Welcome!

Mobile IoT Authors: Pat Romanski, William Schmarzo, Gopala Krishna Behara, Sridhar Chalasani, Tirumala Khandrika

Related Topics: Cloud Security, @CloudExpo, @ThingsExpo

Cloud Security: Blog Post

The Cyber Security Maturity Model | @CloudExpo [#IoT #Cloud]

Unsupervised Learning In Cyber Security

Cyber Attacks
We continue to see an increasing trend in cyber-attacks in line with the growth of new technologies, and enterprises have to protect themselves. It is critical for enterprises to devise their own measures to protect against cyber-attacks because any tolerance on this front is more than an IT issue but may affect the very existence and the business model of the enterprise. We have seen in a recent incident where a cyber-attack prevented a large enterprise from performing their basic business process.

Limitations of Policy Based Approach
In the past decade to mitigate the risk of cyber-attacks, enterprises usually appointed security officers and they ensured typical Zero Tolerance Policies on their network, applications, processes and people. Some of them include:

  • No access from home
  • No external devices at work
  • No access to the Internet at work
  • No access to production environments from the development environment
  • No exposure of application APIs outside the firewall

Most of these policies resulted from the first principles of security and quality audits and they continue to be relevant, but some of the basic business models of enterprises have changed:

  • Mobility is a part of enterprise business model such that much of the enterprise business is served through mobile devices anywhere, any time
  • Gen Y workforce demanded to work from anywhere, which means access to the systems should also be open from anywhere
  • Internet of Things opened a new set of business opportunities and at the same time opened up the very micro-level component of an assembly pipeline in a manufacturing plant to the external world
  • Social media and crowdsourcing almost becomes part of most business processes like CRM, Warranty Management, and HRMS
  • Cloud is the enabler that enterprises cannot ignore
  • The DevOps model is sweeping the industry so that the barriers between the production environment and development environment no longer exist

With these points in mind, while the traditional approach of policy enforcement mainly through human means still holds good as a base protection, but will not protect an enterprise from all possibilities of cyber-attack, because the options and combinations are so much such that mere policy enforcement will not identify and prevent them.

Machine Learning Approach
As the enterprise becomes digital, which means every touc hpoint and navigation across the enterprise is handled with some sort of a connected device, be it a VPN gateway, directory servers, access card systems, fingerprint recognition systems, network devices and more, we are in the midst of massive flow of machine data when it comes to tracking the cyber-attacks.

Fortunately the advent of cloud and its byproducts, such as Big Data storage and massively parallel processing frameworks, have provided an opportunity for enterprises to tackle the issue of monitoring the security breaches and also to prevent them. This means enterprises adopted the techniques of understanding massive flows of machine data from various sources and found ways and means to find insights out of that data toward possible security breaches and cyber-attacks.

Machine Learning Approach Maturity Models
To fill in the vacuum in the cyber security prevention space as well as to help the enterprises, several Big Data and machine learning solutions have appeared in the market that claim to help enterprises detect and prevent security attacks. So naturally enterprises will find them interesting but at the same time these initiatives involve cost and effort as well as the risk of choosing a solution that may not foresee all the possibilities and yet make the enterprises vulnerable.

The following maturity models will help enterprises understand the capabilities of the solutions that they will employ to tackle the cyber-security threats.

Level I (Preventive/ Rule Based)
This analyzes the machine data based on certain known rules, which may vary from industry to industry. For example, a finance industry may not allow a credit card authentication of the same card within a span of five minutes from two different geographic areas. Or a healthcare application may not allow log on to a critical life monitoring system from an IP address not listed as part of known addresses. The role of a rule-based approach continues to hold good but they are limited to the domain knowledge of the solution providers and require constant updates to the rule engine.

Level II (Predictive/ Supervised Machine Learning)
A rule-based approach prevents attacks from known conditions and most of the time they cannot predict the intent of the user before an event has occurred. For example, if a rule detects user intention after four failed login attempts, what if a user is able to breach the network on the first attempt. Supervised machine learning methods come to rescue to predict the user intent based on past training data. This technique is highly useful for enterprises in areas like predicting the behavior of a customer or the likelihood of acquiring or losing a customer. Because this approach is highly dependent on past data, we are already seeing the online ad engines offering the products we look for while we are browsing online. In the machine learning world, most algorithms support this technique:

  • Linear regression
  • K - nearest neighbors
  • Naïve bayes
  • Logistic regression
  • Decision tress

This technique will continue to be useful for detecting certain known conditions that occurred in the past for which enterprise security analysts could clearly label them.

But consider the fact that today's hackers are getting sophisticated day by day and security attacks come from unknown places and in unknown means. This means that it is almost impossible to label the security breaches based on some indicators. We have seen that some enterprises are attacked first time in their history and yet that one attack will be so devastating such that there will not be even another chance for the enterprise to survive. This kind of supervised machine learning can be good in other scenarios whereby an enterprise that has lost customers in the past can figure out the likelihood of losing another customer and take preventive actions. Software solutions for cyber-attacks can continue to employ this technique to bring an additional level of protection to their solution.

Level III (Cognitive/ Unsupervised Machine Learning)
There is a recent interview with MIT Artificial Intelligence Expert Professor Joel Moses - Next Phase Of Artificial Intelligence is all about Unsupervised Machine Learning. Such is the power of this level of maturity. In the unsupervised model the goal is to identify or label a threat without any past labeling; rather it will try to cluster the data in a fashion close to the level of human brains but at the speed of machine, such that the abnormal patterns are detected and security is enforced. Some of the famous algorithms for unsupervised learning are:

  • Hidden Markov Models
  • K-Means Clustering

As you see these algorithms they try to uncover something that hasn't already happened with the level of intelligence closest to human thinking or what we call as artificial intelligence.

Summary
All the methods explained above are not mutually exclusive, in order for your enterprise to be effectively immune from cyber threats, you need a,

  • Strong Security Policies & Governance
  • You needed rule based algorithms that prevent known threats
  • You needed supervised machine learning that will predict the past labelled security threats

Finally you can complement all of the above with Unsupervised Machine Learning that will even understand the unknown events of the past and predict the security breaches. So you can always assess your security defense at what level of maturity and take further actions to protect your enterprise.

More Stories By Srinivasan Sundara Rajan

Highly passionate about utilizing Digital Technologies to enable next generation enterprise. Believes in enterprise transformation through the Natives (Cloud Native & Mobile Native).

@ThingsExpo Stories
The 22nd International Cloud Expo | 1st DXWorld Expo has announced that its Call for Papers is open. Cloud Expo | DXWorld Expo, to be held June 5-7, 2018, at the Javits Center in New York, NY, brings together Cloud Computing, Digital Transformation, Big Data, Internet of Things, DevOps, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...
SYS-CON Events announced today that Synametrics Technologies will exhibit at SYS-CON's 22nd International Cloud Expo®, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Synametrics Technologies is a privately held company based in Plainsboro, New Jersey that has been providing solutions for the developer community since 1997. Based on the success of its initial product offerings such as WinSQL, Xeams, SynaMan and Syncrify, Synametrics continues to create and hone inn...
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
No hype cycles or predictions of a gazillion things here. IoT is here. You get it. You know your business and have great ideas for a business transformation strategy. What comes next? Time to make it happen. In his session at @ThingsExpo, Jay Mason, an Associate Partner of Analytics, IoT & Cybersecurity at M&S Consulting, presented a step-by-step plan to develop your technology implementation strategy. He also discussed the evaluation of communication standards and IoT messaging protocols, data...
Product connectivity goes hand and hand these days with increased use of personal data. New IoT devices are becoming more personalized than ever before. In his session at 22nd Cloud Expo | DXWorld Expo, Nicolas Fierro, CEO of MIMIR Blockchain Solutions, will discuss how in order to protect your data and privacy, IoT applications need to embrace Blockchain technology for a new level of product security never before seen - or needed.
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and B...
Cloud Expo | DXWorld Expo have announced the conference tracks for Cloud Expo 2018. Cloud Expo will be held June 5-7, 2018, at the Javits Center in New York City, and November 6-8, 2018, at the Santa Clara Convention Center, Santa Clara, CA. Digital Transformation (DX) is a major focus with the introduction of DX Expo within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive ov...
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, whic...
"Evatronix provides design services to companies that need to integrate the IoT technology in their products but they don't necessarily have the expertise, knowledge and design team to do so," explained Adam Morawiec, VP of Business Development at Evatronix, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, discussed how they built...
Digital Transformation (DX) is not a "one-size-fits all" strategy. Each organization needs to develop its own unique, long-term DX plan. It must do so by realizing that we now live in a data-driven age, and that technologies such as Cloud Computing, Big Data, the IoT, Cognitive Computing, and Blockchain are only tools. In her general session at 21st Cloud Expo, Rebecca Wanta explained how the strategy must focus on DX and include a commitment from top management to create great IT jobs, monitor ...
"Digital transformation - what we knew about it in the past has been redefined. Automation is going to play such a huge role in that because the culture, the technology, and the business operations are being shifted now," stated Brian Boeggeman, VP of Alliances & Partnerships at Ayehu, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
SYS-CON Events announced today that Evatronix will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Evatronix SA offers comprehensive solutions in the design and implementation of electronic systems, in CAD / CAM deployment, and also is a designer and manufacturer of advanced 3D scanners for professional applications.
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. In his session at @BigDataExpo, Jack Norris, Senior Vice President, Data and Applications at MapR Technologies, reviewed best practices to ...
Recently, WebRTC has a lot of eyes from market. The use cases of WebRTC are expanding - video chat, online education, online health care etc. Not only for human-to-human communication, but also IoT use cases such as machine to human use cases can be seen recently. One of the typical use-case is remote camera monitoring. With WebRTC, people can have interoperability and flexibility for deploying monitoring service. However, the benefit of WebRTC for IoT is not only its convenience and interopera...
Nordstrom is transforming the way that they do business and the cloud is the key to enabling speed and hyper personalized customer experiences. In his session at 21st Cloud Expo, Ken Schow, VP of Engineering at Nordstrom, discussed some of the key learnings and common pitfalls of large enterprises moving to the cloud. This includes strategies around choosing a cloud provider(s), architecture, and lessons learned. In addition, he covered some of the best practices for structured team migration an...
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, examined the regulations and provided insight on how it affects technology, challenges the established rules and will usher in new levels of diligence arou...
22nd International Cloud Expo, taking place June 5-7, 2018, at the Javits Center in New York City, NY, and co-located with the 1st DXWorld Expo will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud ...
22nd International Cloud Expo, taking place June 5-7, 2018, at the Javits Center in New York City, NY, and co-located with the 1st DXWorld Expo will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud ...