In this special guest feature, Cecilia Pizzurro, Senior Director, Strategic Data Projects at LOGICnow, discusses the convergence of data/machine learning and cybersecurity, and the idea that these two are playing off of each other in a more meaningful way than ever before. Cecilia leads a team of data scientists and software engineers in Cambridge (US) and Newcastle (UK). These teams use machine learning and big data analytics to find business value in the vast amount of customer data gathered from LOGICnow's products. She was also the co-founder and CTO of the The Dolomite Group, a South American mining consortium, pioneering machine learning and big data analyses to improve mining efficiency and reduce environmental impact in Peru. This company is currently finalizing its acquisition by a Chilean mining company.
Kiwi startups are in for an extra NZ 15 million of funding as the New Zealand government looks to promote more high-tech exports in its Federal Budget. The money, spread over four years, will go towards boosting two schemes aimed at speeding up the commercialisation of research and tech companies, Science and Innovation Minister Steven Joyce said. The Pre-Seed Accelerator Fund, which helps scientists turn research into commercial products, will get NZ 12 million of the sum, taking its total annual funding to about NZ 8 million each year. The other NZ 3 million will be spent on extending a three-year pilot program to fund new accelerators. Earlier this month, the New Zealand government announced that NZ 22 million would be spent on the creation of a new national Computer Emergency Response Team (CERT).
Rather than attempt to thwart hackers by making it costly and difficult for them to launch attacks, which will also increase costs for the defenders, a more effective strategy may be to deflat the value of successful breaches and employ a decentralised security approach. With billions of Internet of Things (IoT) devices expected to be connected to the web by end-2016, a more appropriate tactic would be required to better combat potential attacks, said Dino Dai Zovi, mobile security lead at Square, during his keynote Thursday at Black Hat Asia 2016 held in Singapore. "With IoT, there's need to decentralise trust... Having ultimate trust in all these devices will be increasingly dangerous. If we can decentralise trust, we can ensure overall safety," Zovi said, noting that distributing control and data sharing on these devices would prevent one breached device from being used as ransomware or to infect others on the same network, such as a personal home network. There also should be "an anchor of trust" tasked to provide the main layer of security, where a hardware-based mechanism would most easily facilitate this.
The UK government statistics for 2016 reported that 65% of large firms detected a breach in the previous year, a quarter of which occurred at least once a month. More worryingly, a report by Gartner shows that 80% of all security incidents go undetected by the breached organisations, so the rates of cyber attack are higher than we realise. The costs of cyber attack can be crippling, as highlighted by the media in their coverage of the various incidences that have rocked the IT security world in the past few months. Seemingly robust and industry-leading organisations such as Yahoo have suffered large-scale hacks, while attacks on financial institutions provide very real examples of what customers and businesses stand to lose by being the victim of a cyber attack. When Tesco Bank was hacked in 2016, £2.5 million was stolen from customer accounts, and the recent Lloyds Bank attack saw 20 million customer accounts compromised.
Unified threat management (UTM) is a critical component of modern network security policy best practices, and those in the market for a new UTM would do well to check out Interset, a threat management platform that combines Machine Learning (ML) with a Big Data architecture to identify potential threats that would otherwise go undetected. Interset uses extensive data ingestion capabilities that correlate events/activities with entities to determine the level of risk that is being encountered at any given time. Modern network security policy best practices include the use of Big Data analytics to harvest and examine ostensibly unrelated bits of data to find relationships and expose trends that lead to predictions of risky or bad behaviors. Interset does so in a different fashion than most threat mitigation products. Interset ingests multiple data sources related to the movement of data across (or inside) of the network, while also gathering information about the entities involved.