Cognitive security uses cognitive systems to analyze large amounts of structured and unstructured security data to understand threats and provide recommendations to security analysts. It learns from data and interactions to enhance its knowledge over time. This allows it to process more data, including unstructured sources like text, than traditional rule-based systems. Cognitive security aims to help analysts respond faster by automating some tasks and providing new insights. It also seeks to increase organizations' security by adapting quickly to emerging threats.
Cognitive Security was a Czech startup that developed network behavior analysis tools using artificial intelligence. It raised $1 million in 2011 from Credo Ventures. In 2013, Cognitive Security was acquired by Cisco Systems. The acquisition allowed Cognitive Security's team of 30 engineers and PhDs to continue developing their technology as part of Cisco, expanding their market reach. Credo Ventures helped Cognitive Security professionalize its operations and supported its acquisition by Cisco, delivering a strong return for investors.
Security in the Cognitive Era: Why it matters more than everEC-Council
Change isn’t coming. It’s already here. More devices. More access points. More valuable data in the cloud. In this new digital era, perimeter controls and traditional security practices are not enough to safeguard your enterprise. You need security for the way the world works. Security intelligence and integrated controls are today’s essentials to gain visibility and get to a higher level of maturity. Learn how cloud, collaboration and cognitive will define the next era of security to help you outthink attackers and proactively protect your most critical assets.
Peter Allor - The New Era of Cognitive Securityscoopnewsgroup
- The document discusses the new era of cognitive security using IBM's Watson technology.
- Watson can help security analysts by using cognitive techniques to analyze large amounts of security data and knowledge that typically remain untapped. This helps analysts gain insights faster and reduce the security skills gap.
- The document provides an example of how Watson could assist a security analyst, significantly reducing the time spent on manual threat analysis and investigation from days/weeks to minutes/hours.
The document provides guidelines for IT security. It discusses how IT security is becoming increasingly important as organizations' business and work processes rely more on IT solutions. The guidelines provide a compact overview of the most important organizational, infrastructural, and technical IT security safeguards. They are aimed at helping small and medium-sized companies and public agencies establish a reliable level of IT security without needing a large IT budget. The guidelines illustrate security risks and necessary safeguards through practical examples and checklists.
SBIC Enterprise Information Security Strategic TechnologiesEMC
This report from the Security for Business Innovation Council describes next generation technologies that support an Information-Driven Security strategy.
cybersecurity strategy planning in the banking sectorOlivier Busolini
Olivier Busolini discusses cybersecurity strategy planning in the banking sector. He outlines an approach that includes understanding business risks, assessing gaps, agile planning, implementation, and monitoring. Key aspects are controls hygiene and compliance using frameworks like NIST and ANSSI. A security program should focus on people, processes, infrastructure, applications, and data, and increase maturity over multiple years. Risks and tips from experience are also covered, like focusing on people, defining risk appetite, and ensuring budget supports ongoing work.
The document discusses the history and evolution of information security. It begins with physical security controls for early mainframe computers and the need for security on the ARPANET network. Information security expanded to include data security and limiting unauthorized access. With the growth of networks and the internet, security became more complex as many interconnected systems needed to be secured. The document outlines key information security concepts and professionals involved in information security governance.
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
The document discusses approaches to information security, risk management, and cyber resilience. It recommends taking a three-pronged approach to information security that includes awareness, technical controls, and periodic reviews. It also suggests adopting a framework for cyber risk management that is appropriate for the organization's needs and risk appetite. Finally, it outlines six key points to achieving cyber resilience: organizational readiness, situational awareness, detection, cyber defense, mitigation and containment, and recovery.
Cognitive Security was a Czech startup that developed network behavior analysis tools using artificial intelligence. It raised $1 million in 2011 from Credo Ventures. In 2013, Cognitive Security was acquired by Cisco Systems. The acquisition allowed Cognitive Security's team of 30 engineers and PhDs to continue developing their technology as part of Cisco, expanding their market reach. Credo Ventures helped Cognitive Security professionalize its operations and supported its acquisition by Cisco, delivering a strong return for investors.
Security in the Cognitive Era: Why it matters more than everEC-Council
Change isn’t coming. It’s already here. More devices. More access points. More valuable data in the cloud. In this new digital era, perimeter controls and traditional security practices are not enough to safeguard your enterprise. You need security for the way the world works. Security intelligence and integrated controls are today’s essentials to gain visibility and get to a higher level of maturity. Learn how cloud, collaboration and cognitive will define the next era of security to help you outthink attackers and proactively protect your most critical assets.
Peter Allor - The New Era of Cognitive Securityscoopnewsgroup
- The document discusses the new era of cognitive security using IBM's Watson technology.
- Watson can help security analysts by using cognitive techniques to analyze large amounts of security data and knowledge that typically remain untapped. This helps analysts gain insights faster and reduce the security skills gap.
- The document provides an example of how Watson could assist a security analyst, significantly reducing the time spent on manual threat analysis and investigation from days/weeks to minutes/hours.
The document provides guidelines for IT security. It discusses how IT security is becoming increasingly important as organizations' business and work processes rely more on IT solutions. The guidelines provide a compact overview of the most important organizational, infrastructural, and technical IT security safeguards. They are aimed at helping small and medium-sized companies and public agencies establish a reliable level of IT security without needing a large IT budget. The guidelines illustrate security risks and necessary safeguards through practical examples and checklists.
SBIC Enterprise Information Security Strategic TechnologiesEMC
This report from the Security for Business Innovation Council describes next generation technologies that support an Information-Driven Security strategy.
cybersecurity strategy planning in the banking sectorOlivier Busolini
Olivier Busolini discusses cybersecurity strategy planning in the banking sector. He outlines an approach that includes understanding business risks, assessing gaps, agile planning, implementation, and monitoring. Key aspects are controls hygiene and compliance using frameworks like NIST and ANSSI. A security program should focus on people, processes, infrastructure, applications, and data, and increase maturity over multiple years. Risks and tips from experience are also covered, like focusing on people, defining risk appetite, and ensuring budget supports ongoing work.
The document discusses the history and evolution of information security. It begins with physical security controls for early mainframe computers and the need for security on the ARPANET network. Information security expanded to include data security and limiting unauthorized access. With the growth of networks and the internet, security became more complex as many interconnected systems needed to be secured. The document outlines key information security concepts and professionals involved in information security governance.
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
The document discusses approaches to information security, risk management, and cyber resilience. It recommends taking a three-pronged approach to information security that includes awareness, technical controls, and periodic reviews. It also suggests adopting a framework for cyber risk management that is appropriate for the organization's needs and risk appetite. Finally, it outlines six key points to achieving cyber resilience: organizational readiness, situational awareness, detection, cyber defense, mitigation and containment, and recovery.
Although a latecomer to the security party, HR organizations can play an important role in protecting assets and influencing good security behaviors. HR leadership can strengthen hiring practices, tighten responses for disgruntled employees, spearhead effective employee security education, advocate regulatory compliance and exemplify good privacy practices, be a good custodian of HR data, and rise to the challenges of hiring good cybersecurity professionals.
What i learned at issa international summit 2019Ulf Mattsson
This session will discuss what attendees learned at The ISSA International Summit 2019, held on October 1-2 at in Irving/Dallas, TX.
Learn from one of the presenters at this conference and what cybersecurity professionals got to share and learn from the leaders in the industry.
Over the last 30 years ISSA international has grown into the global community of choice for international cybersecurity professionals. With over 100 domestic and international chapters, members have world wide support with daily cyber threats that are becoming increasingly intricate and difficult to prevent, detect, and re-mediate.
The Cloud is both compelling and alluring, offering benefits that entice many organizations into rapid adoption. But caution should be taken. Leveraging cloud technologies can offer tremendous opportunities, with the caveat of potentially introducing new security problems and business risks. Presented are strategic recommendations for cloud adoption to a community of application and infrastructure developers.
This document discusses several challenges in implementing cyber security including the information security model, risk management, and survivability. It outlines various opportunities for intrusion such as rapidly adopted networks and exploitable vulnerabilities. The document also discusses internal and external intruders as well as the information security model. Risk is defined and risk management processes are outlined including risk assessment. The concept of survivability and an approach using multiple layers of protection for critical assets is presented.
How to protect your company’s computer systems against penetration and attack; the dangers of security lapses in corporate computer
systems and Internet architecture, and specific methodologies for evaluating your company’s security, detecting intrusions and responding effectively.
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
Attackers and exploits are becoming increasingly sophisticated, and the pressure to protect business critical data is only getting more and more intense. Security Intelligence transforms the playing field by adding analytics and context, and shifts the balance in favor of the good guys. Today forward thinking organizations are looking at extending Security Intelligence even further by combining it with Big Data to form a solution that allows them to analyze new types of information, and data that travels at higher velocity, and in larger volume. This powerful combination yields new insights that can more effectively identify threats and fraud than ever before.
In this session, attendees will learn how to combine Security Intelligence and Big Data, and deploy a solution that is well suited for structured, repeatable tasks. We will also cover the addition of complementary new technologies that address speed and flexibility, and are ideal for analyzing unstructured data. This session will also highlight how organizations are using Security Intelligence to pro-actively detect advanced threats before they cause damage, and take effective corrective action if a compromise succeeds.
View the On-demand webinar: https://www2.gotomeeting.com/register/657029698
Cybersecurity is difficult. It is a serious endeavor which over time strives to find a balance in managing the security of computing capabilities to protect the technology which connects and enriches the lives of everyone. Characteristics of cyber risk continue to mature and expand on the successes of technology innovation, integration, and adoption. It is no longer a game of tactics, but rather a professional discipline, continuous in nature, where to be effective strategic leadership must establish effective and efficient structures for evolving controls to sustain an optimal level of security.
This presentation will discuss the emerging challenges as it analyzes the cause-and-effect relationships of factors driving the future of cybersecurity.
The document discusses how artificial intelligence (AI) can help address challenges in cybersecurity. It notes that the amount of security data and knowledge is growing rapidly but humans cannot process it all. AI can help by connecting related security events, extracting information from unstructured data sources, and answering security questions. This can help reduce investigation times and free up analysts to focus on more strategic work. However, the document also warns that attackers may increasingly use AI to launch more sophisticated attacks, so defenses need to evolve as well.
IBM Security Products: Intelligence, Integration, ExpertiseShwetank Jayaswal
This document provides an overview of IBM's security products and services portfolio. It discusses (1) the complex threats businesses face today from hyper-connected digital environments, (2) IBM's approach to security intelligence through comprehensive internal and external monitoring, analytics and threat research, and (3) IBM's integrated portfolio of security products, consulting services and global security operations centers to help customers address challenges.
I was invited to present a talk on "Artificial Intelligence for Cyber Security" for #GirlsInAIHack2021 by #TeenInAIFiji. It was my honor to be there and share my words with the participants and I wish all the participants the best wishes.
Girls from 25 counties aged 12-18 had participated in this Hackathon. They were using Hot Technologies like AI and ML to fight world problems to make good. The event was started on #InternationalWomensDay2021. Total of 1000 participations
500+ Mentors & Organizers
120+ International Speakers were part of it
You can watch it here - https://youtu.be/rhWyt68yuI0
If you want to invite me for a webinar or conference connect
mail: hello@priyanshuratnakar.com or priyanshuratnakar@protonmail.com
You can use the slides but give credit somewhere
IT Security and Management - Prelim Lessons by Mark John LadoMark John Lado, MIT
Learning topics:
1. ACCESS CONTROL
2. ASSET MANAGEMENT
3. BUSINESS CONTINUITY
--------------------------------------------------
By the end of this chapter, learners will be able to;
Know about access control.
Differentiate the physical and logical access control.
Engage with different examples of access control.
Apply the role of access control in their future projects.
Recognize about asset management.
Distinguish the three goals of an asset management program.
Engage with different types of IT asset Management.
Elaborate about business continuity.
Engage with the types of business continuity.
Know about the steps for building and executing of business continuity.
Familiarize the business continuity strategy.
With more than 50,000 new malware created every day organisations can no longer afford to risk the financial and reputational impacts of a security or data breach, which can be too much for a business to recover from. Because of this, IT managers face increasing scrutiny and pressure from CEOs, managing directors and boards to prove that they are keeping the organisation secure.
The changing threat landscape means organisations need to be vigilant and smarter about security. While businesses still face threats from infected devices and malware, attackers have also moved beyond that. For example, there is an increasing number of targeted email attacks with cyber criminals spending time to monitor communications so they can imitate emails that are so sophisticated that even relatively savvy users will open them.
This webinar will explore the building blocks required to ensure you have the roadmap required to best protection against cyber attacks. We will provide you with a high level view of the following topics:
· Audit and discovery – What are your weaknesses and are you compliant?
· Education – Do your employees know when not to open that attachment?
· Policy – Do you have the right policies for your industry?
· Technology – Where to start and what has changed?
"Thinking diffrent" about your information security strategyJason Clark
The document discusses the need for a new security strategy that focuses on data protection rather than infrastructure. It recommends evaluating current security spending and redirecting funds to intelligence-led approaches. A next generation security model is proposed that uses context awareness and data-centric policies to identify and contain advanced threats, including insider risks.
Threat modelling identifies potential security threats and vulnerabilities to develop mitigations. It is an essential process for managing cybersecurity risks. Threat response helps detect attacks in real time by monitoring activity and generating alerts. It allows security operators to quickly neutralize threats before they cause disruption. As technology plays a larger role, the need for threat modelling and response consultants has increased to combat cyber threats and protect organizations' data and systems.
A security awareness presentation created for an audience of senior officials from MTNL (India's foremost telecom PSU). The presentation covers fundamentals of Information Security, it's evolution, present day risks from the IT and Telecom infrastructure perspective.
The document discusses various topics related to IT security and risk mitigation. It begins with an overview of basic IT security principles such as confidentiality, integrity, availability, authenticity, non-repudiation and accountability. It also discusses banking security standards and the importance of having policies, procedures, and standards to ensure security. Finally, it covers the different types of risk mitigation controls including administrative, logical, and physical controls that can be implemented to minimize security risks.
Today, automation plays a larger role in cyber-security than ever before – for both sides, the attackers and the defenders. The escalation in volume and sophistication of attacks, constantly evolving cloud environments and transition to a remote workforce are putting additional pressure on organizations to transform Security Operations and Defense Centers.
Since the advent of automation and ML/AI technologies and their promised impact to transform incident response processes and threat hunting capabilities, what lessons have we learnt in ‘fine tuning’ process flows and automations in SecOps?
- Moving beyond the marketing hype, how is automation actually serving attackers and defenders today and what trends are happening here?
- What are the lessons learned – the good, bad and ugly – in automating security operations processes?
- Is there a right path to automation and what are the alternatives?
Overview of Artificial Intelligence in CybersecurityOlivier Busolini
If you are interested in understsanding a bit more the potential of Artifical Intelligence in Cybersecurity, you might want to have a look at this overview.
Written from my CISO -and non AI expert- point of view, for fellow security professional to navigate the AI hype, and (hopefully!) make better, informed decisions :-)
All feedback welcome !
Kista watson summit final public versionIBM Sverige
IBM Security Strategi
Talare: Peter Holm, Sweden Country Manager Security Systems, IBM och Kaja Narum, Integrated Business Unit Leader Security, IBM
Security Operations Center behind the curtain
Talare: Marcus Hallberg, Technical Solution Specialist, IBM Security
From Log to SIEM ... and Incident Response
Talare: Marcus Hallberg, Marcus Hallberg, Technical Solution Specialist, IBM Security och Victor Grane, Techical Sales, IBM Security
IoT Security
Talare: Torbjörn Andersson, Senior Security Consultant, IBM
Presentationerna hölls på Watson Kista Summit 2018
IBM MaaS360 with Watson offers a new cognitive approach to unified endpoint management that goes beyond traditional mobile device management. It uses cognitive technology like Watson to provide insights, recommendations, and an action plan based on analyzing news, blogs, and the environment. This helps IT and security leaders make faster decisions to evolve their platform and security posture.
NBIC, an acronym for Nanotechnology, Biotechnology, Information technology and Cognitive science, was, in 2014, the most popular term for converging technologies. It was introduced into public discourse through the publication of "Converging Technologies for Improving Human Performance", a report sponsored in part by the U.S. National Science Foundation.
----------
Videos:
Part 1: http://www.aparat.com/v/0Yolq
Part 2: http://www.aparat.com/v/3pWTa
Although a latecomer to the security party, HR organizations can play an important role in protecting assets and influencing good security behaviors. HR leadership can strengthen hiring practices, tighten responses for disgruntled employees, spearhead effective employee security education, advocate regulatory compliance and exemplify good privacy practices, be a good custodian of HR data, and rise to the challenges of hiring good cybersecurity professionals.
What i learned at issa international summit 2019Ulf Mattsson
This session will discuss what attendees learned at The ISSA International Summit 2019, held on October 1-2 at in Irving/Dallas, TX.
Learn from one of the presenters at this conference and what cybersecurity professionals got to share and learn from the leaders in the industry.
Over the last 30 years ISSA international has grown into the global community of choice for international cybersecurity professionals. With over 100 domestic and international chapters, members have world wide support with daily cyber threats that are becoming increasingly intricate and difficult to prevent, detect, and re-mediate.
The Cloud is both compelling and alluring, offering benefits that entice many organizations into rapid adoption. But caution should be taken. Leveraging cloud technologies can offer tremendous opportunities, with the caveat of potentially introducing new security problems and business risks. Presented are strategic recommendations for cloud adoption to a community of application and infrastructure developers.
This document discusses several challenges in implementing cyber security including the information security model, risk management, and survivability. It outlines various opportunities for intrusion such as rapidly adopted networks and exploitable vulnerabilities. The document also discusses internal and external intruders as well as the information security model. Risk is defined and risk management processes are outlined including risk assessment. The concept of survivability and an approach using multiple layers of protection for critical assets is presented.
How to protect your company’s computer systems against penetration and attack; the dangers of security lapses in corporate computer
systems and Internet architecture, and specific methodologies for evaluating your company’s security, detecting intrusions and responding effectively.
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
Attackers and exploits are becoming increasingly sophisticated, and the pressure to protect business critical data is only getting more and more intense. Security Intelligence transforms the playing field by adding analytics and context, and shifts the balance in favor of the good guys. Today forward thinking organizations are looking at extending Security Intelligence even further by combining it with Big Data to form a solution that allows them to analyze new types of information, and data that travels at higher velocity, and in larger volume. This powerful combination yields new insights that can more effectively identify threats and fraud than ever before.
In this session, attendees will learn how to combine Security Intelligence and Big Data, and deploy a solution that is well suited for structured, repeatable tasks. We will also cover the addition of complementary new technologies that address speed and flexibility, and are ideal for analyzing unstructured data. This session will also highlight how organizations are using Security Intelligence to pro-actively detect advanced threats before they cause damage, and take effective corrective action if a compromise succeeds.
View the On-demand webinar: https://www2.gotomeeting.com/register/657029698
Cybersecurity is difficult. It is a serious endeavor which over time strives to find a balance in managing the security of computing capabilities to protect the technology which connects and enriches the lives of everyone. Characteristics of cyber risk continue to mature and expand on the successes of technology innovation, integration, and adoption. It is no longer a game of tactics, but rather a professional discipline, continuous in nature, where to be effective strategic leadership must establish effective and efficient structures for evolving controls to sustain an optimal level of security.
This presentation will discuss the emerging challenges as it analyzes the cause-and-effect relationships of factors driving the future of cybersecurity.
The document discusses how artificial intelligence (AI) can help address challenges in cybersecurity. It notes that the amount of security data and knowledge is growing rapidly but humans cannot process it all. AI can help by connecting related security events, extracting information from unstructured data sources, and answering security questions. This can help reduce investigation times and free up analysts to focus on more strategic work. However, the document also warns that attackers may increasingly use AI to launch more sophisticated attacks, so defenses need to evolve as well.
IBM Security Products: Intelligence, Integration, ExpertiseShwetank Jayaswal
This document provides an overview of IBM's security products and services portfolio. It discusses (1) the complex threats businesses face today from hyper-connected digital environments, (2) IBM's approach to security intelligence through comprehensive internal and external monitoring, analytics and threat research, and (3) IBM's integrated portfolio of security products, consulting services and global security operations centers to help customers address challenges.
I was invited to present a talk on "Artificial Intelligence for Cyber Security" for #GirlsInAIHack2021 by #TeenInAIFiji. It was my honor to be there and share my words with the participants and I wish all the participants the best wishes.
Girls from 25 counties aged 12-18 had participated in this Hackathon. They were using Hot Technologies like AI and ML to fight world problems to make good. The event was started on #InternationalWomensDay2021. Total of 1000 participations
500+ Mentors & Organizers
120+ International Speakers were part of it
You can watch it here - https://youtu.be/rhWyt68yuI0
If you want to invite me for a webinar or conference connect
mail: hello@priyanshuratnakar.com or priyanshuratnakar@protonmail.com
You can use the slides but give credit somewhere
IT Security and Management - Prelim Lessons by Mark John LadoMark John Lado, MIT
Learning topics:
1. ACCESS CONTROL
2. ASSET MANAGEMENT
3. BUSINESS CONTINUITY
--------------------------------------------------
By the end of this chapter, learners will be able to;
Know about access control.
Differentiate the physical and logical access control.
Engage with different examples of access control.
Apply the role of access control in their future projects.
Recognize about asset management.
Distinguish the three goals of an asset management program.
Engage with different types of IT asset Management.
Elaborate about business continuity.
Engage with the types of business continuity.
Know about the steps for building and executing of business continuity.
Familiarize the business continuity strategy.
With more than 50,000 new malware created every day organisations can no longer afford to risk the financial and reputational impacts of a security or data breach, which can be too much for a business to recover from. Because of this, IT managers face increasing scrutiny and pressure from CEOs, managing directors and boards to prove that they are keeping the organisation secure.
The changing threat landscape means organisations need to be vigilant and smarter about security. While businesses still face threats from infected devices and malware, attackers have also moved beyond that. For example, there is an increasing number of targeted email attacks with cyber criminals spending time to monitor communications so they can imitate emails that are so sophisticated that even relatively savvy users will open them.
This webinar will explore the building blocks required to ensure you have the roadmap required to best protection against cyber attacks. We will provide you with a high level view of the following topics:
· Audit and discovery – What are your weaknesses and are you compliant?
· Education – Do your employees know when not to open that attachment?
· Policy – Do you have the right policies for your industry?
· Technology – Where to start and what has changed?
"Thinking diffrent" about your information security strategyJason Clark
The document discusses the need for a new security strategy that focuses on data protection rather than infrastructure. It recommends evaluating current security spending and redirecting funds to intelligence-led approaches. A next generation security model is proposed that uses context awareness and data-centric policies to identify and contain advanced threats, including insider risks.
Threat modelling identifies potential security threats and vulnerabilities to develop mitigations. It is an essential process for managing cybersecurity risks. Threat response helps detect attacks in real time by monitoring activity and generating alerts. It allows security operators to quickly neutralize threats before they cause disruption. As technology plays a larger role, the need for threat modelling and response consultants has increased to combat cyber threats and protect organizations' data and systems.
A security awareness presentation created for an audience of senior officials from MTNL (India's foremost telecom PSU). The presentation covers fundamentals of Information Security, it's evolution, present day risks from the IT and Telecom infrastructure perspective.
The document discusses various topics related to IT security and risk mitigation. It begins with an overview of basic IT security principles such as confidentiality, integrity, availability, authenticity, non-repudiation and accountability. It also discusses banking security standards and the importance of having policies, procedures, and standards to ensure security. Finally, it covers the different types of risk mitigation controls including administrative, logical, and physical controls that can be implemented to minimize security risks.
Today, automation plays a larger role in cyber-security than ever before – for both sides, the attackers and the defenders. The escalation in volume and sophistication of attacks, constantly evolving cloud environments and transition to a remote workforce are putting additional pressure on organizations to transform Security Operations and Defense Centers.
Since the advent of automation and ML/AI technologies and their promised impact to transform incident response processes and threat hunting capabilities, what lessons have we learnt in ‘fine tuning’ process flows and automations in SecOps?
- Moving beyond the marketing hype, how is automation actually serving attackers and defenders today and what trends are happening here?
- What are the lessons learned – the good, bad and ugly – in automating security operations processes?
- Is there a right path to automation and what are the alternatives?
Overview of Artificial Intelligence in CybersecurityOlivier Busolini
If you are interested in understsanding a bit more the potential of Artifical Intelligence in Cybersecurity, you might want to have a look at this overview.
Written from my CISO -and non AI expert- point of view, for fellow security professional to navigate the AI hype, and (hopefully!) make better, informed decisions :-)
All feedback welcome !
Kista watson summit final public versionIBM Sverige
IBM Security Strategi
Talare: Peter Holm, Sweden Country Manager Security Systems, IBM och Kaja Narum, Integrated Business Unit Leader Security, IBM
Security Operations Center behind the curtain
Talare: Marcus Hallberg, Technical Solution Specialist, IBM Security
From Log to SIEM ... and Incident Response
Talare: Marcus Hallberg, Marcus Hallberg, Technical Solution Specialist, IBM Security och Victor Grane, Techical Sales, IBM Security
IoT Security
Talare: Torbjörn Andersson, Senior Security Consultant, IBM
Presentationerna hölls på Watson Kista Summit 2018
IBM MaaS360 with Watson offers a new cognitive approach to unified endpoint management that goes beyond traditional mobile device management. It uses cognitive technology like Watson to provide insights, recommendations, and an action plan based on analyzing news, blogs, and the environment. This helps IT and security leaders make faster decisions to evolve their platform and security posture.
NBIC, an acronym for Nanotechnology, Biotechnology, Information technology and Cognitive science, was, in 2014, the most popular term for converging technologies. It was introduced into public discourse through the publication of "Converging Technologies for Improving Human Performance", a report sponsored in part by the U.S. National Science Foundation.
----------
Videos:
Part 1: http://www.aparat.com/v/0Yolq
Part 2: http://www.aparat.com/v/3pWTa
Cognitive Security: How Artificial Intelligence is Your New Best FriendSparkCognition
For more information, visit http://sparkcognition.com
For all that you hear about artificial intelligence and machine learning, how can it help you keep your networks safer and more secure?
In this new era of computing, we will explore how artificial intelligence is being used to super charge human intelligence in threat detection, evidence gathering and remediation.
In this webinar we will discuss how this new, cutting edge cognitive security is being utilized to:
Increase speed, accuracy, and data processing capabilities to unparalleled levels
Reduce false alarms
Provide sub-second malware detection
Retain knowledge in a self-learning environment
Provide signature free security and zero-day threat detection
The document is a project report submitted by three students - Rishabh Hastu, Parag Jagtap and Abhishek Shukla - for their Bachelor's degree. It examines security challenges in cognitive radio networks and proposes a two-stage solution. The first stage involves efficient spectrum sensing using eigenvalue-based energy detection. The second stage detects unauthorized malicious users using a security algorithm and encryption, which the malicious users cannot decrypt without the secret key. The project was carried out under the guidance of Prof. D.D. Ambawade at Bharatiya Vidya Bhavan’s Sardar Patel Institute of Technology, University of Mumbai.
Developing Analytic Technique and Defeating Cognitive Bias in Securitychrissanders88
In this presentation, I discuss the evolution to the analysis era in information security and the challenges associated with it. This includes several examples of cognitive biases and the negative effects they can have on the analysis process. I also discuss different analytic techniques that can enhance analysis such as differential diagnosis and relational investigation.
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)Gabriel Dusil
Check out my blog "Multiscreen & OTT for the Digital Generation" @ gdusil.wordpress.com.
“Advanced Persistent Threats”, or APTs, refers low-level attacks used collectively to launch a targeted & prolonged attack. The goal is to gain maximum control into the target organization. APTs pose serious concerns to a security management team, especially as APT toolkits become commercially and globally available. Today’s threats involve polymorphic malware and other techniques that are designed to evade traditional security measures. Best-in-class security solutions now require controls that do not rely on signature-based detection, since APTs are “signature-aware”, and designed to bypass traditional security layers. New methods are needed to combat these new threats such as Behavioral Analysis. Network Behavior Analysis proactively detects and blocks suspicious behavior before significant damage can be done by the perpetrator. This presentation provides some valuable statistics in the growing threat of APTs.
The intelligence lifecycle entails transforming raw data into final intelligence for decision-making. Deconstruct this domain to boost your organization's cyber defenses.
Exploration Draft Document- CEM Machine Learning & AI Project 2018Leslie McFarlin
Draft document to present findings of exploratory work on the incorporation of machine learning and AI into an existing data security product. The project was abandoned due to conflicting work done by product management.
Threat intelligence provides information across a wide range of sources to assist associations with safeguarding their resources by working with a designated network safety procedure. Call Us: +1 (978)-923-0040
CYBERSECURITY INFRASTRUCTURE AND SECURITY AUTOMATIONacijjournal
AI-based security systems utilize big data and powerful machine learning algorithms to automate the security management task. The case study methodology is used to examine the effectiveness of AI-enabled security solutions. The result shows that compared with the signature-based system, AI-supported security applications are efficient, accurate, and reliable. This is because the systems are capable of reviewing and correlating large volumes of data to facilitate the detection and response to threats.
CYBERSECURITY INFRASTRUCTURE AND SECURITY AUTOMATIONacijjournal
AI-based security systems utilize big data and powerful machine learning algorithms to automate the security management task. The case study methodology is used to examine the effectiveness of AI-enabled security solutions. The result shows that compared with the signature-based system, AI-supported security applications are efficient, accurate, and reliable. This is because the systems are capable of reviewing and correlating large volumes of data to facilitate the detection and response to threats.
The document discusses how security operations centers are adopting machine learning and artificial intelligence technologies to automate cybersecurity tasks like detecting threats, analyzing vast amounts of data, and responding quickly to incidents. It provides examples of how Oracle's cloud-based cybersecurity applications incorporate machine learning algorithms to continuously learn normal behavior, detect anomalies, and automate responses. The document advocates for adopting an intelligent, adaptive security framework that relies on AI and machine learning rather than static rules to manage hybrid cloud environments.
IT Executive Guide to Security IntelligencethinkASG
Transitioning from log management and SIEM to comprehensive security intelligence.
This white paper discusses the increasing need for organizations to maintain comprehensive and cost-effective information security, and describes the integrated set of solutions provided by the IBM QRadar Security Intelligence Platform designed to help achieve total security intelligence.
This paper discusses the question of optimizing security decisions in an organization, based on the information provided by the technical security infrastructure.
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...TI Safe
Cognitive security solutions using artificial intelligence can help address cybersecurity threats by assisting overworked human analysts. Watson provides a cognitive security platform that analyzes both structured security data and vast amounts of unstructured online data to gain insights. It helps speed up investigation of incidents by quickly providing relevant indicators, related threats, and recommended courses of action based on its security knowledge graph. This frees up analysts to focus on higher-level tasks. Customers have seen Watson reduce investigation time from 50 minutes to just 10 minutes on average.
Cognitive computing in security uses AI to help security analysts understand threats better. It can analyze large amounts of structured and unstructured security data to find patterns humans may miss. This helps address gaps in speed, accuracy, and intelligence for security teams overwhelmed by data. IBM's Watson for Cyber Security ingests security knowledge from sources like reports, blogs, and alerts. It builds a knowledge graph to help analysts investigate incidents faster, from minutes to hours instead of days to weeks. The cognitive system can reduce the skills gap and workload for analysts.
CROs must be part of the cybersecurity solution by david x martinDavid X Martin
Chief risk officers must play a more integral role in companies' cybersecurity strategies. They should adopt a defense-in-depth approach using multiple security techniques to slow attackers. They also need to take an intelligence-driven approach, continuously adapting based on intelligence and incidents. Chief risk officers should treat cybersecurity as an enterprise risk management issue with three lines of defense - prevention, oversight, and response. Innovation is also needed in access management, distributed systems, and artificial intelligence for threat identification and recovery.
The document discusses the need for organizations to adopt a strategy of cyber resilience in response to the growing threats posed by the digital environment. It emphasizes that while complete risk elimination is impossible, cyber resilience involves managing security through a multi-layered approach across people, processes, and technology. This can help organizations better prepare for, detect, respond to, and recover from cyber attacks in order to minimize potential damage and disruption. Symantec is presented as uniquely qualified to help organizations achieve cyber resilience through its security solutions, intelligence capabilities, scale, expertise and infrastructure.
The security immune system document discusses an integrated approach to cybersecurity using the metaphor of the human immune system. It describes how the IBM security immune system works in an integrated manner across security planning, operations, and information protection. The summary provides an overview of the key areas covered in the document:
1) The IBM security immune system takes an integrated approach similar to the human immune system, allowing security components to work together across planning, response, and protection.
2) It covers security transformation services, security operations and response, and information risk and protection.
3) The goal is to provide intelligence, visibility and insights across the entire security system to prevent, detect and respond to threats.
The Transformative Role of Artificial Intelligence in Cybersecuritycyberprosocial
In an era dominated by digitization, the rise of Artificial Intelligence (AI) has been a game-changer in various domains. One area where AI has particularly shone is in the realm of cybersecurity. As the digital landscape expands, so do the threats associated with Artificial Intelligence in cybersecurity
Harnessing the Power of Machine Learning in Cybersecurity.pdfCIOWomenMagazine
Combat Machine Learning in Cybersecurity! Explore applications, benefits, & challenges of ML in cybersecurity for improved detection, response, & resilience.
This document discusses how advanced network forensics can help security teams investigate cyber attacks more effectively. It describes how IBM's QRadar Incident Forensics solution allows organizations to (1) retrace an attacker's steps through raw packet data reconstruction, (2) speed up investigations by indexing network activity into searchable information, and (3) give security teams better visibility into security incidents through a simplified search interface.
The IBM Security immune system is a fully integrated
approach that allows its components to grow and
adapt within the infrastructure—working together
to improve their effectiveness. So they can deliver
intelligence, visibility and actionable insights across
the entire system.
Priming your digital immune system: Cybersecurity in the cognitive eraLuke Farrell
Learn how cognitive security may be a powerful tool in addressing challenges security professionals face.
New capabilities for a
challenging era
Security leaders are working to address three gaps
in their current capabilities
—
in intelligence, speed
and accuracy. Some organizations are beginning to
explore the potential of cognitive security solutions
to address these gaps and get ahead of their risks
and threats. There are high expectations for this
technology. Fifty-seven percent of the security
leaders we surveyed believe that it can significantly
slow the ef forts of cybercriminals. The 22 percent of
respondents who we call “Primed” have started their
journey into the cognitive era of cybersecurity
—
they
believe they have the familiarity, the maturity and the
resources they need. To begin the journey, it is
important to explore your weaknesses, determine
how you want to augment your capabilities with
cognitive solutions and think about building education
and investment plans for your stakeholders.
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTIONChristopherTHyatt
Artificial Intelligence (AI) fortifies cybersecurity by dynamically identifying and neutralizing cyber threats. With machine learning algorithms, AI analyzes patterns in real-time data, swiftly detecting anomalies and potential security breaches. This proactive approach enhances the overall defense mechanism, ensuring robust protection against evolving cyber threats in the ever-changing digital landscape.
Similar to Ibm cognitive security_white_paper_04_2016 (20)
Merchants from high-risk industries face significant challenges due to their industry reputation, chargeback, and refund rates. These industries include sectors like gambling, adult entertainment, and CBD products, which often struggle to secure merchant accounts due to increased risks of chargebacks and fraud.
To overcome these difficulties, it is necessary to improve credit scores, reduce chargeback rates, and provide detailed business information to high-risk merchant account providers to enhance credibility.
Regarding security, implementing robust security measures such as secure payment gateways, two-factor authentication, and fraud detection software that utilizes machine learning systems is crucial.
Pruning enhances your garden's visual appeal by keeping plants neat and well-formed. Whether you prefer a formal, structured look or a more natural, free-flowing design, regular pruning helps you achieve and maintain your desired garden style. A well-pruned garden looks cared for and can significantly improve the overall beauty of your outdoor space.
Discover How Long Do Aluminum Gutters Last?SteveRiddle8
Many people wonder how long aluminum gutters last. In this ppt, we will cover the lifetime of aluminum gutters, appropriate maintenance procedures, and the advantages of using this material for gutter installation.
The study compares AMUSE's FDM and MJF 3D printing technologies.pptxAmuse
AMUSE offers cutting-edge HP MJF 3D printing services in India that facilitate the effective creation of challenging designs for all kinds of industries.
https://amuse3d.in/hp-mjf-3d-printing-service/
Forex Copy trading is the mode of trading offering great opportunities to the traders lacking time or in-depth market knowledge, yet willing to use currency trading as a form of investment and to increase their initial funds.
eBrand Promotion Full Service Digital Agency Company ProfileChimaOrjiOkpi
eBrandpromotion.com is Nigeria’s leading Web Design/development and Digital marketing agency. We’ve helped 600+ clients in 24 countries achieve growth revenue of over $160+ Million USD in 12 Years. Whether you’re a Startup or the Unicorn in your industry, we can help your business/organization grow online. Thinking of taking your business online with a professionally designed world-class website or mobile application? At eBrand, we don’t just design beautiful mobile responsive websites/apps, we can guarantee that you will get tangible results or we refund your money…
By refining the layout and replacing furnishings, people can more effectively enjoy themselves in their home environment. If you want to enhance the visual appeal of your home, then residential painting services are at your service. We take responsibility for transforming your dull spaces into vibrant ones. This PPT unveils the difference that professional painters make in elevating the look of your home.
METS Lab SASO Certificate Services in Dubai.pdfsandeepmetsuae
Achieving compliance with the Saudi Standards, Metrology and Quality Organization (SASO) regulations is crucial for businesses aiming to enter the Saudi market. METS Laboratories offers comprehensive SASO certification services designed to help companies meet these stringent standards efficiently. Our expert team provides end-to-end support, from initial product assessments to final certification, ensuring that all regulatory requirements are meticulously met. By leveraging our extensive experience and state-of-the-art testing facilities, businesses can streamline their certification process, avoid costly delays, and gain a competitive edge in the market. Trust METS Laboratories to guide you through every step of achieving SASO compliance seamlessly.
Electrical Testing Lab Services in Dubai.pptxsandeepmetsuae
An electrical testing lab in Dubai plays a crucial role in ensuring the safety and efficiency of electrical systems across various industries. Equipped with state-of-the-art technology and staffed by experienced professionals, these labs conduct comprehensive tests on electrical components, systems, and installations.
Gujar Industries India Pvt. Ltd is a leading manufacturer of X-ray baggage scanners in India. With a strong focus on innovation and quality, the company has established itself as a trusted provider of security solutions for various industries. Their X-ray baggage scanners are designed to meet the highest standards of safety and efficiency, making them ideal for use in airports, government buildings, and other high-security environments. Gujar Industries India Pvt. Ltd is committed to providing cutting-edge technology and reliable products to ensure the safety and security of their customers.
Electrical Testing Lab Services in Dubai.pdfsandeepmetsuae
An electrical testing lab in Dubai plays a crucial role in ensuring the safety and efficiency of electrical systems across various industries. Equipped with state-of-the-art technology and staffed by experienced professionals, these labs conduct comprehensive tests on electrical components, systems, and installations.
Sustainable Solutions for Chemical Waste Disposal by Summerland Environmental...Summerland Environmental
Welcome to the presentation on Sustainable Solutions for Chemical Waste Disposal by Summerland Environmental. We will explore innovative methods and technologies for eco-friendly waste management.
Job Vacancies in Norway 🇳🇴
Warehouse Workers for Clothing
2year WORKPERMIT 👍
Salary: €3900-4300 per month (Paid twice a month).
Requirements:
* Duties include quality control of products, order picking, packing goods, and applying stickers and labels.
* Work schedule: 8-10 hours per day, 5 days a week.
Documents 📄
*Adhar
Pan
Photo
Education documents
Basic English**o
Education documents
Basic English**
Photo
Education documents
Basic English**
Best Web Development Frameworks in 2024growthgrids
Best Web Development Frameworks: In 2024, the landscape of web development frameworks is diverse, with different frameworks excelling in various aspects such as 1. React, 2. Jquery, 3. MySQL, and 4. ASP.NET. With a strategic blend of manual testing and cutting-edge automated tools, we guarantee a flawless user experience. Partner with Growth Grids and elevate your software quality to new heights.
Contact Us :-
Email: [business@growthgrids.com]
Phone: [+91-9773356002]
Website : https://growthgrids.com
Top 10 Challenges That Every Web Designer Face on A Daily Basis.pptxe-Definers Technology
In today’s fast-moving digital world, building websites is super important for how well a business does online. But, because things keep changing with technology and what people expect, teams who make websites often run into big problems. These problems can slow down their work and stop them from making really good websites. Let us see what the best website designers in Delhi have to say –
https://www.edtech.in/services/website-designing-development-company-delhi.htm
Biomass Briquettes A Sustainable Solution for Energy and Waste Management..pptxECOSTAN Biofuel Pvt Ltd
Biomass briquettes are an innovative and environmentally beneficial alternative to traditional fossil fuels, providing a long-term solution for energy production and waste management. These compact, high-energy density briquettes are made from organic materials such as agricultural wastes, wood chips, and other biomass waste, and are intended to reduce environmental effect while satisfying energy demands efficiently.
Stay updated on Siddhivinayak Temple events and timings in Houston, TX. Join our spiritual and community gatherings. Visit us now! gaurisiddhivinayak.org
3 Examples of new capital gains taxes in CanadaLakshay Gandhi
Stay informed about capital gains taxes in Canada with our detailed guide featuring three illustrative examples. Learn what capital gains taxes are and how they work, including how much you pay based on federal and provincial rates. Understand the combined tax rates to see your overall tax liability. Examine specific scenarios with capital gains of $500k and $1M, both before and after recent tax changes. These examples highlight the impact of new regulations and help you navigate your tax obligations effectively. Optimize your financial planning with these essential insights!
💼 Dive into the intricacies of capital gains taxes in Canada with this insightful video! Learn through three detailed examples how these taxes work and how recent changes might impact you.
❓ What are capital gains taxes? Understand the basics of capital gains taxes and why they matter for your investments.
💸 How much taxes do I pay? Discover how the amount of tax you owe is calculated based on your capital gains.
📊 Federal tax rates: Explore the federal tax rates applicable to capital gains in Canada.
🏢 Provincial tax rates: Learn about the varying provincial tax rates and how they affect your overall tax bill.
⚖️ Combined tax rates: See how federal and provincial tax rates combine to determine your total tax obligation.
💵 Example 1 – Capital gains $500k: Examine a scenario where $500,000 in capital gains is taxed.
💰 Example 2 – Capital gains of $1M before the changes: Understand how a $1 million capital gain was taxed before recent changes.
🆕 Example 3 – Capital gains of $1M after the changes: Analyze the tax implications for a $1 million capital gain after the latest tax reforms.
🎉 Conclusion: Summarize the key points and takeaways to help you navigate capital gains taxes effectively.
#CapitalGainsTax #Taxation #CanadianTax #InvestmentTax #TaxRates #FinancialPlanning #TaxReform #CapitalGains #TaxExamples 💼💸📊🏢⚖️💵💰🆕
2. 2 Cognitive security
Contents
The new imperative
What is cognitive security?
From compliant to cognitive
The cognitive security edge
Digging deeper, going wider
Addressing the skills gap
Use cases: cognitive unleashed
The future: reversing cybercrime economics
Integration and expertise for a cognitive ecosystem
How IBM can help
3 steps to take now
03
03
04
06
07
07
08
09
09
10
10
3. 3 Cognitive security
Until now
80%
of the world’s data
has been
invisible.
The new imperative
For almost a century, we’ve programmed computers to
help solve complex problems. We can now simulate
weather, sequence genomes and instantly share data
across the world. But ask a computer to do something
humans do every day—recognize an image, read a book or
explain the meaning of a poem—and it’s a different story.
Traditional systems fall short.
The same is true for security. For decades, we’ve
programmed computers to recognize viruses, malware
and exploits. We continuously tune them to become more
accurate, but it’s not enough. Adversaries constantly morph
their attacks and find creative ways to breach defenses.
What organizations need is the ability to detect the subtlest
change in activity and analyze it with as much context as
possible to distinguish and eliminate new threats.
It takes constant monitoring and maximum use of data to
find attacks and abnormal behavior before damage is
done. But the world produces over 2.5 quintillion bytes of
data every day, and 80% of it is unstructured. This means
it’s expressed in natural language – spoken, written or
visual – that a human can easily understand but traditional
security systems can’t. The reality is that there are
thousands of security blogs posted every day with detailed
threat intelligence. But it’s impossible for a security analyst
to know everything that’s in them, and traditional security
is unable to analyze and apply this insight the way an
analyst can.
This is why the most challenging security problems still
require people to make sound decisions about what to act
on and what’s a false alarm. In fact, the best security
professionals build their body of knowledge every day
through experience, talking with colleagues, attending
conferences and staying up-to-date on research.
At IBM Security, we’re training a new generation of systems
to understand, reason and learn about constantly evolving
security threats. We’re beginning to build security instincts
and expertise into new defenses that analyze research
reports, web text, threat data and other security-relevant
structured and unstructured data – just like security
professionals do every day – but at a scale like we’ve
never seen. This is the essence of cognitive security.
The result: analysts will call upon cognitive systems to
help augment and even automate their understanding
of a threat... making analysts smarter about the latest
attacks and freeing up valuable time to focus on other
pressing issues.
What is cognitive
security?
Cognitive systems are self-learning systems that use data
mining, machine learning, natural language processing and
human–computer interaction to mimic the way the human
brain works.
Cognitive security is the
implementation of two
broad and related capabilities:
• The use of cognitive systems to analyze security
trends and distill enormous volumes of structured
and unstructured data into information, and then into
actionable knowledge to enable continuous security
and business improvement
• The use of automated, data-driven security
technologies, techniques and processes that support
cognitive systems’ having the highest level of context
and accuracy
4. IBM Security 4
Perimeter controls: security that
confines (pre-2005)
We started with static defenses to guard or limit the flow
of data, including firewalls, antivirus software and web
gateways. The evolution of information security within the
enterprise began as a compliance exercise. The goal was
to lock down and restrict access to sensitive information
via passwords and a range of access control strategies.
Success meant passing an audit. While perimeter defenses
are still in use, they are not sufficient by themselves for
today’s environment.
Security intelligence: security that helps
you think (2005+)
Over time, we progressed to sophisticated monitoring
systems that can collect and comb through massive
amounts of data to discover vulnerabilities and prioritize
potential attacks. This transition led to a focus on real-time
information to detect suspicious activity. Today, security
intelligence is the real-time collection, normalization and
analysis of structured data, generated by users,
applications and infrastructure.
Security intelligence uses analytics to detect deviations
from regular patterns, uncover changes in network traffic
and find activities that exceed defined levels. Within a
security intelligence infrastructure, analytics are applied
to massive amounts of information in an effort to
understand company data within context and prioritize
day-to-day activities. By determining which deviations are
meaningful, security intelligence can not only help detect
compromises faster, but also reduce false positives to save
time and resources.
Cognitive security: security that
understands, reasons and learns at
scale (2015+)
Built upon security intelligence, which leverages big data
analytics, cognitive security is characterized by technology
that is able to understand, reason and learn. A much
greater scale of relevant security data is now accessible
with cognitive systems that can process and interpret the
80% of today's data that's unstructured, such as written
and spoken language.
After ingesting a corpus of knowledge, curated by
experts on any given subject, a cognitive security system
is trained by being fed a series of question-and-answer
pairs. This machine “knowledge” is then enhanced as
security professionals interact with the system, providing
feedback on the accuracy of the system’s responses.
A key difference: a cognitive system comprehends and
processes new information at a speed that far surpasses
any human. Technical defenses can now be trained to
analyze thousands of research reports, conference
materials, academic papers, news articles, blog posts and
industry alerts—every day.
As cognitive systems continue to observe events and
behaviors—distinguishing the good from the bad—the
ability to leverage integrated defenses to block new threats
gets stronger and stronger. By helping to make security
analysts more effective and accelerating the response to
emerging threats, cognitive security will help to address the
current security skills gap, bringing heightened levels of
confidence and risk control. See figure 1.
From compliant to cognitive
Since the age of the first networks and the hackers who soon followed, we’ve
evolved security technology to stop attacks. To date, there have been two distinct
eras of cyber security: perimeter controls and security intelligence. These serve
as building blocks as we enter the third era—cognitive security.
5. 5 Cognitive security
Cognitive ultimately plays into a framework built on the basics of traditional
security. Security intelligence is not going away; it’s a key building block of
cognitive security. What cognitive does is gives us a way to triage threat
intelligence and detection, and provide actionable information, at a speed
and scale like never before.
Figure 1
History of security timeline
Perimeter controls Security intelligence Cognitive security
• Static defenses
• Password protections
• Focus on compliance
• Success = passing an audit
• Observation of real-time
activity
• Focus on deviations from
known patterns
• Ability to prioritize
potential threats
• Reactive and rules-based
• Reasoning that mirrors
human thought
• Ability to analyze structured
and unstructured data to
understand behavior and meaning
• Automated learning based on
continual threat intelligence
• Proactive focus using relationships
and recommendations
pre - 2005 2005+ 2015+
6. IBM Security 6
Because security intelligence and
big data analytics are traditionally
unstructured, the cognitive element
brings an important additional level of
understanding to what’s going on and
how to act. With this full stack, you
can have the maximum amount of
protection available for your security
environment. See figure 2.
The cognitive
security edge
Traditional, programmable security systems respond
to requests, make determinations and analyze data
according to predefined parameters. Cognitive systems
interpret data, add to their base of knowledge from virtually
every interaction, weigh probabilities based on a depth of
insight and help you take action based on consideration of
relevant variables.
Whereas the current generation of systems are
reactive—detecting and responding to anomalies or
attacks—cognitive security is proactive. Forward focused
and continuously multi-tasking, cognitive systems scour
for vulnerabilities, connect dots, detect variances and sift
through billions of events to build upon a base of actionable
knowledge.
Cognitive solutions generate not just answers,
but hypotheses, evidence-based reasoning and
recommendations. What’s possible now is the ability
to interpret the 80 percent of data that’s unstructured -
previously inaccessible to existing systems – and integrate
it with structured data from countless sources and
locations. In a global economy where value increasingly
comes from information, data represents one of the most
abundant, valuable and complex raw materials in the world.
We now have the means to mine both structured and
unstructured data, and continuously extract features and
patterns to provide context in real time for improved
decision making.
The following three pillars of cognitive security function in a
rapid-fire pace of human-like thought patterns:
1. Understand and make sense of unstructured data and
natural language text. This includes the ability to ingest
and process information through “reading” books, reports,
blogs and relevant industry data, “seeing” images and
“hearing” natural speech within its context.
2. Reason based on the ability to interpret and organize
information and offer explanations of what it means, along
with a rationale for conclusions.
3. Learn continuously as data accumulates and insights are
derived from interaction.
Figure 2
Security intelligence & big data analytics
“Look everywhere for security indicators”
Curated threat data
“Correlate against the latest and greatest threats”
Professional services
“Help me organize and tune my chaos”
Industry expertise
“This is what others have seen in my industry”
Traditional security
“Cast a wide net and show me the knowns”
Cognitive security
“How do I understand and act?”
7. 7 Cognitive security
Digging deeper, going wider
A single-minded focus on detecting malware, malicious
threats, outliers and anomalies can tend to result in too
many false positives. That’s the advantage of the
multidimensional playing field in which cognitive
systems operate.
In today’s world, the ability to distinguish among black
and white is just one aspect of the expertise required for
an integrated security infrastructure. There’s an increasing
amount of grey area, and that’s where cognitive comes in.
Fortified with heightened levels of intuition, intelligence
and insight, cognitive systems are designed to be
continuously enhanced with data to help distinguish
acceptable behaviors from subtle variations that could
signal emerging threats. The result is a broader perspective
and a proactive focus on the big picture.
Addressing the skills gap
It’s not just our systems that are challenged in keeping up with today’s security
environment; there are challenges on the staff side as well. The number of
unfilled information security positions around the world is estimated at 208,000
and is expected to grow to 1.5 million by 2020. Cognitive security can help.
Serving as a scalable resource to support human
capabilities, cognitive systems can act like extraordinary
extensions to often understaffed security departments.
This new dimension is vital because it’s no longer enough
to keep a close watch on what’s happening within your own
system. You need to monitor threats on a global scale in
order to prepare for potential attacks. Cognitive systems
are able to tap into global exchange networks that analyze
hundreds of thousands of security events per second, for
thousands of clients around the world.
Cognitive can ease the task of the security analyst by
providing human-centric communications, such as
advanced visualizations, interactive vulnerability analysis,
risk assessment, remediation and possible attribution.
Cognitive systems will be able to spot anomalies and
flawed logic, and provide evidence-based reasoning.
This enables analysts to weigh alternative outcomes
and improve decision making.
8. IBM Security 8
Enhance your SOC analysts
Cognitive systems can understand a vast sea of structured
and unstructured data, to help quickly move the value of a junior
analyst from a level 1 to a 2 or 3. Cognitive systems can automate
ingesting information – such as research reports and best
practices – to give real-time input. Previously, this knowledge and
insight could only be obtained from years of experience.
Identify threats with advanced analytics
Cognitive systems may use analysis methods such as machine
learning, clustering, graph mining and entity relationship modeling
to identify potential threats. They can help speed detection of
risky user behavior, data exfiltration and malware detection before
damage occurs.
Improve enterprise risk
In the future, cognitive systems could analyze corpuses
of interactions, the nature of those interactions and their
susceptibility to develop risk profiles for organizations, corporate
actions, training and re-education. Cognitive systems could
use natural language processing to find sensitive data in an
organization and redact it.
Speed response with external intelligence
When the next Heartbleed hits, people will blog about how to
protect yourself from it. Even though a signature
is not available yet, there is natural language online that can help
you answer the question. Cognitive systems can crawl to quickly
discover how to protect against the next zero-day exploit.
Strengthen application security
Cognitive systems can understand the semantic context of your
analytics and data, while exploring code and code structures.
They can take thousands of vulnerability findings and refine results
to a small set of actionable items – and take you to locations in
your code where you can fix them.
Use cases:
cognitive unleashed
9. 9 Cognitive security
Cognitive systems can analyze features, or
characteristics, from an enormous set of malicious
software—known as malware—in order to detect subtle
commonalities. The reason why that’s key: the diversity
of malicious software is huge, but cybercrime groups
evolve their code, so much of the malware at work today
is actually related to other malware. With cognitive systems,
we can analyze thousands of features of a suspicious
executable file and cluster them to uncover patterns. And
without a human ever knowing what those features were, or
how or why they matched, the system can identify a pattern
that helps discover and classify new malware variants.
As the cognitive security community grows, and the viability
of new attacks is diminished, cybercrime will enter into a
new economic reality. Efforts to develop malware that
evades detection will become increasingly complex and
costly. According to the Ponemon Institute’s 2015 Cost of
Data Breach Study, 256 days is the average time it takes
organizations to detect advanced persistent threats; and
$6.5 million is the average cost of a U.S. data breach.
Cognitive security will empower security analysts with the
capabilities to find early warnings of potential attacks and
significantly speed detection. Cybercriminals will find the
payoffs to be harder and harder to achieve.
Cognitive computing is driving transformational change by
harnessing not just data, but meaning, knowledge, process
flows and progression of activity at a lightning-fast speed
and scope. For organizations that embrace cognitive
capabilities, the competitive advantage will be significant
and far-reaching.
The future: reversing cybercrime
economics
Integration and expertise for a cognitive
ecosystem
Integration and expertise are paramount to doing security
right. Too many security practices are built on a collection
of point products that are not integrated, and don’t provide
the visibility and actionable intelligence you need to quickly
respond.
It’s not complete integration until your domain
capabilities can interact and communicate with one
another across your hybrid IT environment, extending
beyond your company walls across your entire ecosystem.
The right integration can help you get the visibility you need
to respond swiftly to security incidents when they occur.
Integration allows you to do more with less, which is a
fundamental way to address the security skills gap.
New threats are discovered every day, which means
security expertise and threat intelligence sharing are
essential. If you don’t have top-grade expertise feeding
into a set of solutions and cognition, you’re going to get
behind quickly. IBM X-Force Exchange currently catalogs
information on more than 88,000 vulnerabilities, more than
25 billion web pages and data from 100 million endpoints—
enabling real-time and global coverage of expertise that’s
immediately actionable.
10. IBM Security 10
3 steps to take now
For more
information
Please contact your IBM representative or IBM Business
Partner, or visit ibm.biz/cognitivesec
How IBM can help
The cognitive journey is just beginning, but IBM has the
intellectual and financial strength to lead this revolution
within security. More than 7,500 IBM Security professionals,
in 36 security centers worldwide, monitor 133 countries
and 35 billion events every day. IBM’s investment in
cognitive technologies spans decades and has seen great
progression in the last five years—the ability to process
natural language, the ability to process voice and images,
and the ability to turn unstructured data into tools like
knowledge graphs that are easily queriable. IBM will
embrace cognitive, to continually enhance security use
cases and bring that information back to security analysts.
IBM Security has cognitive capabilities available in
solutions today. Machine learning is used to help increase
the detection accuracy of vulnerabilities, and prioritize
those vulnerabilities so you can respond much faster.
Behavioral learning is used to proactively anticipate and
find anomalies around threats that are happening in the
network.
IBM Security offers end-to-end protection and an
immune system approach that spans deep analytics,
identity and access, advanced fraud, data, application,
network, endpoint, cloud, mobile and research. Each of
these platforms is going to benefit from IBM’s cognitive
capabilities. If you’re interested in the benefits of cognitive
security, think about adopting IBM’s platforms, which will
be innovated and infused with cognitive technologies.
Learn more about tapping
cognitive capabilities to
outthink threats.
Develop a roadmap to increased
security maturity to get ready
for cognitive.
Drive integration in your
security infrastructure.