This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
Cybersecurity experts are excited about big data because it is the “crime scene investigator” of data science. If your organization is hacked and customer information compromised, your use of big data to collect massive amounts of information on your systems, users and customers makes it possible for data analysts to provide insight into what went wrong.
But while big data can help solve the crime after it occurred, it doesn’t help prevent it in the first place. You’re still left cleaning up the mess left behind by the breach: angry customers, possible compliance issues with data privacy standards like HIPAA and PCI DSS, maybe even government fines and class-action lawsuits.
This is where big data fails to meet its big promise: when it is employed aftera data breach happens. As the old saying goes, “Hindsight is the best sight.” Big data, when utilized after a cyberattack, certainly gives you that. However, what it doesn’t give you is the ability to realize that a breach is happening, or is about to happen, and stop it before massive damage is done. Because of this, big data, when used in a vacuum, will not secure your systems, your business, or any of your sensitive information.
大数据的拉拉队会说你可以使用这个事后修复,让黑客进入你的系统摆在首位的问题。毕竟,既然你知道哪里出了问题,你可以修补系统,使其不会再发生了吧?
While that may be true – you may be able to prevent特定问题from happening again – cybersecurity simply doesn’t work that way. The threat landscape is dynamic, with new technologies, and thus, new vulnerabilities, emerging every day.
此外,黑客就像任何其他犯罪:他们是精明的,适应性强,并知道如何对人性的发挥。他们总是会发现你的弱点 - 和你最大的弱点是你自己的人,您值得信赖的员工。大多数的黑客不会闯入走后门系统。他们得到他们的手合法的登录凭据,本质上,在前门向右走。
因此,在大多数情况下,大数据分析,就会发现黑客利用,他们通过社会工程计划偷走,如网络钓鱼电子邮件雇员密码访问的系统通过登录到服务器X。(或者,更糟糕的是,证书可能是由恶意的内部人员交给他们。)
With this new insight, you may decide to provide training for your employees on cyber security best practices, such as how to spot a phishing email and the dangers of clicking on suspicious links. Employee cybersecurity training is essential, and it will help keep your systems safer, but it’s not a panacea.
Humans are fallible. They make mistakes when they are tired, distracted, or in a hurry to get something done. Additionally, no amount of training will stop a malicious insider – a disgruntled employee, ex-employee, or contractor who is determined to strike back at the company or make a quick buck selling confidential data on the Dark Net.
Thankfully, there is a solution: machine learning, a cutting-edge technology, built upon mathematical algorithms that learn and update in real-time, that enable computers to learn without being explicitly programmed. This is the same technology that powers self-driving cars, and it is the single most powerful weapon we have against hackers.
机器学习提供了大数据分析缺乏保护。相反,弄清楚为什么事后违约发生的,学习机可以识别数据泄露,因为它的发生或即将发生,并触发系统警报关闭违反任何下跌真正的损害之前完成。
Machine learning technology not only makes sense of big data; it can analyze it and extract insight from it far more quickly than a human or even a team of humans ever could. Because of its predictive capabilities, it can be proactive instead of reactive. In real time, machine learning technology can flag a hacker who is using stolen credentials and stop them from getting into your system.
这项技术是不是烤到网络 - 而是烤到应用程序/数据。这种认知防御盾是每次登录surveilling在应用程序和使用的应用程序,以确认此用户ID登录会话的“行为”是正常的参数或基线行为对于用户ID内内登录ID品牌手表的一举一动人。
For example, the algorithms may notice an employee’s credentials are being used from an offsite location, that the employee is attempting to access a part of the system they do not need to perform their job, or that a login attempt is occurring in the middle of the night. Because the machine learning technology has analyzed the employee’s normal computer usage and established a baseline pattern, it can recognize that a particular login attempt is not normal and potentially dangerous, and it will lock that user out until your IT staff can investigate the situation.
机器学习为您提供了直接的,重要的,可操作的洞察到你的用户数据;它为您提供了实时保护的是大数据分析不能。机器学习是确保您的系统的最佳方式,因为它是不断地学习什么是正常,什么是不,它可以在这个信息马上采取行动,黑客进入系统之前和抢断的记录数百或数千。
The technology is here now, already deployed, already catching criminals stealing sensitive data and delivering early alerts on data breaches and privacy violations. This cyber security technology is the future of high-performance solutions that protect the data. So, if big data is a crime scene investigator, you could say that machine learning is a cop on the beat: protecting your system against cybercriminals, enforcing the law, and stopping crimes in progress.
Varughese是Cognetyx主席(www.cognetyx.com),世界上第一个“环境认知网络监控”,以帮助保护数据。Cognetyx采用先进的机器学习人工智能技术来检测欺诈和恶意用户。