Page 12 - CARAHSOFT, September/October 2021
P. 12

The Ongoing Quest for Cybersecurity
Why data
is a critical
cybersecurity tool
Carolyn Duby
Field CTO and Cybersecurity Lead, Cloudera
reconstructing the sequence of events that happened during an intrusion, which fuels agencies’ ability to prevent future attacks. With AI, agencies can start to apply more sophisticated algorithms in their hunt for vulnerabilities and cyberthreats.
Strategic alliances
with industry leaders
Many breaches occur because of cybersecurity hygiene issues and misconfigurations. At Cloudera, we’re looking for ways to avoid those common problems by, for example, evaluating system logs to identify misconfigurations before they become vulnerabilities or
AI-powered analysis of system data can help agencies strengthen their response to cyberthreats
DATA PLAYS AN INTEGRAL ROLE in the government’s efforts to secure its
systems from cyberattacks. It is the key
to deriving deeper insights into agencies’ networks and boosting their ability to hunt for threats rather than just respond to them.
Each cybersecurity tool collects data based on a specific point of view. By bringing all the point solutions together, agencies can gain a fuller understanding of what’s happening in their networks and can then detect, respond to and investigate threats.
When agencies combine all that data over a long period of time, they have the ability to go back and see how
an intrusion occurred, how to
stop it and how to prevent it from happening again. Furthermore,
when agencies have all the
information they need, they can proactively look at their networks
and see if something is developing
that they haven’t seen before.
AI and behavior-based threat detection
Success in this area requires agencies to move to a real-time ingestion protocol. They should adopt a platform that can ingest many types of data in diverse formats and put everything into a schema that is consistent across all the different sources. In addition, the platform must be able to adapt to varying amounts of data so that
it can scale up or down to ensure optimal performance and cost-efficiency.
Once agencies have gathered their
data in a scalable, flexible platform, they can apply artificial intelligence to derive insights from the data. AI speeds analysis and is particularly effective when agencies move from signature-based to behavior- based threat detection. A signature-based approach is good for detecting threats we already know about, but a behavior-based AI approach can adapt to new threats by looking for anomalies such as changes
in the behavior of a server or endpoint device.
AI also helps with investigations by
Shutterstock/FCW Staff

   10   11   12   13   14