In anticipation of his upcoming conference presentation, Challenges of Information and Cyber Security Using Predictive Analytics at Predictive Analytics World for Business Chicago, June 19-22, 2017, we asked Steven Ulinski, Security Data Scientist at Health Care Service Corporation, a few questions about his work in predictive analytics.
Q: In your work with predictive analytics, what behavior or outcome do your models predict?
A: Honestly, we don’t know yet. We are just beginning to think data driven and move past rule based systems. Ultimately we are looking to predictive analytics to help us identify an attack on our systems before it happens so we can implement changes in our security posture to prevent any data loss. At this time, it’s more about finding breaches faster, and the ability to respond faster.
Q: How does predictive analytics deliver value at your organization – what is one specific way in which it actively drives decisions or operations?
A: In the cyber security industry, predicative analysis has provided a new method to identify a security incident, for instance using random forests against historical data. This is still a descriptive analysis, and we are looking for systems and models that will move us past this, and actually identify threats before they become threats. We want to actually move past predictive and get to prescriptive.
Q: Can you describe a quantitative result, such as the predictive lift of your model or the ROI of an analytics initiative?
A: We’re interested in preventing data breaches. We know that predictive analytics will increase our false positives rates. Ultimately, we will rate the value and quality of the models if they can discover data breaches in a timely manner.
Q: What surprising discovery or insight have you unearthed in your data?
A: In the past year we have researched how predictive analysis, other data analysis, and AI systems can help us. We haven’t truly begun to analyze our data with predictive analytics yet. However, I think the biggest challenge that we have with the data is the volume, variety, and velocity. Consider an enterprise firewall infrastructure. They generate a massive amount of information per hour. We want to analyze the firewall information with operating system information, user web behavior, and other factors to have a holistic view for threat detection. We have a lot of information, from various different logging mechanisms. Our analysts just cannot keep up with the data. We are looking to predictive analytics and other systems to help wrangle in our data. This is one reason Information Security systems are leveraging Big Data and ML.
Q: Sneak preview: Please tell us a take-away that you will provide during your talk at Predictive Analytics World.
A: The Rexer Data Science Survey showed that Information Security analytic goals were raised from 3% in 2013 to 5% in 2015. Additionally, only 1% of the time is being dedicated to Information Security. There are significant challenges in analyzing Information Security data. I’ll be discussing more about these challenges.
Don’t miss Steven’s conference presentation, Challenges of Information and Cyber Security Using Predictive Analytics on Wednesday, June 21, 2017 from 3:30 to 4:14 pm at Predictive Analytics World Chicago. Click here to register to attend. Use Code PATIMES for 15% off current prices (excludes workshops).
By: Eric Siegel, Founder, Predictive Analytics World
Eric Siegel is the founder of Predictive Analytics World (www.pawcon.com) — the leading cross-vendor conference series consisting of 10 annual events in New York, Chicago, San Francisco, Washington DC, London, and Berlin — and the author of the award-winning book, Predictive Analytics: The Power to Predict Who Will Click, Buy, Lie, or Die – Revised and Updated Edition, (Wiley, 2016).