Cybersecurity analytics tools are essential for organizations to protect against cyber attacks and breaches. Cybersecurity is a critical concern for organizations of all sizes and industries, as the frequency and severity of cyber attacks continue to increase. One key aspect of a comprehensive cybersecurity strategy is the use of analytics tools to identify and respond to potential threats in real-time.

What are cybersecurity analytics tools?

Cybersecurity analytics tools are designed to collect, process and analyze vast amounts of data from various sources, such as network logs, endpoint data, and security events. By providing actionable insights and intelligence, these tools can help organizations detect and respond to cyber threats more quickly and effectively, minimizing the potential impact on their operations and reputation. The use of cybersecurity analytics tools is essential for any organization looking to protect its sensitive data, intellectual property, and customers’ personal information.

Top 5 cybersecurity analytics tools

These tools analyze large amounts of data to identify potential threats and provide insights for proactive security measures. Below, you will find a curated selection of tools that have been carefully evaluated to align with the specific needs of your organization.

SecPod SanerNow

• A great choice for small to large businesses.

The SanerNow cyberhygiene platform offers a comprehensive vulnerability management solution to continuously monitor and improve an organization’s security posture. It combines vulnerability assessment and instant remediation into a unified console. It scans for vulnerabilities, misconfigurations and other security risks and provide an automated method to fix them instantly. The platform is designed to automate every step of vulnerability management to help organizations prevent cyber attacks.

Key features:

• It uses an intelligent and lightweight multi-functional agent that can perform all tasks.
• It evaluates risk potential, high-fidelity attacks and more to efficiently prioritize vulnerabilities for easy remediation.
• It has an integrated patching feature that enables quick remediation of vulnerabilities in IT assets.
• With additional remediation controls beyond patching, it becomes easier to mitigate security risks.
• The platform can be accessed from a single cloud-based console, which allows organizations to efficiently manage vulnerabilities and other security risks.
• It can perform real-time vulnerability management from scanning to remediation.

Acunetix

• A great choice for small businesses, enterprise customers, pentesters, and web professionals.

Acunetix is the solution to secure your websites, web applications, and APIs. This application security testing solution can find over 7K vulnerabilities and scan all pages, web apps, and complex web applications.

It has built-in vulnerability management functionality. On-premise and on-demand deployment options are available with Acunetix.

Key features:

• Acunetix utilizes advanced macro recording technology that enables it to scan complex multi-level forms and password-protected areas of a website.
• It also evaluates the severity of identified issues and provides actionable insights in real-time.
• Additionally, it has the capability to schedule and prioritize full scans and incremental scans to ensure that all areas of the website are thoroughly checked.

Perimeter 81

• A great choice for small to large businesses

Perimeter 81 is a software that caught our attention immediately due to its advanced network security features. It provides users with a wide range of cybersecurity tools to help strengthen an organization’s defenses against various types of threats. With features such as device posture check, web filtering, Zero Trust Network access, and multi-factor authentication, the software simplifies the process of managing and securing the integrity of a network.

Key features:

• Protect network traffic across all environments using a firewall as a service.
• Obtain multi-layered security through encryption, two-factor authentication, and Single Sign-On.
• Benefit from a unified management plan for monitoring and managing your network.
• Prevent connections from unknown Wi-Fi networks with Automatic Wi-Fi Protection.

Vipre

• A great choice for those who demand protection against evolving threats.

Vipre provides cybersecurity solutions for both personal and professional use. It guards against computer viruses, ransomware, and identity theft. Its business protection package includes comprehensive email and endpoint security and privacy as well as real-time threat intelligence, providing multiple layers of protection for your business and partners. The software supports both Windows and Mac platforms.

Key features:

• Vipre offers easy-to-use solutions to safeguard your business from online threats and data risks.
• It offers comprehensive packages and flexible pricing options.
• It utilizes AI technology to deliver unparalleled protection.
• It provides a fully integrated solution that is simple to implement and manage.
• Vipre also has email encryption capabilities included.

Malwarebytes

• A great choice for personal users

Malwarebytes provides cybersecurity solutions for both personal and professional use. It can guard against malware, ransomware, malicious websites, and other advanced online threats that traditional antivirus software may not detect. It is compatible with Windows, Mac, Android, iOS, and Chromebook devices. For businesses, it offers a range of products and services such as endpoint security and incident response, catering to industries such as education, finance, and healthcare.

Key features:

• Malwarebytes uses anomaly detection, behavior matching, and application hardening techniques to protect against malware.
• It can effectively clean up infected devices.
• It provides protection against attack vectors on various devices including Windows, Mac, and Android.
• It offers multi-layered protection with endpoint detection and response for Windows.
• It can detect and prevent threats in real-time.

Cybersecurity analytics certification

A cybersecurity analytics certification is a professional certification that attests to an individual’s knowledge and skills in using analytics tools and techniques to identify and mitigate cybersecurity threats. The certification usually requires passing an exam that tests an individual’s understanding of the various cybersecurity analytics tools and techniques, as well as their ability to apply them in real-world scenarios.

Obtaining a cybersecurity analytics certification can demonstrate an individual’s expertise and commitment to the field, and can help them stand out in the job market. It can also help organizations ensure that their cybersecurity team members have the necessary skills and knowledge to effectively protect their networks and data.

Some examples of cybersecurity analytics certifications include:

• Certified Cybersecurity Analytics Professional (CCAP)
• Certified Cyber Threat Intelligence Analyst (CCTIA)
• Certified Threat Intelligence Analyst (CTIA)
• GIAC Cyber Threat Intelligence (GCTI)

The requirements to obtain a certification and the level of difficulty of the exam may vary depending on the certifying organization. Some certifications may require prior experience in the field or a certain level of education, while others may be open to anyone interested in cybersecurity. The certification exams may also include multiple choice questions, simulation-based questions and practical test. And the certification may require to renew after a certain period of time to maintain the validity.

Is your business safe? You can find the answer with a cyber risk assessment

Keep in mind that cybersecurity analytics certifications are just one aspect of building a strong cybersecurity team, it’s important for organizations to also focus on other aspects such as employee training, incident response planning, and regular security assessments. Moreover, these certificates will also show your knowledge on different aspects of cybersecurity approaches, including the principle of least privilege (POLP).

Types of cybersecurity analytics tools

There are various types of cybersecurity analytics tools available in the market, each providing different functionalities to help organizations detect and prioritize potential threats, create response plans, analyze adversarial behavior, and iterate against potential attacks. Some examples of these tools include:

• Behavioral analytics: These tools analyze patterns and behavioral trends of users, applications, and devices to identify abnormal behavior or detect anomalies that may indicate a security breach or attack.
• External threat intelligence: External threat intelligence services are provided by security firms to supplement the analytical process.
• Forensics: Forensic tools are used to investigate past or ongoing attacks, determine how attackers infiltrated and compromised systems, and identify cyberthreats and security vulnerabilities that could leave an organization susceptible to future attacks.
• Network analysis and visibility (NAV): NAV is a collection of tools that analyze end-user and application traffic as it flows across the network.
• Security information and event management (SIEM): SIEM tools provide real-time analysis of security alerts generated by network devices and applications.
• Security orchestration, automation, and response (SOAR): SOAR tools act as a hub that ties together data gathering capabilities, analysis, and threat response.

The hardware, software, or virtual appliances that organizations choose must complement and integrate with their current infrastructure. Advanced persistent attacks, for example, are a specialty of some security analytics providers. Other suppliers focus on niche industries like healthcare or finance, where regulatory compliance auditing infractions may be a problem.

Businesses must think about the deployment and feature sets they need, the dangers that they or their industry frequently face, the type of solution that best fits within their budget, and other factors before selecting the best security analytics tool.

Data analytics in cybersecurity

Data analytics plays a crucial role in cybersecurity by helping organizations to identify and respond to potential threats in real-time.

By collecting, processing, and analyzing vast amounts of data from various sources, such as network logs, endpoint data, and security events, data analytics tools can provide actionable insights and intelligence that can help organizations to;

• Detect anomalies and suspicious behavior. Data analytics tools can be used to identify patterns and behavioral trends of users, applications, and devices, and to detect abnormal behavior or anomalies that could indicate a security breach or attack.
• Prioritize threats. By analyzing data from different sources, data analytics tools can help organizations to understand the potential impact and likelihood of different threats, and to prioritize their response accordingly.
• Create response strategies. Data analytics tools can provide organizations with the information they need to understand the scope and nature of a potential threat, and to develop effective response strategies to mitigate or neutralize the threat.
• Analyze adversarial behavior. Data analytics tools can be used to study the tactics, techniques, and procedures (TTPs) used by attackers to understand their motivations, methods, and objectives.
• Iterate against potential attacks. By continuously monitoring and analyzing data, data analytics tools can help organizations to identify new or emerging threats and to adapt their defenses accordingly.

Benefits of cybersecurity analytics tools

There are several benefits of using cybersecurity analytics tools as part of an organization’s cybersecurity strategy, some of the most notable ones include:

Real-time threat detection

Cybersecurity analytics tools can provide real-time monitoring and analysis of network and endpoint data, allowing organizations to quickly identify and respond to potential threats.

Improved incident response

By providing actionable intelligence and insights, cybersecurity analytics tools can help organizations to understand the scope and nature of a potential threat, and to develop effective response strategies to mitigate or neutralize the threat.

Never lose your ID, especially in cyberspace

Better threat prioritization

By analyzing data from different sources, cybersecurity analytics tools can help organizations to understand the potential impact and likelihood of different threats, and to prioritize their response accordingly.

Increased visibility

Cybersecurity analytics tools can provide organizations with a comprehensive view of their network and endpoint data, allowing them to identify and understand potential vulnerabilities and risks.

Better compliance

Cybersecurity analytics tools can help organizations to meet regulatory requirements by providing the necessary data and reporting capabilities.

Cost-effective

Cybersecurity analytics tools can help organizations to be more efficient in managing their cybersecurity operations, reducing the need for manual processes and enabling them to identify and respond to threats more quickly and effectively.

Advanced threat hunting

Cybersecurity analytics tools can assist in finding advanced persistent threats (APTs) that have already infiltrated the network.

Continuous improvement

By providing organizations with the ability to continuously monitor and analyze data, cybersecurity analytics tools can help organizations to identify new or emerging threats and to adapt their defenses accordingly.

Use cases of data analytics in cybersecurity

Data analytics has become an essential tool for organizations looking to protect their sensitive data, intellectual property and customers’ personal information. Its ability to process, analyze and make sense of vast amounts of data from various sources, such as network logs, endpoint data and security events has proven to be a game changer in the field of cybersecurity. With the increasing frequency and severity of cyber attacks, the use of data analytics in cybersecurity has become a necessity for organizations of all sizes and industries. This has led to the emergence of various use cases where data analytics is applied to improve the detection and response of cyber threats, as well as to enhance the overall security posture of organizations. Besides, these analytics can also be used on Privileged Access Management (PAM) mechanisms to safeguard people with capabilities beyond regular users.

Intrusion detection and prevention

Data analytics tools can be used to identify and prevent potential intrusions by analyzing network and endpoint data for signs of malicious activity, such as abnormal patterns of network traffic or suspicious behavior by users or applications.

Threat hunting

Data analytics tools can assist in finding advanced persistent threats (APTs) that have already infiltrated the network by using a combination of techniques such as correlation, statistical analysis, and machine learning.

Security incident management

Data analytics tools can be used to quickly identify and respond to security incidents by analyzing data from various sources, such as network logs, endpoint data, and security events.

Compliance management

Cybersecurity analytics tools can help organizations to meet regulatory requirements by providing the necessary data and reporting capabilities.

Malware detection and analysis

Data analytics tools can be used to detect and analyze malware by analyzing network and endpoint data for signs of malicious code or behavior.

Vulnerability management

Data analytics tools can be used to identify and prioritize vulnerabilities in an organization’s IT infrastructure, allowing them to be addressed more efficiently.

User behavior analytics

Data analytics tools can be used to monitor and analyze user behavior, such as login attempts, file accesses and network traffic, to identify suspicious or anomalous activity that could indicate a security breach or attack.

Automated incident response

Data analytics tools can be used to automate incident response by providing organizations with the ability to automatically respond to security incidents and to take appropriate action.

Cybersecurity analytics expert salary

The typical salary for a cybersecurity analyst in Germany is around €89,523 per year, or an equivalent hourly wage of €43, according to Salaryexpert.com. They also tend to receive an average bonus of €3,823. These figures are based on salary survey data obtained directly from employers and anonymous employees within Germany. An entry-level cyber security analyst, who has one to three years of experience, can expect to earn an average salary of €63,023. On the other hand, a senior-level cyber security analyst with eight or more years of experience typically earns an average salary of €111,019.

The approximate total compensation for a cybersecurity analyst in the United States is $89,345 annually, with a median salary of $82,842 per year, according to Glassdoor.com. These figures are based on the median values obtained from a proprietary model that calculates total pay estimates, using data collected from users. The average additional compensation is around $6,503 per year. This additional pay could include cash bonuses, commissions, tips and profit sharing.

Final words

Protecting data is critical for organizations of all sizes and industries, as data breaches can lead to serious consequences such as financial losses, reputational damage, and legal liability. Cybersecurity analytics tools are vital for organizations because they provide the ability to detect and respond to potential threats in real-time, allowing organizations to protect their sensitive data, intellectual property, and customers’ personal information.

Your guide to assessing cybersecurity risks before they harm valuable assets

One of the main benefits of cybersecurity analytics tools is their ability to detect anomalies and suspicious behavior. By analyzing patterns and behavioral trends of users, applications, and devices, these tools can identify abnormal behavior or anomalies that could indicate a security breach or attack. This allows organizations to quickly respond to potential threats and mitigate the potential impact on their operations and reputation.

In addition, cybersecurity analytics tools provide improved incident response capabilities by providing organizations with actionable intelligence and insights. This allows organizations to understand the scope and nature of a potential threat, and to develop effective response strategies to mitigate or neutralize the threat.

Cybersecurity analytics tools also provide organizations with increased visibility by providing a comprehensive view of their network and endpoint data, allowing them to identify and understand potential vulnerabilities and risks. This helps organizations to prioritize and address these vulnerabilities, which is essential for maintaining a strong security posture.

Moreover, cybersecurity analytics tools can assist organizations in meeting regulatory requirements by providing the necessary data and reporting capabilities. This can help organizations avoid costly fines and penalties for non-compliance.

Overall, cybersecurity analytics tools are vital for organizations because they provide the ability to detect and respond to potential threats in real-time, allowing organizations to protect their sensitive data, intellectual property, and customers’ personal information. They also provide improved incident response capabilities, increased visibility, and better compliance management.

Data breaches are in the news all the time. It seems like you can’t go anywhere and swipe your credit card these days without receiving word your information may have been stolen. In typical data breaches where credit card info is stolen customers have a fair amount of protection through their banks and credit card companies. But what happens if someone steals your medical information? Businesses that deal with sensitive information have to take serious precautions to prevent data breaches, and in the event their efforts are unsuccessful the onus is on the company to pay to have the data breach cleaned up regardless of the source.

Third parties are responsible for the overwhelming majority of data breaches these days – 63%. Remember that massive Target data breach from a couple of years ago? It ended up being traced back to faulty printer software. The company that supplied the printers wasn’t responsible for the breach, however – Target was, and it cost them plenty both in dollars and in reputational damage.

So how do you prevent third parties from damaging your company’s bottom line or reputation? Always check them out to ensure they are compliant with any standards in your industry. The cost of cleaning up data breaches varies widely based on the sector, and medical records can cost as much as $355 for each record breached to clean up. The way to prevent this from happening is to ensure the company you are contracting with for business is certified compliant in HIPAA – not just that they say they are HIPAA compliant, but that they are actually certified as such.

There are various forms of certification based on each field, so no matter what sector your business is in you can find a third-party vendor who is certified to prevent data breaches and other issues. Learn more about third party data breaches and how to prevent them from this infographic.

Like this article? Subscribe to our weekly newsletter to never miss out!

Follow @DataconomyMedia

Fintech is becoming an increasingly competitive market. A KPMG analysis saw investments decline in 2016 and investors are now more cautious about betting on segments that are becoming saturated. Lending and payments are two segments that saw increased participation over the past two years.

Competitors come in all forms. We now have traditional institutions, tech giants, and startups all competing for the same market. Despite this growth, fintech is still largely considered a “Wild West.” Governments are scrambling how to come up with new laws to regulate the industry. In addition, the jury is also still out for many of the fintech pioneers as some new business models such as peer-to-peer lending have yet to be proven successful.

Companies should leverage all possible sources of competitive advantage. Business intelligence (BI) and analytics are emerging to be ideal sources. Much has still yet to be made sense of in fintech and the first companies to be able to do so will surely have a definitive advantage over the competition.

Here are 3 ways BI is changing the game for fintech.

Monitor user behavior and market trends

Fintech is still in a state of flux. Traditional institutions are aggressively trying to cope and many of the new services have yet to reach critical mass. It is in these early stages where BI is crucial for fintech efforts. BI helps track usage and market trends. Data analysis can limit uncertainty and uncover trends that could guide companies to improve their strategies early on.  What’s more, many online trading platforms are looking into sophisticated BI solutions.

Robo-advisor startups like Wealthfront and Betterment came into the scene looking to disrupt the investment segments through their easy-to-use apps. Yet, investment mainstay Charles Schwab was able to compete against these upstarts by offering their own robo-advisor service. Schwab Intelligent Portfolios now has over $10 billion in assets under management. A key part of how Charles Schwab took on the project was relying on speed and early feedback and testing in order to come up with a viable service.

In another recent development, end-to-end BI service provider CoolaData announced its integration with trading platform MetaTrader. This integration allows brokers access to enterprise-level BI and behavior analytics. Through analytics, traders can get valuable insights on what market conditions are affecting their performance.

“With Cooladata and the new MetaTrader integration, the ability to unify all trader activities and get any insight as to how market scenarios are impacting the company performance is finally here,” said Mr. Daniel Kibel, CEO of CMTrading.

Improve user experience

One of the supposed advantages of tech firms over traditional banks when it comes to fintech is the expertise in crafting superior user experience. Traditional banking isn’t exactly known to offer a pleasant experience. The convenience brought about by online and mobile apps and services is expected to be a key point of disruption in the financial services industry.

Amazon’s rise as a digital retail giant is due to its superior user experience. 1-Click or the functionality that allows customers to check out with a single click of a button is considered an innovation worth billions. This innovation was largely made possible by studying data on user behavior during the purchasing process and creating a way to trim down on the time spent checking out.

We could expect user behavior data in fintech applications and services to be gathered extensively for similar purposes. In the case of stock trading, for example, most experienced traders consider stock trading as a multi-screen activity hence their reluctance to jump on to exclusive mobile trading. Those new to trading, however, benefit from a streamlined and intuitive interface. Free stock trading app Robinhood targets the 18-24 demographic which is composed mostly of users who are starting out in stock raiding for its service. Its easy and intuitive onboarding experience has been key to its appeal and initial success.

Increase security

Another area where BI and analytics is seeing much use is in security and fraud detection. Fraud has been a major issue in ecommerce payments. A report from Radial reveals that overall fraud is up 30 percent year on year. Just this year, there has been a 200 percent increase in “testing” or when fraudsters try small purchases to check the validity of stolen credit card numbers.

Behavioral analytics plays a huge role in determining fraudulent behavior. Analytics can track and identify patterns which could reveal fraudsters’ modus operandi. This way, merchants and payment processors could put up safeguards against such attempts. The data can also be used to refine automated fraud prevention protocols to minimize instances of legitimate transactions being flagged as fraudulent. Legitimate users who encounter such issues often consider it poor user experience to be denied and can eventually become a lost customer for the business.

Other fintech segments need to be ready with such measures as well. Fintech services will be a prime target for cybercriminals due to the wealth that they are managing. The proper implementation of BI and analytics can guide prevention strategies.

Fintech companies must consider investments in BI and analytics early on. Implementing analytics across all facets of the fintech service has several benefits. Analytics could help reveal better ways to engage the market, create a superior customer experience, and safeguard the business and its clients. The insights that a business could get from its data efforts and the consequent decisions it makes based on these insights could very well determine its success in a highly competitive environment.

Like this article? Subscribe to our weekly newsletter to never miss out!

Follow @DataconomyMedia

Image: Fintech, Technology and Finance, by CafeCredit, CC BY 2.0

Kevin Mahaffey is an entrepreneur, investor and engineer with a background in cybersecurity, mobile and machine intelligence. He is CTO and Founder of Lookout, a cybersecurity company dedicated making the world more secure and trustworthy as it becomes more connected, starting with smartphones and tablets. He started building software when he was 8 years old and it has been a love affair ever since. Mahaffey is a frequent speaker on security, privacy, mobile and other topics.

Tell us a little bit about yourself and about Lookout

I am Kevin Mahaffey, I’m the founder and CTO of Lookout. We are a cyber security company focused on mobile.

I like fixing problems. The company started in 2007 and actually myself and the other two co-founders were doing research into mobile phone security and we got our hand on a Nokia 6310i, you know, black and white screen, had snake the game on it, and this phone was notable to us because it had Bluetooth on it. We found actually some pretty bad security vulnerabilities on that device. You could hack into it and reboot it. And we looked on a whole bunch of other devices and we found similar vulnerabilities in almost every phone we ever touched. And we tried to work with all the different manufacturers, everyone from Blackberry to LG to Nokia in this case and nobody really took security very seriously because the question was why would anyone wanna hack a phone? This is in 2004 mind you. And one of the other excuses was, well the range of Bluetooth is only 10 meter so you had to be really close to someone.

And so Bluesniper was created to extend the range of Bluetooth to 1.2 miles away. And in doing so we proved that you could actually hack a phone from really far away. We thought that this is maybe something we’d talk about at some technical security conference but we were surprised to be on the front page of the business section of the Wall street journal of the NY Times, so we thought “this is a big problem that we can solve”. So we said ok lets start a company to solve the problem and in 2007 we started Lookout to build software to protect both individuals and businesses from cyber threats on their mobile phone.

What makes you want to hack things?

Hacking is not like we see in the movies. The way a system does work is different than the way it was designed to work. And they surface that. Good hackers, people who want to make things better, when they find a way to manipulate a system in a way that wasn’t intended they try to get it fixed.

Where is the company’s HQ located and why?

We are based in California, San Francisco, and we have offices in Europe and Asia.  The reason we are all over the world is because this is a global problem. Mobile security doesn’t affect only one country but every person on the planet. From individuals who’re using their phones for online purchases to large companies who’re using mobiles to run their businesses to manufacturers.

We started in LA and in 2009 we moved to San Francisco because Google and Apple became big in mobile.

Are you going to stick to phones? Or you have plans for other devices, such as cars?

We don’t have any products in that space, [car security etc], I’m not sure if we will ever have a product for cars but the passion of everyone in the company is [understanding] how to make the world a safer place and sometimes that means releasing a product, sometimes it means doing and publishing research. And if there is a product that is needed, we go build it. IoT security needs to be taken very seriously. However, we are focused on mobile right now. We’re focused on one problem at the time.

Can you also hack an offline network?

Most people are focused on how to secure a network. How to stop bad things from happening. But if you think of your body, your immune system doesn’t work that way. And most networks are architected to assume you can block those things. But nowadays you can’t control what’s in your network anymore. So a lot of companies are getting breached everyday, and usually by someone inside their network, they use some valid credentials to access the data that they shouldn’t, and that’s a really big problem. So we advocate for this concept of the immune system where you gather data, preferably no personal identifiable data to know how things are working, everything from your smartphones to laptops, then you process that data and analyse it for find indicators of a threat and sometimes you can automatically respond, or sometimes you need to escalate to some smart human in a security team to think about it some more and decide what to do. But this is very different than stumbling upon a hack because they take out your internet connection for taking so much data from the company, sometimes that’s how you discover a hack.

What kind of advancements do you see happening in the future for your company and in the world?

So right now a lot of individuals use Lookout. The big course for us right now is helping large companies and governments secure their mobile devices because 3-4 years ago people could get email (if that) on their phones. Basically everything you can do on your PC most organisations started to be able to access from a smartphone or tablet. But the organisations don’t have any idea what’s going on on these devices right now. So we see a lot of demand on that. How to secure these devices. We look at a modern way to stop advanced threats that it’s not just signature based to stop attacks on mobile.

And do you see this happening in general?

Everyone is moving towards data security. Some companies are building their own software and they’re very far down on that road, other companies are just starting to get there. But it’s not the device, it’s the data. You can’t stop the device of getting hacked, you have to defend your data and you have to respond to threats and hope they never happen. Those two principles are really coming forward. Unfortunately it means a lot of organisations have to rip out some things and replace some things but I think it’ll make companies and people more secure because when companies are more secure, as an individual your data will be breached less often.

What are some key hurdles in the industry that you’re experiencing and how do you see data science applications solving this problem?

The hurdle is there’s too much data in security or not enough data. In the case of not enough data, many security organisations apply. You can ask any given system, what is the data that will show the hacker gets in. And if you don’t have data coming from that system, then you never gonna know that a the hacker gets in. Other times you have so much data that it is not very useful and you don’t know what to do with it. So you have to set the security teams that are drowning alerts. They’re so busy that they can’t focus on the really important threats. And what I have to see is machine learning emerging to actually helping with these issues.

First there are organisations stitching together the data. so instead of a bunch of isolated data streams we use the phrase joined-in and analyse it. Joined-in is where you take your source code data and mash it with your vacation data so if an engineer checks in for threat indications that’s actually something you wanna look at. But if you only look at source data you’ll never be able to make that conclusion. And analyse it means to look deeper and extract more information. And then, using machine learning to take that huge volume of information and funnel it down to a simple message which says, okay, here are the things that humans need to look at and here are the things that humans don’t need to look at and we know how to deal with it. We can automate responses, cut the device from the network etc. Ultimately humans can only make so many decisions per hour and we have more and more connected things in the world and so if we try to add those things and do the security the same way we did in the past, we’re gonna lose.

What are the possibilities and benefits of using data science in cyber security?

[Using data science] I think security teams will get more sleep, companies will be more secure, hacked less frequently, and individuals will see their data be more protected.

When did you notice that things started to take off?

When we started the company we were securing windows mobile smartphones. And projections for how many smartphone there will be in 2017 were very few. So when we went to investors they were like ‘oh yeah the smartphone market is not very big one’. And now there’s billion smartphones shipped every year and what changed was iPhone and Android launched and that made smartphones easy and fun to use and then at the same time you had 3G and now 4G networks and made the data connection very fast. And the growth of Android and iPhone helped business to grow because it turns out everyone is using smartphones personally. And more recently they started to use them more for work and we’re using things for data, for shopping and for sensitive business data that attract hackers.

So if you could tackle any technology exists today to solve a challenge which would it be?

I think there’s still a lot of misinformation around machine learning and big data systems, I think a lot of people believe that you can just apply machine learning to data and magic happens and problem solved. It’s not true. Machine learning is something that can be a good classifier can detect anomalies in some cases it’s not just machine learning it’s what we call a cyborg. It’s machines doing one thing and humans doing another and find the right handoffs approach so that they can operate together.

Like this article? Subscribe to our weekly newsletter to never miss out!

Follow @DataconomyMedia

Image: James Case, CC BY 2.0

Sunnyvale, Calif. – June 2, 2015 – Cyber security startup Niara emerged from stealth today to unveil its Security Intelligence solution, the first of its kind to combine advanced security analytics and forensics to help security teams quickly surface sophisticated cyber threats within their organization. Built on a big data architecture, the Niara Security Intelligence solution analyzes security data from disparate sources to ensure that security teams can quickly identify and respond to sophisticated, multistage attacks that regularly thwart existing monitoring and response solutions.

Enterprises increase spend on cyber security tools each year because existing solutions cannot protect against the growing number of sophisticated attacks. According to a recent report by the Ponemon Institute, it takes over three months to discover advanced threats for financial services firms, and over six months for retail organizations. These sophisticated attacks remain undetected because existing monitoring and response tools lack complete access to a network’s disparate data silos – providing inadequate visibility into an organization’s threat exposure and leaving them vulnerable to compromise.

The Niara Security Intelligence solution takes a holistic approach by integrating behavioral analytics and raw, data level analytics with deep forensics to enable compromised user discovery, identification of malicious insiders, threat hunting and incident investigation by:

• Operating on disparate data sources

  including logs, flows, packets, alerts and threat feeds to surface threats and risky behaviors that remain undetected by log-based analytics alone

• Taking an entity-centric view

  of an organization’s threats by monitoring not only users, but also devices and applications to collect and discover threat information. Combined with Niara’s ability to profile entity behaviors by threading together disparate events and surfacing them as a multistage attack, teams have a complete view of an organization’s risk posture

• Providing one-click access to a comprehensive forensic trail

  and analytics in the same solution to simplify and accelerate threat discovery and incident investigation

• Leveraging existing data stores

  without the need to recreate or duplicate data

“The threat landscape is continuously evolving and enterprises need a way to discover and investigate advanced threats inside their network faster and more efficiently,” said Sriram Ramachandran, CEO of Niara. “Niara’s Security Intelligence solution is designed from the ground up to leverage analytics and forensics from disparate data sources, providing unprecedented views into an organization’s network. This fundamentally elevates their threat discovery, incident investigation and breach response capabilities, reducing risk and helping them stay out of the headlines.”

Follow @DataconomyMedia

About Niara

Niara aggregates security data from disparate sources, ensuring that security teams can identify and quickly respond to sophisticated, multistage attacks that regularly thwart legacy detection technologies. Niara’s Security Intelligence solution delivers contextually relevant security analytics by fusing data from disparate sources to discover compromised users, provide insight into malicious insiders, enable advanced threat hunting efforts, and efficiently investigate incidents. Headquartered in Sunnyvale, Calif., the company is backed by NEA, Index Ventures and Venrock, and prior to emerging from stealth, Niara announced a $20m Series B funding round led by Venrock in April 2015, bringing its total capital raised to $29.4m. For more information, visit www.niara.com.

Image Credit: kris krüg / Manufactured security / CC BY-SA 2.0

In the aftermath of the various data breaches that occurred in 2014 across enterprises, retailers and government organisations, including the much speculated hack in November of Sony Pictures, U.S. President Barack Obama called for stringent data laws to protect citizen privacy and data, while speaking at Pellissippi State College in Knoxville, Tennessee on January 9, 2015.

“Major companies get hacked. America’s personal information, including financial information, gets stolen. And the problem is growing and it costs us billions of dollars,” he said.

It is expected that the U.S. President will call for ‘new federal legislation requiring hacked private companies to report quickly the compromise of consumer data,’ reports P.C. World. The New York Times has quoted White House officials as saying that emphasis will also be laid on laws to prevent tech firms from generating revenue on data gleaned from schools.

Dubbed the Personal Data Notification and Protection Act will be discussed with the Federal Trade Commission, setting up a 30 days time frame within which hacked companies must report breach. The FTC will hold power to hold companies responsible that do not stay in line with the new laws.

Earlier last week, while the President was promulgating the new data laws, the Twitter feed of U.S. Central Command, was hacked by a miscreant claiming association with Islamic State militants, reports Reuters. The White House is investigating the hack, however, noting that the social media hack was a lesser concern as compared to database breaches.

Read more here.

Follow @DataconomyMedia

(Image credit: Charles Tsevis, via Flickr)