Author Archives: Alexa Magdalenski

NEW Keynote Added to 2017 Capital Data Summit Lineup!

January 13th, 2017 | Posted by Alexa Magdalenski in Capital Data Summit - (Comments Off)

Transp Data Summit Logo - TransparentNVTC is thrilled to share that DigitalGlobe‘s Founder, Executive Vice President and Chief Technical Officer Dr. Walter Scott is the latest 2017 Capital Data Summit keynote speaker. The Capital Data Summit will take place on February 15 at The Ritz-Carlton, Tysons Corner. Dr. Scott joins Clarabridge Executive Chairman and Co-Founder Sid Banerjee and Hewlett Packard Enterprise’s President and CEO Meg Whitman as keynote speakers.

Walter Scott v3Dr. Walter Scott manages the development of DigitalGlobe’s satellite systems, R&D and DigitalGlobe’s Platform and Services Business Units. Dr. Scott founded DigitalGlobe in 1992 and received the first high resolution commercial remote sensing license from the U.S. Government in 1993. Today, DigitalGlobe operates a 5-satellite imaging constellation with the highest resolution, best revisit and greatest capacity in the industry.

We’re adding new speakers every week! View the latest Capital Data Summit agenda here.

Keep up with all of the Capital Data Summit action on Twitter with our hashtag: #CapitalData and by following @NVTC!

Learn more about the Summit’s in our preview video!

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

VEI Recruiter Contest is Live!

January 9th, 2017 | Posted by Alexa Magdalenski in Veterans - (Comments Off)

VEI Logo SizedWin a Microsoft Surface Pro 4!

Contest runs January 9 – February 16, 2017

Calling all NVTC recruiters! NVTC’s Veterans Employment Initiative (VEI) is excited to announce its first VEI Recruiter Contest. The contest aims to promote the expanded use of NovaTechVets.org, a free NVTC Veteran talent resource created by Monster.com to connect NVTC member companies with job-seeking Veterans. The recruiter with the most Veteran resume views on NovaTechVets.org from January 9, 2017 through February 16, 2017 will win a Microsoft Surface Pro 4 tablet donated by Microsoft, an NVTC member company and VEI supporter. Resume views of Veteran candidates will be tracked by Monster.com to determine the highest number performed by a single recruiter during the six weeks. An update of the top five users will be announced each Friday during the contest starting on January 13, 2017.

Win a $25 Gift Card to Your Favorite American Restaurant Group Eatery!

All NVTC recruiters who create and use new accounts on NovaTechVets.org will be automatically entered into a weekly random drawing for a $25 gift card to Great American Restaurants. A winner will be chosen every Friday during the contest from January 9, 2017 through February 16, 2017.

Establishing a New VEI Recruiter Account is Easy!

1. Go to NovaTechVets.org.

2. Click on Employers in the upper right of the page.

3. Click on Request Account and fill out the simple application.

4. Your NVTC membership will be validated and account approved by the next business day.

Already have a VEI recruiter account? We thank you for your continued commitment to hiring Veterans! Please take a moment to share this blog post with other NVTC recruiters in your network and encourage them to establish their own account. Increasing our VEI Recruiter User Group is critical in helping Veterans connect to your career opportunities. The best thing you can to do for our Veterans and your company is to hire them! Contest Runs January 9 – February 16, 2017

Questions? Email VEI Director Steve Jordon at sjordon@nvtc.org.

Membership in NVTC is required to participate. Contest winners will be contacted by the VEI Director and announced in weekly updates to the VEI Recruiter User Group.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Video Recap: Dec. 15 Titans with Rolls-Royce North America’s Marion Blakey

January 6th, 2017 | Posted by Alexa Magdalenski in Titans - (Comments Off)

New TITANS logo RGB TransparentWeren’t able to make it to our Titans event in December with Rolls-Royce North America President and CEO Marion Blakey? We’ve got video recaps for you below!

In the videos you’ll hear about Blakey’s predictions for the upcoming presidential transition, get updates from Rolls-Royce North America’s Executive Vice President and General Counsel Thomas Dale on Rolls-Royce North America’s latest work in personal aircraft, hybrid electric powered planes, autonomous aircraft and how Rolls-Royce North America is collaborating with Microsoft to leverage the use of big data and the Internet of Things to reduce costs, improve performance and provide better value.

Marion Blakey, President and CEO, Rolls-Royce North America:

Thomas Dale, Executive Vice President and General Counsel, Rolls-Royce North America:

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

2017 Capital Data Summit: Announcing TWO New Panel Sessions!

January 5th, 2017 | Posted by Alexa Magdalenski in Capital Data Summit - (Comments Off)

Transp Data Summit Logo - TransparentPreparations are well underway for our inaugural Capital Data Summit taking place in just over a month on February 15, 2017 at The Ritz-Carlton, Tysons Corner. We’re excited to share two new panel sessions just added to the Summit lineup: Big Data Applications and Big Data Centers and Identity Management in the Age of the Internet of Things.

Big Data Applications and Big Data Centers

This session brings together leading end users of big data applications from top companies to discuss the value these applications deliver to their businesses and the requirements they generate for data centers and cloud services both in Northern Virginia and globally.

Identity Management in the Age of the Internet of Things

Panelists:
Paul Grassi, Senior Standards and Technology Advisor, NIST
Matt Hummer, Director of Analytics, Govini

Moderator:
Scott McDuff, Chief Architect, Sterling Computers

We’re adding new panels and speakers every week! Keep up with all of the Capital Data Summit action on Twitter with our hashtag: #CapitalData and by following @NVTC!

View the latest Summit agenda here.

Learn more about the Summit’s in our preview video!

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Feb. 15, 2017: Registration NOW OPEN For NVTC’s 2017 Capital Data Summit

December 21st, 2016 | Posted by Alexa Magdalenski in Capital Data Summit - (Comments Off)

Transp Data Summit Logo - TransparentJoin the region’s leading big data and analytics companies and prominent thought leaders at the 2017 Capital Data Summit on Feb. 15, 2017 at The Ritz-Carlton, Tysons Corner.

Featuring keynotes from Clarabridge’s Sid Banerjee and Hewlett Packard Enterprise’s Meg Whitman and panels including big data experts from Capital One, District of Columbia, Goldman Sachs, IBM, Revolution Growth, Virginia Tech and more, the Capital Data Summit will provide an unprecedented opportunity to accelerate and promote the region’s data innovations, connect people, companies and academic partners, and showcase the region’s technology assets.

See the full Capital Data Summit agenda here.

Learn more about the Summit’s in our new preview video!

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

insperity-ogThis week’s NVTC member guest blog post is by Kelly Yates, vice president of Service Operations at Insperity. Yates shares five key priorities outlined in the Equal Employment Opportunity Commission’s (EEOC) recently-released Strategic Enforcement Plan.

The Equal Employment Opportunity Commission (EEOC) recently released its Strategic Enforcement Plan through the year 2021, which outlines its priorities for the coming years.

In this plan, one of the areas of focus is a grouping the agency refers to as “emerging and developing workplace issues” – an ever-evolving subject, which can be challenging to navigate. From qualification standards and inflexible leave to discriminatory practices, typically, these complaints parallel societal issues that are also gaining a bigger spotlight in the media.

Here are five areas employers should watch carefully as they start their new year:

1. Discrimination against those with disabilities

The EEOC continues to broaden its definition of what constitutes a disability. Under the EEOC’s new plan, the agency is narrowing its focus to give priority to the areas of job qualification standards and inflexible leave policies to better protect disabled employees.

Qualification standards

A qualification standard is how the employer defines who is qualified to be hired for a particular job. This means that job descriptions could fall under scrutiny if there are unnecessary physical qualifications placed on applicants.

For example, if your job description says that applicants must be able to lift 20 pounds, but there is an accommodation that could be provided where lifting wouldn’t be required, it may not be reasonable to use this as a qualifier when making hiring decisions.

Inflexible leave policies

There is no clear cut definition of whether a leave policy is flexible or inflexible. But typically, any policy that takes a definitive stance on the time limitations of a leave will be labeled as inflexible by the EEOC.

For example, an inflexible policy might state: “You must be 100 percent healed to return to work when a 12-week FMLA leave ends, or you will be terminated.”

Leave policies require careful attention to the language used to ensure that they cannot be interpreted as inflexible and have a one-size-fits-all approach. And, these situations require an interactive dialogue between employers and employees to understand what return-to-work accommodations may need to be made, such as granting additional time off work or the ability to telecommute for a specified time period.

Even a policy that says that employees aren’t allowed to work remotely could be deemed as inflexible, if, based on their disabilities and the nature of their job duties, it would be a reasonable accommodation to allow them to work from home.

This is one of the biggest risk areas for employers. It’s one of the most challenging to work through because there is not a definitive manual on the topic. Each situation has to be handled individually and based upon its own merits – not based upon how the last case was treated.

2. Accommodating pregnancy-related limitations

Gender equality in the workplace has been in the spotlight in recent years. One area that the EEOC has weighed in on heavily has been removing pregnancy as a barrier for equal treatment in the workplace.

Employers are advised to treat pregnant employees as they would treat any other employee who has any other temporary medical condition. Consider all accommodation requests by engaging in an interactive dialogue with the employee and make necessary job modifications as specified by the employee’s medical provider.

For example, accommodations may include altered breaks and work schedules (e.g., breaks to rest or use the restroom), permission to sit or stand, ergonomic office furniture, shift changes, elimination of marginal job functions and permission to work from home for a specified time period.

If a woman isn’t able to work during her pregnancy, she may be eligible for time off not only under FMLA, but also under the Americans with Disabilities Act (ADA). Pregnancy complications may be covered under the ADA as a temporary disability.

These types of accommodations help to keep barriers neutralized so that women can continue to progress in their careers while pregnant. And, these accommodations can also help ward off potential discrimination claims.

3. Protecting LGBT from discrimination based on sex

If you look up the Civil Rights Act of 1964, you won’t see LGBT as a category of protection. But the agency’s recent interpretation has been that it falls into the broad category of discrimination based on sex.

To avoid EEOC discrimination charges, you must treat LGBT employees as you would all other employees. If employees come to you with complaints, make sure to treat the complaint seriously, and ensure that a prompt and thorough investigation is undertaken.

Share the outcome of the investigation with the employee, and discuss resolution options. Then, be sure to follow up with the employee regularly after the issue is resolved to ensure that no new concerns have arisen. This also conveys to your employee that you have an open door to ongoing communication.

Work toward making sure that your workplace is a comfortable environment for all employees.

4. Clarifying the employment relationship and workplace rights

Temporary workers, staffing agencies, independent contractors and the on-demand economy are all changing the dynamic of the employer/employee relationship.

For example, let’s say you hire five temporary workers from a staffing agency. The agency pays these employees so they aren’t your “employees of record” for purposes of your payroll taxes, etc. However, because these workers are conducting work on your premises and for your business, including engaging with your employees, as an employer, you may be deemed to be controlling the “terms and conditions of the employees” work environments. Therefore, you must ensure that these workers are treated in compliance with EEO laws, just as you would for all employees.

Say, for instance, one of your employees or managers harasses a temporary agency worker. The temporary worker could file an EEOC claim against your business, even though you’re not his or her employer of record. And, if the agency deems that the worker’s complaint has merit, you could be liable to make financial settlements to resolve the complaint.

Just because workers aren’t on your payroll as full-time, permanent employees, it doesn’t mean you are absolved of responsibility for ensuring that they are treated fairly under the law.

5. Addressing discriminatory practices against Muslims

In the midst of global terrorist attacks, the EEOC believes there may be an increase in discriminatory actions against people who are Muslim, Sikh, or of Arab, Middle Eastern or South Asian descent (or those perceived to be a part of those groups).

In an effort to get out in front of this, the EEOC is giving priority consideration to these cases.

First and foremost, hiring managers must understand that national origin or religion should never be used as a factor in any hiring or employment decision.

You may think that everything is fine because you aren’t hearing any complaints or concerns from employees. But often, employees are hesitant to file complaints because they think doing so will jeopardize their jobs. In these cases, they may wait to bring forward a concern until it has escalated to a point where they have already decided to involve an outside agency or attorney.

Your managers should take extra steps to vocalize and demonstrate their commitment to the company’s open door policy so that employees aren’t afraid to come to them with their concerns.

Also, ensuring that you regularly conduct discrimination and harassment prevention training for all employees and that you have clear policies with a zero-tolerance for discrimination and harassment in-place are important preventative steps for employers to take.

Understand the risks and move forward thoughtfully

While the EEOC provides information for employers on their website, employers are often confused as to how each law and regulation should be interpreted and applied to their specific workplace. As you navigate through issues in these areas, it is advisable to work closely with HR experts, legal counsel or a professional employer organization (PEO), who are well-versed and experienced at preventing and resolving workplace complaints.

Keep in mind that if an EEOC charge is filed and the agency begins an investigation of your company, it could quickly become a huge disruption to your employees and to your business overall.

Here are a few possible outcomes:

  • On average, it takes at least a year for a charge to be resolved.
  • There can be disruptions if EEOC investigators come on-site to interview employees and review your company’s documents.
  • The EEOC doesn’t have to notify your business when it contacts your employees or former employees for interviews.
  • The investigation can impact the morale and productivity of your workforce.
  • There are huge monetary impacts for having to defend against and resolve the complaint.
  • A “cause finding” by the EEOC can become a matter of public record, which impacts your reputation and credibility as an employer.
  • If the EEOC finds cause for a complaint, typically, your business will have to routinely provide reports to the agency and comply with ongoing requirements, such as employee training – usually for three to five years.
  • If the EEOC finds cause for a complaint, you may be required to post notices throughout the workplace to inform employees that your company was found to have engaged in a discriminatory practice.

If your business is charged in one of the areas from the strategic enforcement plan, it’s important to take it seriously and respond appropriately. Consider consulting with an HR expert or employment counsel on how to proceed.

Learn more about how to protect your business by downloading Insperity’s complimentary e-book, Employment Law: Are You Putting Your Business at Risk?

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week’s guest blog post is by Norm Snyder, partner at Aronson, LLC. Snyder is also chair of NVTC’s Small Business and Entrepreneur Committee. Snyder shares highlights and lessons learned from the Committee’s All Star Seed/Early Stage Investor Panel that took place on Nov. 15.

aronson-llc1 v2Can seed, early stage and angel investment capital be found in the D.C. metro area? This question and others were discussed by NVTC’s Small Business and Entrepreneur Committee’s engaging All Star Seed/Early Stage Investor Panel on Nov. 15, with some of the area’s most active early stage investors.

Moderated by Aronson Partner Norm Snyder, the panelists included Ed Barrientos, “super-angel” investor and entrepreneur CEO of Brazen, Steve Graubart, CFO of 1776, John May, founding partner of New Dominion Angels, Liz Sara, angel investor and entrepreneur and chair of the Dingman Center, and Tom Weithman, managing director of CIT GAP Funds and CIO of Mach37.

During the event, panelists discussed their recent experiences, desired investee profiles and offered practical advice to an audience of start-up entrepreneurs engaged in navigating the challenging early stage investment world. While the general consensus is that early stage capital is available in the D.C. metro area, it takes persistence and hard work for entrepreneurs to successfully attract sufficient investment from the right investors.

According to Weithman, over 100 companies have been funded in Virginia by CIT with a focus on tech, fin-tech, cyber and life sciences. However, he stated there is a dearth of seed funds generally available for cyber. Sara stated that approximately 15 deals were funded in the last year by her Dingman Angel group. Barrientos has made significant angel investments in a number of companies and has raised venture capital funds for Brazen. May stated that almost every deal that should be funded is funded, but it is rare for one angel to fund the entire deal. Graubart said 1776 has made 30 investments to-date with a focus on regulated industries such as ed-tech, health IT, fintech, smart cities and transportation.

So how does an investor stand out in the crowd of early stage companies?

Panelists offered a range of suggestions. Research potential investors – plenty of information is available to find out what they are interested in. Don’t waste your time and theirs chasing investors not interested in your company’s profile. For early stage, investors are betting first on the entrepreneur and their team and not on a single idea or concept, which is likely to evolve several times before it goes to market. Put together a passionate team with strong domain experience and the ability to sell themselves to attract investors, customers and future team members. Remember, the team should include an experienced advisory board with strengths and experiences that compliment and extend the abilities of the entrepreneurs. Put together well thought out and concise pitches and applications.

Be persistent – get in front of groups of investors. Warm referrals tend to get looked at first, so use your advisors to help you get noticed and invest time building relationships. Be able to demonstrate market acceptance and traction. Be coachable; you may be the “master” of your technology, but each successful start-up faces different challenges and there’s a lot to learn. Early stage entrepreneurs shouldn’t focus on trying to get the “highest” valuation – high valuations can scare away very qualified investors and may lead to future disastrous down rounds. Convertible debt, instead of preferred stock, can help take the focus off the subjective valuation issue for early stage companies.

Most importantly, the closing advice to attendees: be passionate and persistent and make sure you enjoy what you do!

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Here on the NVTC blog, we continue to share content from our inaugural Capital Cybersecurity Summit that took place on Nov. 2-3, 2016 at The Ritz-Carlton, Tysons Corner.

1021Capital Cybersecurity Summit Logo 3The 2016 Capital Cybersecurity Summit was highlighted by its keynote speakers:  Northrop Grumman Corporate Vice President and Northrop Grumman Mission Systems President Kathy Warden and RSA President Amit Yoran.

In her keynote, Warden discussed the evolution of cybersecurity as the “Fifth Domain,” a fundamental element, permeating all aspects of our daily lives. She stressed the critical need to fill cybersecurity positions in Virginia and the opportunities for public, private and academic sectors to partner together to find creative solutions to address these hiring shortages. View the full video of Warden’s remarks here:

Yoran reinforced the evolution of cybersecurity in his keynote and, like Warden, referenced the expansion of the cyber threat area into business and our daily lives. He stressed the need to develop new flexible, perimeter-less cybersecurity to meet growing threats from mobile and IoT expansion. Yoran explained that the Greater Washington region, with its unmatched research and expertise, is equipped to meet these new cyber demands. In fact, according to Yoran, the region has the potential to be “Security Valley.” View Yoran’s keynote here:

 

Lights…camera…Cybersecurity Summit! View the Summit’s photo gallery here.

What are you doing on February 15, 2017? NVTC is hosting its first-ever Capital Data Summit in Tysons Corner! Learn more!

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Here on the NVTC blog, we continue to share content from our inaugural Capital Cybersecurity Summit that took place on Nov. 2-3, 2016 at The Ritz-Carlton, Tysons Corner.

1021Capital Cybersecurity Summit Logo 3Did you catch the Capital Cybersecurity Summit’s opening panel, Collaborating for Cyber Success? Panel participants included Invincea CEO Anup Ghosh, Forcepoint Chief Strategy Officer and President, Federal Division, Ed Hammersla and Tenable Network Security COO and Co-Founder Jack Huffard. Blue Delta Capital Partners Co-Founder Mark Frantz moderated.

The panel highlighted the exponentially beneficial cross-flow between government and commercial cybersecurity and discussed the Greater Washington region’s deep and diverse digital security assets – cutting-edge cyber products, pre-eminent talent and rich intellectual capital – that can be applied in the public and private sectors alike.

One of the reoccurring themes discussed is the need for a public relations paradigm shift when it comes to cybersecurity in the Greater Washington region. Area companies must not only promote their federal clients and solutions, but they must also promote the problems they are solving across all other sectors – and across the globe. The speakers agreed the region’s best cyber asset is the unmatched talent and companies must continuously promote and engage this talent to keep them in Greater Washington.

Panelists also discussed the historical 2016 elections and their cybersecurity implications. In every sector cyber threats are permeating all aspects of business and panelists agreed the future judicial implications of cybersecurity will be huge. After all, according to the panelists, cyber risk is business risk.

Why is now the best time to launch a cyber startup in the Greater Washington region? Check out full video coverage of the panel to find out why:

Read Christian Science Monitor’s Passcode coverage of the panel here.

Lights…camera…Cybersecurity Summit! View the Summit’s photo gallery here.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Transforming Security Operations through Machine Learning

December 5th, 2016 | Posted by Alexa Magdalenski in AI | Guest Blogs | Member Blog Posts - (Comments Off)

Our latest NVTC member guest blog post is by ePlus Chief Security Strategist Tom Bowers. Bowers discusses the latest advancements in machine learning and its impact on cybersecurity.

eplusAccording to a Ponemon Institute study released in March, 63% of survey respondents said their companies had been hit by “advanced (cyber) attacks” within the last year. Only 39% felt their company was highly effective at detecting cyber attacks. And worse, only 30% considered their organizations highly effective at preventing them.

A few weeks ago, I moderated a panel discussion at the ePlus/EC-Council Foundation CISO Security Symposium in National Harbor, Md. Our purpose was to gather together leading security experts to get their insights on the latest security threats and to discuss ideas and strategies. CISOs from many different industries were there. And as you might imagine, given the importance of cybersecurity today, the event was well-attended.

During the session, we covered various pressing topics in the realm of cybersecurity. But the most intriguing “future-looking” trend we discussed was machine learning.

That’s not a surprise because machine learning is a hot topic in tech circles. But it’s more than just the latest buzzword in the industry, and vendors are responding accordingly. In March, Hewlett Packard Enterprise (HPE) announced the availability of HPE Haven OnDemand, their cloud platform “machine-learning-as-service” offering. In October, IBM, whose Watson system is known as a leader in artificial intelligence (AI), changed the name of their predictive analytics service to “IBM Watson Machine Learning” to emphasize their direction “to provide deeper and more sophisticated self-learning capabilities as well as enhanced model management and deployment functionality within the service.”

Simply speaking, machine learning refers to the ability of computers to, in effect, “learn and grow in knowledge” based on past experience. Machine learning begins with a base set of teaching material and through subsequent experiences (i.e. the processing of more and more data sets and responses), the machine learning algorithm adds to the base material—it’s body of knowledge, so to speak—and the program becomes more intelligent. As a result, machine learning programs are able to answer questions and to make predictions with increasing accuracy.

What are the implications for security operations?

Machine learning has made tremendous strides in the last few years. From self-driving vehicles to medical research to marketing personalization to data security, machine learning algorithms are being used to churn through huge stores of data to identify patterns and anomalies, enabling data-driven decisions and automation. And that capability continues to mature and extend into the area of cybersecurity.

For years, those of us in IT security have worked tirelessly to increase the maturity of security operations in our companies. We’ve strived—in the face of increasing complexity and rising threats—to advance our information security capabilities beyond simple “detect and respond” reactive methods to risk-based “anticipate and prevent” proactive approaches. Machine learning is playing a role in that mission today and will play an even larger part in the years to come.

As more security vendors incorporate machine learning engines into their solutions, security operations will change. For example, log scanning—a tedious, labor-intensive effort—will become automated. Instead of a security analyst scrolling SIEM output, scrutinizing correlated events and analyzing their meaning, machine learning engines will parse huge log files, identify anomalies, and make decisions in near real-time.

In addition, machine learning engines will identify trends, threats, and incidents much faster. Instead of waiting on a security analyst to conclude their analysis, machine learning engines will parse reams of security data collected from enterprise machines, such as servers, smartphones, tablets, network devices, applications, and others. Through big data analytics and machine learning, this machine data will be searched and analyzed to gain insight into what is happening inside corporate networks, enabling trends to be exposed and incidents to be identified much faster than they are today.

But more importantly, machine learning engines will be able to “hunt” for exploits. By combining input from learned behaviors, known indicators of compromise (IOCs), and external threat intelligence feeds, machine learning engines will be able to predict malicious events with a high degree of accuracy, preventing major incidents before they materialize or become widespread problems. And we are seeing examples of this capability today. For instance, the cyber solution Endgame operates at the microprocessor level, analyzing pre-fetch instruction cache searching for zero-day exploits so they can be detected and eliminated long before an incident occurs.

Not to be overlooked is the ability of machine learning to enable automated responses. Machine learning engines not only can detect malicious behavior faster, based on IOCs and “experience,” but also can take action to eliminate the threat early in the kill chain without requiring human involvement. This enables incidents to be avoided proactively and lessens the workload on short-handed staff.

The benefits of machine learning are clear and compelling. But many security professionals are asking, “Is the technology really ready?” There are valid concerns, such as the validity of data from external threat intelligence feeds into machine learning engines and the potential for machine learning algorithms to be attacked and fed false models, but work continues by vendors and academia alike to sort out those questions. In fact, Georgia Institute of Technology just launched a new research project to study the security of machine learning systems.

Like most technology, machine learning will continue to evolve. But if expectations prove out, machine learning will transform how CISOs manage security operations within the next three years.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS