AI-Driven Cyber Attacks

  • TYPE: Combined Session DATE: Tuesday, October 08, 2019 TIME: 14:15-15:15
Track

Sessions:

SOC analysts are under siege to keep pace with the ever-changing threat landscape. The analysts are overworked, burnout and bombarded with the sheer number of alerts that they must carefully investigate. This intense workload can be a true testament against anyone’s patience. We need to empower our SOC analysts to overcome this monotonous work that is leading to career burnout.

Our industry is struggling to keep up and is alternatively promoting silver bullets and panaceas to catch zero days, defend against APT and use AI to detect attacks better and faster. Instead of detecting or preventing better and faster, we should be looking inwardly at our SOCs to be better serve our human analysts.

Security departments should be seeking data-driven approaches for more efficient evaluations on operations. Approaches like data science and algorithms to statistically evaluate the operations within a SOC will help.

Big data is becoming a big problem for SOCs. But instead of it being a problem, it should be a solution. Analyst’s laborious investigations already include a variety of data points, logs, analyst’s notes, escalations, and conclusion tags. Combining these data points or independent variables can feed a ML algorithm against a dependent variable or conclusion tags to build an evaluation score against sensors and detection rules.

With proper labeling and data wrangling, an evaluation score can be gleaned from a logistic regression algorithm. This output can evaluate the efficacy of alerts from SIEM’s. With this insight security engineers, management and analysts alike can be empowered to make data driven decisions to tune and lessen the burden on the SOC from investigating fewer false positive related cases.

Key takeaways:  

1. SOC analysts are continually overwhelmed with the honorable job of investigating many alerts. But analysts are overwhelmed by tedious investigations that continue to be resolved with false positive or business as usual conclusions. 
2. We can score these cases by implementing a machine learning model to get closer to signal and more meaningful investigations rather than noisy or false positive related conclusions.


Speaker:

Brennan is a self-proclaimed data nerd. He has been working in the financial industry for the past 10 years and is striving to save the world with a little help from our machine friends. He has held cyber security, data scientist, and leadership roles at JP Morgan Chase, the Federal Reserve...


Numerous malware variants are being created daily. To adjust to this evolution, machine learning tools are being utilized by security companies to detect the novel threats and new attack vectors. Same for the threat hunting, where the ML helps in proactively and iteratively parsing through networks detecting the advance threats. Important question is where we want to apply these advanced techniques. The technology should be applied in a smart way to tackle specific problems. In this panel we will discuss the current state of AI in cybersecurity and what the future will hold.


Speakers:

Alexei is an analyst with specific focus on cybersecurity. His deep technical understanding allows him to support customers even with complex architectural and security challenges. Previously he has served as KuppingerCole's CTO. After graduating with an MSc degree in Mathematics and...

Brennan is a self-proclaimed data nerd. He has been working in the financial industry for the past 10 years and is striving to save the world with a little help from our machine friends. He has held cyber security, data scientist, and leadership roles at JP Morgan Chase, the Federal Reserve...



Moderators:

Quick Links

Book together with Borderless Cyber

Stay Connected

Information

Washington, D.C. - USA

Conference

CyberNext Summit 2019

Language:
English
Registration fee:
€1000.00 $1250.00 S$1600.00 11000.00 kr
Mastercard Visa American Express PayPal
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • Oct 08 - 10, 2019 Washington, D.C. - USA
Register now!

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00