SlideShare a Scribd company logo

How Data Analytics is Re-defining Modern Era in Cyber Security

Download as PPTX, PDF
S
Saqib Chaudhry

I delivered this presentation at the Omantel Cybersec event hosted at the Sheraton Muscat, Oman on Oct 30th, 2018.

Technology
1 of 29
CyberSecurity Analytics How Data Analytics is Redefining Modern Era in Cyber Security 1 By Saqib Chaudhry
What is Cyber Crime? “In 2018, NATO officially declared cyberspace a warfare domain and confirmed that a cyberattack on any of its allies will be considered as an act of war.” Understanding Our (Cyber) Adversaries - Methods and Motivations -
What is Cyber Crime?Cyber Threat Timeline
“Digital transformation is the profound transformation of business and organizational activities, processes, competencies and models to fully leverage the changes and opportunities of a mix of digital technologies and their accelerating impact across society in a strategic and prioritized way, with present and future shifts in mind.”
“Digital transformation is the profound transformation of business and organizational activities, processes, competencies and models to fully leverage the changes and opportunities of a mix of digital technologies and their accelerating impact across society in a strategic and prioritized way, with present and future shifts in mind.”
“Digital transformation is the profound transformation of business and organizational activities, processes, competencies and models to fully leverage the changes and opportunities of a mix of digital technologies and their accelerating impact across society in a strategic and prioritized way, with present and future shifts in mind.”
“Digital transformation is the profound transformation of business and organizational activities, processes, competencies and models to fully leverage the changes and opportunities of a mix of digital technologies and their accelerating impact across society in a strategic and prioritized way, with present and future shifts in mind.”
Data is at the heart of Digital Transformation
Mellanox Technologies Source: Mellanox Technologies Mellanox Technologies
ANOTHER TOPIC
Cyber-Crime is est. to be a $1.5 Trillion Global Economy!!!! “According to computerweekly.com global cybercrime worth is estimated at $1.5 Trillion a year. Cyber criminal operations worldwide are generating revenues equal to the GDP of Russia through a web of profit that involves legitimate businesses.”
Key Challenges to Protect Against Cyber Adversaries
Too Many Alerts, Never Enough Resources
The New York Stock Exchange Capture 1TB of Trade Information during each trading session Poor Data quality costs the US Economy around $3.1 Trillion a Year 30 Billion Pieces of Content are shared on Facebook every Month Est. 2.3 Trillion Gigabytes Bytes of data is created each day Big Data Analytics to the Rescue!!! Source: DataconomySource: Accubisolutions.com
In order to effectively work with your Data Scientists/ IT Analytics Teams, you need to understand the different types of Big Data analytics techniques and how to utilize them to get the actionable insights Source: Winwire via @BrianJohson
Potential Big Data Applications for CxOs
Cyber Security Specific Big Data Capabilities - Sample - Identify anomalies in device behavior For example, employee devices could be used as Trojan horses to access and steal data — but you can stop it with big data analytics. - Identify anomalies in employee and contractor behavior Do you have an Edward Snowden downloading large amounts of data? There are ways to detect and stop that. - Detect anomalies in the network Identify new threats without known signatures. Correlate data from silos to understand the nature of various attacks. Look at a wide range of data attributes. - Performed Machine Learning Detections (Dimensional Analysis) • Lateral Movement • Domain Generation algorithm • DNS Tunneling • Network Beaconing • Data Staging - Assess network vulnerabilities and risks Ingest data and analyze it to determine which databases have customer- identifying information, and how vulnerable they are to hackers. Eliminate serious potential sources of risk. - Manage data classification, data lineage, security and data lifecycle management - Detect and investigate Malware - Detect and stop data Exfiltration - Privileged User Monitoring ( PUM) - Detect Zero-Day Attacks - Use DNS Data to Identify Patient-Zero Malware
Use Case - User & Entity Behavior Analytics
Use Case - User & Entity Behavior Analytics
What are some of the key PPL needs to setup Cybersecurity Big Data Analytics?
Needs a Reference Architecture for setting up Cybersecurity Big Data Analytics in Your Organization? Check out Hortonworks Metron Provides organizations a scalable capability to detect cyber anomalies and enable organizations to rapidly respond to identified anomalies
What does the Reference Architecture Entail? 1. Raw events are captured by Nifi/custom probe & pushed to Kafka for ingestion. 2. Each raw event is parsed and normalized. 3. Different data elements are enriched. E.g. an external IP address is enriched with GeoIP information (lat/long coordinates + City/State/Country) 4. Threat intel cross reference checks are performed and telemetry events are “labelled” with threat intel metadata. 5. Telemetry events can initiate alerts, as needed. Labeled telemetry events are indexed and stored in security data vault for next generation analytics. 7a. For high volume network telemetry data like packet capture (PCAP), custom Metron probes are available to ingest data directly from a network tap. 7b For most security telemetry data sources that uses transports and protocols like file, syslog, REST, HTTP, custom API, etc., Metron uses Nifi to ingest data at the source.
Integration Options: Anomali Threat Intelligent Platform
Integration Options: Sqrrl Threat Hunting Platform • Enables organizations to target, hunt, and disrupt advanced cyber threat by uniting threat hunting, behavioral analytics, and incident analysis. • It detects the Tactics, Techniques, and Procedures (TTPs) of cyber adversaries as part of the kill chain assessment. • It utilizes linked data, machine learning, UEBA, risk scoring, and Big Data Analytics to reveal malicious patterns and anomalies hidden within security datasets.
Integration Options: Kibana (Data Visualization Tool) Open-source data visualization and exploration tool used for log and time-series analytics, application monitoring, and operational intelligence use cases. It offers powerful and easy-to-use features such as histograms, line graphs, pie charts, heat maps, and built-in geospatial support.
What are some of the benefits of the utilizing Reference Architecture for Your SOC Operations? Source: hortonworks apache metron
• APPENDIX 29

Recommended

festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...
festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...
festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...festival ICT 2016
 
Threat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & AcquisitionThreat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & AcquisitionEC-Council
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat IntelligenceDeepak Kumar (D3)
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence WorkshopPriyanka Aash
 
A proposed model_for_cybercrime_detectio
A proposed model_for_cybercrime_detectioA proposed model_for_cybercrime_detectio
A proposed model_for_cybercrime_detectioHossam Al-Ansary
 
2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat Report2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat ReportMatthew Rosenquist
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat IntelligenceOWASP Delhi
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 

Recommended

festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...
festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...
festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...festival ICT 2016
 
Threat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & AcquisitionThreat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & AcquisitionEC-Council
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat IntelligenceDeepak Kumar (D3)
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence WorkshopPriyanka Aash
 
A proposed model_for_cybercrime_detectio
A proposed model_for_cybercrime_detectioA proposed model_for_cybercrime_detectio
A proposed model_for_cybercrime_detectioHossam Al-Ansary
 
2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat Report2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat ReportMatthew Rosenquist
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat IntelligenceOWASP Delhi
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationSurfWatch Labs
 
Security Chat 5.0
Security Chat 5.0Security Chat 5.0
Security Chat 5.0Raffael Marty
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in securityOsama Ellahi
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AIRaffael Marty
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceZaiffiEhsan
 
UserEntityandBehaviorAnalyticsFriedman
UserEntityandBehaviorAnalyticsFriedmanUserEntityandBehaviorAnalyticsFriedman
UserEntityandBehaviorAnalyticsFriedmanAaron Friedman
 
Data Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 KeynoteData Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 KeynoteHPCC Systems
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in CybersecurityForcepoint LLC
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityDr. Umesh Rao.Hodeghatta
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...Forcepoint LLC
 
Audit logs for Security and Compliance
Audit logs for Security and ComplianceAudit logs for Security and Compliance
Audit logs for Security and ComplianceAnton Chuvakin
 
Cyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to InsightCyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to InsightDeep Shankar Yadav
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : OverviewDeepak Kumar (D3)
 
Machine learning in Cyber Security
Machine learning in Cyber SecurityMachine learning in Cyber Security
Machine learning in Cyber SecurityRajathV2
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security Robert Smith
 
2020 09-01 disclosure
2020 09-01 disclosure2020 09-01 disclosure
2020 09-01 disclosureSara-Jayne Terp
 
2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeleySara-Jayne Terp
 
Machine Learning in Information Security by Mohammed Zuber
Machine Learning in Information Security by Mohammed ZuberMachine Learning in Information Security by Mohammed Zuber
Machine Learning in Information Security by Mohammed ZuberOWASP Delhi
 
Network security threats ahmed s. gifel
Network security threats ahmed s. gifelNetwork security threats ahmed s. gifel
Network security threats ahmed s. gifelAhmed Tememe
 
How Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber SecurityHow Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber SecurityDevOps.com
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat IntelligenceNTT Innovation Institute Inc.
 
El contexto de la integración masiva de datos
El contexto de la integración masiva de datosEl contexto de la integración masiva de datos
El contexto de la integración masiva de datosSoftware Guru
 

More Related Content

What's hot

Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationSurfWatch Labs
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in securityOsama Ellahi
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AIRaffael Marty
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceZaiffiEhsan
 
UserEntityandBehaviorAnalyticsFriedman
UserEntityandBehaviorAnalyticsFriedmanUserEntityandBehaviorAnalyticsFriedman
UserEntityandBehaviorAnalyticsFriedmanAaron Friedman
 
Data Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 KeynoteData Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 KeynoteHPCC Systems
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in CybersecurityForcepoint LLC
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityDr. Umesh Rao.Hodeghatta
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...Forcepoint LLC
 
Audit logs for Security and Compliance
Audit logs for Security and ComplianceAudit logs for Security and Compliance
Audit logs for Security and ComplianceAnton Chuvakin
 
Cyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to InsightCyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to InsightDeep Shankar Yadav
 
Machine learning in Cyber Security
Machine learning in Cyber SecurityMachine learning in Cyber Security
Machine learning in Cyber SecurityRajathV2
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security Robert Smith
 
2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeleySara-Jayne Terp
 
Machine Learning in Information Security by Mohammed Zuber
Machine Learning in Information Security by Mohammed ZuberMachine Learning in Information Security by Mohammed Zuber
Machine Learning in Information Security by Mohammed ZuberOWASP Delhi
 
Network security threats ahmed s. gifel
Network security threats ahmed s. gifelNetwork security threats ahmed s. gifel
Network security threats ahmed s. gifelAhmed Tememe
 
How Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber SecurityHow Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber SecurityDevOps.com
 

What's hot (20)

Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution Demonstration
 
Security Chat 5.0
Security Chat 5.0Security Chat 5.0
Security Chat 5.0
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in security
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AI
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
UserEntityandBehaviorAnalyticsFriedman
UserEntityandBehaviorAnalyticsFriedmanUserEntityandBehaviorAnalyticsFriedman
UserEntityandBehaviorAnalyticsFriedman
 
Data Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 KeynoteData Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 Keynote
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in Cybersecurity
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber Security
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
 
Audit logs for Security and Compliance
Audit logs for Security and ComplianceAudit logs for Security and Compliance
Audit logs for Security and Compliance
 
Cyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to InsightCyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to Insight
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : Overview
 
Machine learning in Cyber Security
Machine learning in Cyber SecurityMachine learning in Cyber Security
Machine learning in Cyber Security
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security
 
2020 09-01 disclosure
2020 09-01 disclosure2020 09-01 disclosure
2020 09-01 disclosure
 
2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley
 
Machine Learning in Information Security by Mohammed Zuber
Machine Learning in Information Security by Mohammed ZuberMachine Learning in Information Security by Mohammed Zuber
Machine Learning in Information Security by Mohammed Zuber
 
Network security threats ahmed s. gifel
Network security threats ahmed s. gifelNetwork security threats ahmed s. gifel
Network security threats ahmed s. gifel
 
How Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber SecurityHow Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber Security
 

Similar to How Data Analytics is Re-defining Modern Era in Cyber Security

El contexto de la integración masiva de datos
El contexto de la integración masiva de datosEl contexto de la integración masiva de datos
El contexto de la integración masiva de datosSoftware Guru
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveIvan Sang
 
Artificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityOlivier Busolini
 
Big data-analytics-changing-way-organizations-conducting-business
Big data-analytics-changing-way-organizations-conducting-businessBig data-analytics-changing-way-organizations-conducting-business
Big data-analytics-changing-way-organizations-conducting-businessAmit Bhargava
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Karl Kispert
 
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurity
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurityAI Cybersecurity: Pros & Cons. AI is reshaping cybersecurity
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurityTasnim Alasali
 
Road map for actionable threat intelligence
Road map for actionable threat intelligenceRoad map for actionable threat intelligence
Road map for actionable threat intelligenceabhisheksinghcs
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with aiBurhan Ahmed
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Raffael Marty
 
icon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptxicon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptxyugandharadahiphale2
 
icon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptxicon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptxyugandharadahiphale2
 
MCAP Big Data Security Intelligence Platform
MCAP Big Data Security Intelligence PlatformMCAP Big Data Security Intelligence Platform
MCAP Big Data Security Intelligence PlatformSean Ben
 
Empowering Cyber Threat Intelligence with AI
Empowering Cyber Threat Intelligence with AIEmpowering Cyber Threat Intelligence with AI
Empowering Cyber Threat Intelligence with AIIJCI JOURNAL
 

Similar to How Data Analytics is Re-defining Modern Era in Cyber Security (20)

Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
 
El contexto de la integración masiva de datos
El contexto de la integración masiva de datosEl contexto de la integración masiva de datos
El contexto de la integración masiva de datos
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
 
Artificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and Cybersecurity
 
Big data-analytics-changing-way-organizations-conducting-business
Big data-analytics-changing-way-organizations-conducting-businessBig data-analytics-changing-way-organizations-conducting-business
Big data-analytics-changing-way-organizations-conducting-business
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
 
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurity
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurityAI Cybersecurity: Pros & Cons. AI is reshaping cybersecurity
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurity
 
Road map for actionable threat intelligence
Road map for actionable threat intelligenceRoad map for actionable threat intelligence
Road map for actionable threat intelligence
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with ai
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
 
Security Industry Overview
Security Industry OverviewSecurity Industry Overview
Security Industry Overview
 
Cyber of things 2.0
Cyber of things 2.0Cyber of things 2.0
Cyber of things 2.0
 
Cisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity ReportCisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity Report
 
icon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptxicon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptx
 
icon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptxicon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptx
 
MCAP Big Data Security Intelligence Platform
MCAP Big Data Security Intelligence PlatformMCAP Big Data Security Intelligence Platform
MCAP Big Data Security Intelligence Platform
 
Empowering Cyber Threat Intelligence with AI
Empowering Cyber Threat Intelligence with AIEmpowering Cyber Threat Intelligence with AI
Empowering Cyber Threat Intelligence with AI
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

How Data Analytics is Re-defining Modern Era in Cyber Security

  • 1. CyberSecurity Analytics How Data Analytics is Redefining Modern Era in Cyber Security 1 By Saqib Chaudhry
  • 2. What is Cyber Crime? “In 2018, NATO officially declared cyberspace a warfare domain and confirmed that a cyberattack on any of its allies will be considered as an act of war.” Understanding Our (Cyber) Adversaries - Methods and Motivations -
  • 3. What is Cyber Crime?Cyber Threat Timeline
  • 4. “Digital transformation is the profound transformation of business and organizational activities, processes, competencies and models to fully leverage the changes and opportunities of a mix of digital technologies and their accelerating impact across society in a strategic and prioritized way, with present and future shifts in mind.”
  • 5. “Digital transformation is the profound transformation of business and organizational activities, processes, competencies and models to fully leverage the changes and opportunities of a mix of digital technologies and their accelerating impact across society in a strategic and prioritized way, with present and future shifts in mind.”
  • 6. “Digital transformation is the profound transformation of business and organizational activities, processes, competencies and models to fully leverage the changes and opportunities of a mix of digital technologies and their accelerating impact across society in a strategic and prioritized way, with present and future shifts in mind.”
  • 7. “Digital transformation is the profound transformation of business and organizational activities, processes, competencies and models to fully leverage the changes and opportunities of a mix of digital technologies and their accelerating impact across society in a strategic and prioritized way, with present and future shifts in mind.”
  • 8. Data is at the heart of Digital Transformation
  • 9. Mellanox Technologies Source: Mellanox Technologies Mellanox Technologies
  • 11.
  • 12. Cyber-Crime is est. to be a $1.5 Trillion Global Economy!!!! “According to computerweekly.com global cybercrime worth is estimated at $1.5 Trillion a year. Cyber criminal operations worldwide are generating revenues equal to the GDP of Russia through a web of profit that involves legitimate businesses.”
  • 13.
  • 14. Key Challenges to Protect Against Cyber Adversaries
  • 15. Too Many Alerts, Never Enough Resources
  • 16. The New York Stock Exchange Capture 1TB of Trade Information during each trading session Poor Data quality costs the US Economy around $3.1 Trillion a Year 30 Billion Pieces of Content are shared on Facebook every Month Est. 2.3 Trillion Gigabytes Bytes of data is created each day Big Data Analytics to the Rescue!!! Source: DataconomySource: Accubisolutions.com
  • 17. In order to effectively work with your Data Scientists/ IT Analytics Teams, you need to understand the different types of Big Data analytics techniques and how to utilize them to get the actionable insights Source: Winwire via @BrianJohson
  • 19. Cyber Security Specific Big Data Capabilities - Sample - Identify anomalies in device behavior For example, employee devices could be used as Trojan horses to access and steal data — but you can stop it with big data analytics. - Identify anomalies in employee and contractor behavior Do you have an Edward Snowden downloading large amounts of data? There are ways to detect and stop that. - Detect anomalies in the network Identify new threats without known signatures. Correlate data from silos to understand the nature of various attacks. Look at a wide range of data attributes. - Performed Machine Learning Detections (Dimensional Analysis) • Lateral Movement • Domain Generation algorithm • DNS Tunneling • Network Beaconing • Data Staging - Assess network vulnerabilities and risks Ingest data and analyze it to determine which databases have customer- identifying information, and how vulnerable they are to hackers. Eliminate serious potential sources of risk. - Manage data classification, data lineage, security and data lifecycle management - Detect and investigate Malware - Detect and stop data Exfiltration - Privileged User Monitoring ( PUM) - Detect Zero-Day Attacks - Use DNS Data to Identify Patient-Zero Malware
  • 20. Use Case - User & Entity Behavior Analytics
  • 21. Use Case - User & Entity Behavior Analytics
  • 22. What are some of the key PPL needs to setup Cybersecurity Big Data Analytics?
  • 23. Needs a Reference Architecture for setting up Cybersecurity Big Data Analytics in Your Organization? Check out Hortonworks Metron Provides organizations a scalable capability to detect cyber anomalies and enable organizations to rapidly respond to identified anomalies
  • 24. What does the Reference Architecture Entail? 1. Raw events are captured by Nifi/custom probe & pushed to Kafka for ingestion. 2. Each raw event is parsed and normalized. 3. Different data elements are enriched. E.g. an external IP address is enriched with GeoIP information (lat/long coordinates + City/State/Country) 4. Threat intel cross reference checks are performed and telemetry events are “labelled” with threat intel metadata. 5. Telemetry events can initiate alerts, as needed. Labeled telemetry events are indexed and stored in security data vault for next generation analytics. 7a. For high volume network telemetry data like packet capture (PCAP), custom Metron probes are available to ingest data directly from a network tap. 7b For most security telemetry data sources that uses transports and protocols like file, syslog, REST, HTTP, custom API, etc., Metron uses Nifi to ingest data at the source.
  • 25. Integration Options: Anomali Threat Intelligent Platform
  • 26. Integration Options: Sqrrl Threat Hunting Platform • Enables organizations to target, hunt, and disrupt advanced cyber threat by uniting threat hunting, behavioral analytics, and incident analysis. • It detects the Tactics, Techniques, and Procedures (TTPs) of cyber adversaries as part of the kill chain assessment. • It utilizes linked data, machine learning, UEBA, risk scoring, and Big Data Analytics to reveal malicious patterns and anomalies hidden within security datasets.
  • 27. Integration Options: Kibana (Data Visualization Tool) Open-source data visualization and exploration tool used for log and time-series analytics, application monitoring, and operational intelligence use cases. It offers powerful and easy-to-use features such as histograms, line graphs, pie charts, heat maps, and built-in geospatial support.
  • 28. What are some of the benefits of the utilizing Reference Architecture for Your SOC Operations? Source: hortonworks apache metron

Editor's Notes

  1. A unicorn is a privately held startup company valued at over $1 billion. The term was coined in 2013 by venture capitalist Aileen Lee, choosing the mythical animal to represent the statistical rarity of such successful ventures.
  2. Prank example