Here on the NVTC blog, we continue to share content from our inaugural Capital Cybersecurity Summit that took place on Nov. 2-3, 2016 at The Ritz-Carlton, Tysons Corner.

1021Capital Cybersecurity Summit Logo 3Did you catch the Capital Cybersecurity Summit’s opening panel, Collaborating for Cyber Success? Panel participants included Invincea CEO Anup Ghosh, Forcepoint Chief Strategy Officer and President, Federal Division, Ed Hammersla and Tenable Network Security COO and Co-Founder Jack Huffard. Blue Delta Capital Partners Co-Founder Mark Frantz moderated.

The panel highlighted the exponentially beneficial cross-flow between government and commercial cybersecurity and discussed the Greater Washington region’s deep and diverse digital security assets – cutting-edge cyber products, pre-eminent talent and rich intellectual capital – that can be applied in the public and private sectors alike.

One of the reoccurring themes discussed is the need for a public relations paradigm shift when it comes to cybersecurity in the Greater Washington region. Area companies must not only promote their federal clients and solutions, but they must also promote the problems they are solving across all other sectors – and across the globe. The speakers agreed the region’s best cyber asset is the unmatched talent and companies must continuously promote and engage this talent to keep them in Greater Washington.

Panelists also discussed the historical 2016 elections and their cybersecurity implications. In every sector cyber threats are permeating all aspects of business and panelists agreed the future judicial implications of cybersecurity will be huge. After all, according to the panelists, cyber risk is business risk.

Why is now the best time to launch a cyber startup in the Greater Washington region? Check out full video coverage of the panel to find out why:

Read Christian Science Monitor’s Passcode coverage of the panel here.

Lights…camera…Cybersecurity Summit! View the Summit’s photo gallery here.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Our latest NVTC member guest blog post is by ePlus Chief Security Strategist Tom Bowers. Bowers discusses the latest advancements in machine learning and its impact on cybersecurity.

eplusAccording to a Ponemon Institute study released in March, 63% of survey respondents said their companies had been hit by “advanced (cyber) attacks” within the last year. Only 39% felt their company was highly effective at detecting cyber attacks. And worse, only 30% considered their organizations highly effective at preventing them.

A few weeks ago, I moderated a panel discussion at the ePlus/EC-Council Foundation CISO Security Symposium in National Harbor, Md. Our purpose was to gather together leading security experts to get their insights on the latest security threats and to discuss ideas and strategies. CISOs from many different industries were there. And as you might imagine, given the importance of cybersecurity today, the event was well-attended.

During the session, we covered various pressing topics in the realm of cybersecurity. But the most intriguing “future-looking” trend we discussed was machine learning.

That’s not a surprise because machine learning is a hot topic in tech circles. But it’s more than just the latest buzzword in the industry, and vendors are responding accordingly. In March, Hewlett Packard Enterprise (HPE) announced the availability of HPE Haven OnDemand, their cloud platform “machine-learning-as-service” offering. In October, IBM, whose Watson system is known as a leader in artificial intelligence (AI), changed the name of their predictive analytics service to “IBM Watson Machine Learning” to emphasize their direction “to provide deeper and more sophisticated self-learning capabilities as well as enhanced model management and deployment functionality within the service.”

Simply speaking, machine learning refers to the ability of computers to, in effect, “learn and grow in knowledge” based on past experience. Machine learning begins with a base set of teaching material and through subsequent experiences (i.e. the processing of more and more data sets and responses), the machine learning algorithm adds to the base material—it’s body of knowledge, so to speak—and the program becomes more intelligent. As a result, machine learning programs are able to answer questions and to make predictions with increasing accuracy.

What are the implications for security operations?

Machine learning has made tremendous strides in the last few years. From self-driving vehicles to medical research to marketing personalization to data security, machine learning algorithms are being used to churn through huge stores of data to identify patterns and anomalies, enabling data-driven decisions and automation. And that capability continues to mature and extend into the area of cybersecurity.

For years, those of us in IT security have worked tirelessly to increase the maturity of security operations in our companies. We’ve strived—in the face of increasing complexity and rising threats—to advance our information security capabilities beyond simple “detect and respond” reactive methods to risk-based “anticipate and prevent” proactive approaches. Machine learning is playing a role in that mission today and will play an even larger part in the years to come.

As more security vendors incorporate machine learning engines into their solutions, security operations will change. For example, log scanning—a tedious, labor-intensive effort—will become automated. Instead of a security analyst scrolling SIEM output, scrutinizing correlated events and analyzing their meaning, machine learning engines will parse huge log files, identify anomalies, and make decisions in near real-time.

In addition, machine learning engines will identify trends, threats, and incidents much faster. Instead of waiting on a security analyst to conclude their analysis, machine learning engines will parse reams of security data collected from enterprise machines, such as servers, smartphones, tablets, network devices, applications, and others. Through big data analytics and machine learning, this machine data will be searched and analyzed to gain insight into what is happening inside corporate networks, enabling trends to be exposed and incidents to be identified much faster than they are today.

But more importantly, machine learning engines will be able to “hunt” for exploits. By combining input from learned behaviors, known indicators of compromise (IOCs), and external threat intelligence feeds, machine learning engines will be able to predict malicious events with a high degree of accuracy, preventing major incidents before they materialize or become widespread problems. And we are seeing examples of this capability today. For instance, the cyber solution Endgame operates at the microprocessor level, analyzing pre-fetch instruction cache searching for zero-day exploits so they can be detected and eliminated long before an incident occurs.

Not to be overlooked is the ability of machine learning to enable automated responses. Machine learning engines not only can detect malicious behavior faster, based on IOCs and “experience,” but also can take action to eliminate the threat early in the kill chain without requiring human involvement. This enables incidents to be avoided proactively and lessens the workload on short-handed staff.

The benefits of machine learning are clear and compelling. But many security professionals are asking, “Is the technology really ready?” There are valid concerns, such as the validity of data from external threat intelligence feeds into machine learning engines and the potential for machine learning algorithms to be attacked and fed false models, but work continues by vendors and academia alike to sort out those questions. In fact, Georgia Institute of Technology just launched a new research project to study the security of machine learning systems.

Like most technology, machine learning will continue to evolve. But if expectations prove out, machine learning will transform how CISOs manage security operations within the next three years.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS