The evolution of the general technology landscape continues to influence the security and risk landscape across multiple enterprises. IoT, cloud, edge computing, containerization, automation, big data, AI--all influence a breadth of security challenges and opportunities for organizations. Security teams must address the emerging technology risk stack while ensuring these solutions work as intended to shape the intelligence, velocity and scale at which security-related decision points can be reached. This talk will give a sneak peek into technologies that will influence the security capabilities of the future and reshape the way organizations address challenges with current and emerging technologies. We will perform a live demo illustrating the concept of autonomous security and how it will reshape the current security landscape as we know it. Learning Objectives: Understand practical AI applications in building autonomous security systems. Be introduced to the concept of autonomous security and how it can transform the way organizations currently address security challenges. Identify the growth of SOAR (security orchestration, automation and response) and how to fine-tune it with a data and intelligence driven approach.

2. Autonomous Security: How to use
Big Data, Machine Learning and AI
to build the Security of the future
Lenin Aboagye
Chief Security Architect , Kogni
President, Limit+
&
Avinash Ramineni
Kogni

3. Agenda
● Today’s Security Landscape
● SAO & Risk Landscape
● Transitioning from SAO to SOAR
● Threat and Response Automation
● Beyond SOAR
● AI & ML History and Application
● Use-Case: Applying AI & ML in Data Centric Security

4. Today’s Security Landscape
Forrester defines SAO as:
Technology products that provide automated, coordinated, and
policy-based action of security processes across multiple
technologies, making security operations faster, less error-prone,
and more efficient

5. SAO Addresses Half of Security Challenges
Base: 1,700 Security technology decision-makers (1,000+ employees) Source: Forrester Data Global
Business Technographics Security Survey, 2017

6. Exploding Threats - Exploding Tools - Exploding Costs = Exploding
Breaches
● The increase is security budgets continue to have
very limited success in addressing Exploding Costs
● Anthem =16 million, Google EU Fine, Facebook stock
drop, Google+ Fine and discontinuation
● Security Tools and Technologies still built to address
Legacy risks
● More claims and hype , many unproven when it
comes to Big Data & AI/ML..
● More difficult to fine-tune and make workable

7. Typical Incident Response Process - Manual

8. Typical Incident Response Process - Automated

9. Optimizing Security - Greater Efficiency

10. History of Autonomous Vehicles

11. Security Orchestration Automation and Response

12. Levels of Automation in Car Industry

13. Threat Automation Levels in Security

14. Beyond SOAR = Autonomous Security
● Predictive Intelligence-Anticipating the next breach , several days, months before it actually happens and automatically
build and simulate Orchestration|Automation|Response
● Leverage information intelligence sharing where threats can be simulated and identified before they become
vulnerabilities in your environment
● What if your risk was continuously predicted and your defenses consistently bolstered driven by Big data , ML and AI

15. Can we talk before we get breached?

16. Big Data->AI/ML->Deep Learning->Better Security
AI-Human Intelligence exhibited by Machines
Machine Learning-Using algorithms to parse data,
learn from it, and then make a determination or
prediction about something in the world.
Deep learning -Machine learning method based on
learning data representations, as opposed to task-
specific algorithms. Learning can be supervised,
semi-supervised or unsupervised

17. Future Concepts-Bringing Intelligence to Compute systems

18. Use-Case: Applying AI in Data Centric Security
Build an extremely accurate , efficient and scalable solution to
autonomously identify and protect sensitive data across
enterprise workloads

19. Changing Data Landscape

20. Data Centric Security Gaps
Legacy tools not built to address modern data challenges

21. Paradigm Shift | Data Centric Security

22. 4 Pillars of Data Centric Security
● What data do you have?
● Where is the data stored?
● Who is accessing the data?
● Whose data it is?

23. AI in Data Security
● Data Discovery
● Data Classification
● Document Recognition
● Behavioral Analytics
● Intelligent Data Protection
● Data Monitoring
DATA CENTRIC SECURITY NEEDS
AI to reduce false positives &
automate remediation
To properly protect data you have to
properly identify and classify it

24. Automatic Data Discovery and Classification | Document Recognition

25. Automatic Data Discovery and Classification | Image Classification

26. Automatic Data Discovery and Classification | Automatic Pattern
Learning
Changing Data Patterns
• Using Structured data to improve accuracy
in unstructured data
• Clustering and Association rule mining
• Sensitive Data leakage detection
• MinHash
• Locality sensitive hashing
• Bloom filter

27. Automatic Data Discovery and Classification | Graph Learning
Disambiguate using Graph Learning
Sydney
Person?
City?

28. Automatic Data Discovery and Classification | NLP

29. User and Entity Behavior Analytics | Anomaly Detection
Monitoring for dangerous Data Access Patterns

30. Data Subject Catalog | CCPA & GDPR

31. AI / ML Based System | Continuous Learning

32. DEMO

33. QUESTIONS

35. Data Classification Techniques