics capabilities.  Security Analyst skillset requires high level of data science and big data analytics expertise Big Data Analytics in SIEM
Managing Cyber Threats (2016) Threat Firewall Identity and Access Manager DLP Vulnerability Vulnerability Scanner Asset Preventative, Predictive and Detective Control IDS/IPS Suspicious Login or Access Event Malicious Port Scanning Event Malware Event Data Theft Event Mitigates or stop attack against... Discovers attack against.. Suspicious Network Access Event Application; DB and OS etc.. information Asset Inventory and compliance Information Un-patched OS/Application Denial of Service Event Mounts attack on.. Can be exploited to attack Discovers and protects against Discovers and protects against. Unstructured Security Event Correlation/Aggregation Threat Correlation/Aggregation  Vulnerability Correlation/Aggregation  Asset Correlation/Aggregation  Event Logging and Reporting Predictive Modelling Risk Information SIEM w/Security Analytics AV Gateway ALARM Security Incidents Business & IT application Unstructured security events Cloud systems Context aware identity data Predicted Threats
Cyber Security Control Model THREATS INCIDENTS COMPLIANCE NEGATIVE BUSINESS IMPACT PREDICTIVE CONTROLS DETERRENT CONTROLS PREVENTATIVE CONTROLS CONTAINMENT CONTROLS ASSURANCE CONTROLS EVIDENTIAL CONTROL CORRECTIVE CONTROLS DETECTIVE CONTROLS VALUE ASSETS Demonstrates Reduce Have Results in VULNERABILITIES Triggers Triggers Triggers The model illustrates the basic relationships between Risks and Countermeasures driven by the control capabilities of Security Analytics. It demonstrates how prediction and detection of threats enables proactive response to definitive, and potential risk scenarios. Exploit Causing Affecting CountermeasuresRisk Model Informs
Conclusion  Big data driven security enables organisations to gain richer context for assessing Cyber threats against their specific business and compliance requirements  Enables a more data centric approach to traditional risk-based security intelligence  Enables a more agile approach to traditional risk-based security intelligence  Address Advanced Persistent Threats  Improve security monitoring  Data architecture to incorporate and catalogue all relevant security information across the business required for Security Analytics  Future security strategy will feature investment and alignment of security tools enhanced with big data analytics capabilities – This is the next challenge  Security Analytics currently addresses Cyber Threats by combining traditional human led risk analysis with machine led data-driven, behavioural analysis - This will evolve to a machine only led, risk and data driven, Security Analytics. Thank You!!

Recommended

Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsCyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutions
Schneider Electric
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
Birendra Negi ☁️
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
Iftikhar Ali Iqbal
 
Data Governance Intro.pptx
Data Governance Intro.pptxData Governance Intro.pptx
Data Governance Intro.pptx
BHARATH KUNAMNENI
 
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Enterprise Management Associates
 
Big Data & Analytics (Conceptual and Practical Introduction)
Big Data & Analytics (Conceptual and Practical Introduction)Big Data & Analytics (Conceptual and Practical Introduction)
Big Data & Analytics (Conceptual and Practical Introduction)
Yaman Hajja, Ph.D.
 
AI Data Acquisition and Governance: Considerations for Success
AI Data Acquisition and Governance: Considerations for SuccessAI Data Acquisition and Governance: Considerations for Success
AI Data Acquisition and Governance: Considerations for Success
Databricks
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
DataWorks Summit/Hadoop Summit
 

Recommended

Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsCyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutions
Schneider Electric
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
Birendra Negi ☁️
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
Iftikhar Ali Iqbal
 
Data Governance Intro.pptx
Data Governance Intro.pptxData Governance Intro.pptx
Data Governance Intro.pptx
BHARATH KUNAMNENI
 
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Enterprise Management Associates
 
Big Data & Analytics (Conceptual and Practical Introduction)
Big Data & Analytics (Conceptual and Practical Introduction)Big Data & Analytics (Conceptual and Practical Introduction)
Big Data & Analytics (Conceptual and Practical Introduction)
Yaman Hajja, Ph.D.
 
AI Data Acquisition and Governance: Considerations for Success
AI Data Acquisition and Governance: Considerations for SuccessAI Data Acquisition and Governance: Considerations for Success
AI Data Acquisition and Governance: Considerations for Success
Databricks
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
DataWorks Summit/Hadoop Summit
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from SymantecArrow ECS UK
 
Data science & data scientist
Data science & data scientistData science & data scientist
Data science & data scientist
VijayMohan Vasu
 
Data Classification Presentation
Data Classification PresentationData Classification Presentation
Data Classification PresentationDerroylo
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
ControlCase
 
1.1 Data Security Presentation.pdf
1.1 Data Security Presentation.pdf1.1 Data Security Presentation.pdf
1.1 Data Security Presentation.pdf
ChunLei(peter) Che
 
Elastic Data Warehousing
Elastic Data WarehousingElastic Data Warehousing
Elastic Data Warehousing
Snowflake Computing
 
[Webinar Slides] Developing a Successful Data Retention Policy
[Webinar Slides] Developing a Successful Data Retention Policy [Webinar Slides] Developing a Successful Data Retention Policy
[Webinar Slides] Developing a Successful Data Retention Policy
AIIM International
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
PECB
 
Big data analytics
Big data analyticsBig data analytics
Big data analytics
Vikram Nandini
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) Technology
Liwei Ren任力偉
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Seccuris Inc.
 
Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)
Hussein Al-Sanabani
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
OWASP Delhi
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
Priyanka Aash
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
Sirius
 
Data Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesData Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & Approaches
DATAVERSITY
 
Data Lake Overview
Data Lake OverviewData Lake Overview
Data Lake Overview
James Serra
 
Data security
Data securityData security
Data security
AbdulBasit938
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Solution architecture for big data projects
Solution architecture for big data projectsSolution architecture for big data projects
Solution architecture for big data projects
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
November 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with HadoopNovember 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with HadoopYahoo Developer Network
 
Healthcare info tech systems cyber threats ABI conference 2016
Healthcare info tech systems cyber threats ABI conference 2016Healthcare info tech systems cyber threats ABI conference 2016
Healthcare info tech systems cyber threats ABI conference 2016
Amgad Magdy
 

More Related Content

What's hot

Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from SymantecArrow ECS UK
 
Data science & data scientist
Data science & data scientistData science & data scientist
Data science & data scientist
VijayMohan Vasu
 
Data Classification Presentation
Data Classification PresentationData Classification Presentation
Data Classification PresentationDerroylo
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
ControlCase
 
1.1 Data Security Presentation.pdf
1.1 Data Security Presentation.pdf1.1 Data Security Presentation.pdf
1.1 Data Security Presentation.pdf
ChunLei(peter) Che
 
Elastic Data Warehousing
Elastic Data WarehousingElastic Data Warehousing
Elastic Data Warehousing
Snowflake Computing
 
[Webinar Slides] Developing a Successful Data Retention Policy
[Webinar Slides] Developing a Successful Data Retention Policy [Webinar Slides] Developing a Successful Data Retention Policy
[Webinar Slides] Developing a Successful Data Retention Policy
AIIM International
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
PECB
 
Big data analytics
Big data analyticsBig data analytics
Big data analytics
Vikram Nandini
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) Technology
Liwei Ren任力偉
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Seccuris Inc.
 
Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)
Hussein Al-Sanabani
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
OWASP Delhi
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
Priyanka Aash
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
Sirius
 
Data Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesData Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & Approaches
DATAVERSITY
 
Data Lake Overview
Data Lake OverviewData Lake Overview
Data Lake Overview
James Serra
 
Data security
Data securityData security
Data security
AbdulBasit938
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Solution architecture for big data projects
Solution architecture for big data projectsSolution architecture for big data projects
Solution architecture for big data projects
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 

What's hot (20)

Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from Symantec
 
Data science & data scientist
Data science & data scientistData science & data scientist
Data science & data scientist
 
Data Classification Presentation
Data Classification PresentationData Classification Presentation
Data Classification Presentation
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
 
1.1 Data Security Presentation.pdf
1.1 Data Security Presentation.pdf1.1 Data Security Presentation.pdf
1.1 Data Security Presentation.pdf
 
Elastic Data Warehousing
Elastic Data WarehousingElastic Data Warehousing
Elastic Data Warehousing
 
[Webinar Slides] Developing a Successful Data Retention Policy
[Webinar Slides] Developing a Successful Data Retention Policy [Webinar Slides] Developing a Successful Data Retention Policy
[Webinar Slides] Developing a Successful Data Retention Policy
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
 
Big data analytics
Big data analyticsBig data analytics
Big data analytics
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) Technology
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
 
Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
Data Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesData Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & Approaches
 
Data Lake Overview
Data Lake OverviewData Lake Overview
Data Lake Overview
 
Data security
Data securityData security
Data security
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
 
Solution architecture for big data projects
Solution architecture for big data projectsSolution architecture for big data projects
Solution architecture for big data projects
 

Viewers also liked

November 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with HadoopNovember 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with HadoopYahoo Developer Network
 
Healthcare info tech systems cyber threats ABI conference 2016
Healthcare info tech systems cyber threats ABI conference 2016Healthcare info tech systems cyber threats ABI conference 2016
Healthcare info tech systems cyber threats ABI conference 2016
Amgad Magdy
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
Matthew Rosenquist
 
Threat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceThreat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security Conference
SolarWinds
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence
Stefaan Van daele
 
RSA 2014: Non-Disruptive Vulnerability Discovery, Without Scanning Your Network
RSA 2014: Non-Disruptive Vulnerability Discovery, Without Scanning Your NetworkRSA 2014: Non-Disruptive Vulnerability Discovery, Without Scanning Your Network
RSA 2014: Non-Disruptive Vulnerability Discovery, Without Scanning Your Network
Skybox Security
 
2016 Cyber Threat Defense Report
2016 Cyber Threat Defense Report2016 Cyber Threat Defense Report
2016 Cyber Threat Defense Report
Citrix
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM Security
 
IKANOW System Architecture Guide
IKANOW System Architecture GuideIKANOW System Architecture Guide
IKANOW System Architecture GuideSholeh Gregory
 
Managing Security At 1M Events a Second using Elasticsearch
Managing Security At 1M Events a Second using ElasticsearchManaging Security At 1M Events a Second using Elasticsearch
Managing Security At 1M Events a Second using Elasticsearch
Joe Alex
 
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemThe Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch System
Lancope, Inc.
 
Infosec 2015 - Using threat intelligence to improve security response
Infosec 2015 - Using threat intelligence to improve security responseInfosec 2015 - Using threat intelligence to improve security response
Infosec 2015 - Using threat intelligence to improve security response
Huntsman Security
 
Conference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiConference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili Saghafi
Professor Lili Saghafi
 
Big data new era of network security analytic dwika
Big data new era of network security analytic dwikaBig data new era of network security analytic dwika
Big data new era of network security analytic dwika
Dwika Sudrajat
 
2016 Symantec Internet Security Threat Report
2016 Symantec Internet Security Threat Report2016 Symantec Internet Security Threat Report
2016 Symantec Internet Security Threat Report
RapidSSLOnline.com
 
Managing Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchManaging Your Security Logs with Elasticsearch
Managing Your Security Logs with Elasticsearch
Vic Hargrave
 
Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)
Rui Miguel Feio
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
IBM Security
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Andris Soroka
 

Viewers also liked (20)

November 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with HadoopNovember 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with Hadoop
 
Healthcare info tech systems cyber threats ABI conference 2016
Healthcare info tech systems cyber threats ABI conference 2016Healthcare info tech systems cyber threats ABI conference 2016
Healthcare info tech systems cyber threats ABI conference 2016
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
 
Threat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceThreat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security Conference
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence
 
RSA 2014: Non-Disruptive Vulnerability Discovery, Without Scanning Your Network
RSA 2014: Non-Disruptive Vulnerability Discovery, Without Scanning Your NetworkRSA 2014: Non-Disruptive Vulnerability Discovery, Without Scanning Your Network
RSA 2014: Non-Disruptive Vulnerability Discovery, Without Scanning Your Network
 
2016 Cyber Threat Defense Report
2016 Cyber Threat Defense Report2016 Cyber Threat Defense Report
2016 Cyber Threat Defense Report
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
 
IKANOW System Architecture Guide
IKANOW System Architecture GuideIKANOW System Architecture Guide
IKANOW System Architecture Guide
 
Managing Security At 1M Events a Second using Elasticsearch
Managing Security At 1M Events a Second using ElasticsearchManaging Security At 1M Events a Second using Elasticsearch
Managing Security At 1M Events a Second using Elasticsearch
 
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemThe Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch System
 
Infosec 2015 - Using threat intelligence to improve security response
Infosec 2015 - Using threat intelligence to improve security responseInfosec 2015 - Using threat intelligence to improve security response
Infosec 2015 - Using threat intelligence to improve security response
 
Conference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiConference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili Saghafi
 
Big data new era of network security analytic dwika
Big data new era of network security analytic dwikaBig data new era of network security analytic dwika
Big data new era of network security analytic dwika
 
2016 Symantec Internet Security Threat Report
2016 Symantec Internet Security Threat Report2016 Symantec Internet Security Threat Report
2016 Symantec Internet Security Threat Report
 
Managing Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchManaging Your Security Logs with Elasticsearch
Managing Your Security Logs with Elasticsearch
 
Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
 

Similar to Big Data Analytics for Cyber Security: A Quick Overview

Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
Karl Kispert
 
Anton Chuvakin on Threat and Vulnerability Intelligence
Anton Chuvakin on Threat and Vulnerability IntelligenceAnton Chuvakin on Threat and Vulnerability Intelligence
Anton Chuvakin on Threat and Vulnerability Intelligence
Anton Chuvakin
 
Cobit 2
Cobit 2Cobit 2
Cobit 2
Securelogy
 
Main Menu
Main MenuMain Menu
Main Menu
Securelogy
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming Security
Robert Herjavec
 
Addressing cyber security
Addressing cyber securityAddressing cyber security
Addressing cyber security
Femi Ashaye
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
Jorge Sebastiao
 
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
DataScienceConferenc1
 
George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...
George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...
George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...
PECB
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress Nyc
Bob Maley
 
What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?
John Gardner, CMC
 
Threat Intelligence in Cybersecurity.pdf
Threat Intelligence in Cybersecurity.pdfThreat Intelligence in Cybersecurity.pdf
Threat Intelligence in Cybersecurity.pdf
Ciente
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
itnewsafrica
 
CCA study group
CCA study groupCCA study group
CCA study group
IIBA UK Chapter
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
SandeshUprety4
 
Changing the Security Monitoring Status Quo
Changing the Security Monitoring Status QuoChanging the Security Monitoring Status Quo
Changing the Security Monitoring Status Quo
EMC
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group
 
Cyber Security Solutions in Europe
Cyber Security Solutions in Europe Cyber Security Solutions in Europe
Cyber Security Solutions in Europe
Securityium
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
Francisco González Jiménez
 
Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
Rahul Neel Mani
 

Similar to Big Data Analytics for Cyber Security: A Quick Overview (20)

Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
 
Anton Chuvakin on Threat and Vulnerability Intelligence
Anton Chuvakin on Threat and Vulnerability IntelligenceAnton Chuvakin on Threat and Vulnerability Intelligence
Anton Chuvakin on Threat and Vulnerability Intelligence
 
Cobit 2
Cobit 2Cobit 2
Cobit 2
 
Main Menu
Main MenuMain Menu
Main Menu
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming Security
 
Addressing cyber security
Addressing cyber securityAddressing cyber security
Addressing cyber security
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
 
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
[DSC Europe 23][AI:CSI] Aleksa Stojanovic - Applying AI for Threat Detection ...
 
George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...
George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...
George, Tony, Michael - PECB Webinar 27701 Data Protection Risk Management V1...
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress Nyc
 
What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?
 
Threat Intelligence in Cybersecurity.pdf
Threat Intelligence in Cybersecurity.pdfThreat Intelligence in Cybersecurity.pdf
Threat Intelligence in Cybersecurity.pdf
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
CCA study group
CCA study groupCCA study group
CCA study group
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
 
Changing the Security Monitoring Status Quo
Changing the Security Monitoring Status QuoChanging the Security Monitoring Status Quo
Changing the Security Monitoring Status Quo
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
Cyber Security Solutions in Europe
Cyber Security Solutions in Europe Cyber Security Solutions in Europe
Cyber Security Solutions in Europe
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
 

Recently uploaded

Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 

Recently uploaded (20)

Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 

Big Data Analytics for Cyber Security: A Quick Overview

  • 1. Big Data Analytics for Cyber Security: A Quick Overview By Femi Ashaye
  • 2.  Introduction – Addressing Cyber Security (2013)  Managing Cyber Threats (2013)  Big Data Analytics in SIEM  Managing Cyber Threats (2016)  Cyber Security Control Model  Conclusion Agenda
  • 3.  Previous presentation on Cyber Security http://www.slideshare.net/fashaye/addressing-cyber-security-26632216 addressed approach required to deal with Cyber threats in mid 2013 – threat landscape in 2016 has increased and evolved.  Risk based approach of 2013 is still relevant, utilising relevant, but more linear, ISO 27001 processes and activities (Plan->Do->Check->Act->Check->Act->Check->Act->Check->.... ):  Risk Assessments conducted to understand likelihood of threats and vulnerabilities and impact to the organisation (Plan & Check)  Prevent, detect and respond to security incidents, reviewing existing state of security (Check & Act)  Measurement of control effectiveness and maturity of overall security to enable when, where and how to improve overall security posture (Check & Act)  SIEM provides recording of security incidents and risk related information such as:  Malicious traffic to specific systems  Suspicious activity across domain boundaries  User session activity.. and more...  Outcome is that the approach is required to understand the scale and impact of Cyber Threats.  Indicators for risk exposure and control effectiveness identifies key risks over time.  Data and system centric processes and key controls already exists for dealing with Cyber Threats.  Might require help from other disciplines such as criminologists, sociologists, psychologists. lawyers etc.. leading to people and behaviour centric controls. Introduction – Addressing Cyber Security (2013)
  • 4. Managing Cyber Threats (2013) Threat Firewall Identity and Access Manager DLP Vulnerability Vulnerability Scanner Asset Preventative and Detective Controls IDS/IPS Suspicious Login or Access Event Malicious Port Scanning Event Malware Event Data Theft Event Mitigates or stop attack against... Discovers attack against.. Suspicious Network Access Event Application; DB and OS etc.. information Asset Inventory and compliance Information Un-patched OS/Application Denial of Service Event Mounts attack on.. Can be exploited to attack Discovers and protects against Discovers and protects against.  Threat Correlation/Aggregation  Vulnerability Correlation/Aggregation  Asset Correlation/Aggregation  Event Logging and Reporting Risk Information SIEM & Logger AV Gateway ALARM Security Incidents
  • 5.  Digitalisation (specifically Internet-of-things) and business ecosystems introducing proliferation and disparate connected systems and devices, means variety of security data are creeping up to higher volumes now more so than ever (Gartner – Security data expect to slowly double up every year through to 2016, since 2014).  Threat landscape in 2016 has evolved, and is increasing. Cyber criminals typically blend into background operational noise, performing undetected reconnaissance of networks over long period of time, before carrying out attacks. Identifying these threats amongst the growing volumes of security data presents greater challenges  Data centric controls outlined, but not detailed, in 2013 approach is now more relevant. Big Data analytics applied to Cyber Security provides another level of context. It identifies threat anomalies, patterns and predict threats not typically derived from the traditional risk-based context.  Traditional SIEM not able to capture proliferation of new data - New generation of SIEM tools incorporate Big Data Analytics to provide Security Analytics.  Security analytics will better consolidate all security data from disparate security tools, business applications, IT applications, cloud applications, digital business ecosystems and business processes to deal with enterprise level threats at real-time.  Security analytics will have the capabilities to seamlessly mine data, structured and unstructured, to enhance threat landscape analysis and provide better visualisation of such data to further aid forensics capabilities.  Security Analyst skillset requires high level of data science and big data analytics expertise Big Data Analytics in SIEM
  • 6. Managing Cyber Threats (2016) Threat Firewall Identity and Access Manager DLP Vulnerability Vulnerability Scanner Asset Preventative, Predictive and Detective Control IDS/IPS Suspicious Login or Access Event Malicious Port Scanning Event Malware Event Data Theft Event Mitigates or stop attack against... Discovers attack against.. Suspicious Network Access Event Application; DB and OS etc.. information Asset Inventory and compliance Information Un-patched OS/Application Denial of Service Event Mounts attack on.. Can be exploited to attack Discovers and protects against Discovers and protects against. Unstructured Security Event Correlation/Aggregation Threat Correlation/Aggregation  Vulnerability Correlation/Aggregation  Asset Correlation/Aggregation  Event Logging and Reporting Predictive Modelling Risk Information SIEM w/Security Analytics AV Gateway ALARM Security Incidents Business & IT application Unstructured security events Cloud systems Context aware identity data Predicted Threats
  • 7. Cyber Security Control Model THREATS INCIDENTS COMPLIANCE NEGATIVE BUSINESS IMPACT PREDICTIVE CONTROLS DETERRENT CONTROLS PREVENTATIVE CONTROLS CONTAINMENT CONTROLS ASSURANCE CONTROLS EVIDENTIAL CONTROL CORRECTIVE CONTROLS DETECTIVE CONTROLS VALUE ASSETS Demonstrates Reduce Have Results in VULNERABILITIES Triggers Triggers Triggers The model illustrates the basic relationships between Risks and Countermeasures driven by the control capabilities of Security Analytics. It demonstrates how prediction and detection of threats enables proactive response to definitive, and potential risk scenarios. Exploit Causing Affecting CountermeasuresRisk Model Informs
  • 8. Conclusion  Big data driven security enables organisations to gain richer context for assessing Cyber threats against their specific business and compliance requirements  Enables a more data centric approach to traditional risk-based security intelligence  Enables a more agile approach to traditional risk-based security intelligence  Address Advanced Persistent Threats  Improve security monitoring  Data architecture to incorporate and catalogue all relevant security information across the business required for Security Analytics  Future security strategy will feature investment and alignment of security tools enhanced with big data analytics capabilities – This is the next challenge  Security Analytics currently addresses Cyber Threats by combining traditional human led risk analysis with machine led data-driven, behavioural analysis - This will evolve to a machine only led, risk and data driven, Security Analytics. Thank You!!