Blogs

Security that thinks is now thinking deeply

Posted by Jacob Sendowski on Apr 26, 2017 8:05:42 AM

Whether the task is driving a nail, fastening a screw, or detecting a hidden HTTP tunnel, it pays to have the right tool for the job. The wrong tool can increase the time to accomplish a task, waste valuable resources, or worse. Leveraging the power of machine learning is no different.

Vectra has adopted the philosophy of implementing the most optimal machine learning tool for each attacker behavior detection algorithm. Each method has its own strengths.

Read More »

Topics: machine learning, cybersecurity, deep learning


AI: Is science fiction on a collision course with science fact?

Posted by Chris Morales on Mar 30, 2017 3:48:43 PM

Sometimes science fiction becomes less fantastic over time than the actual reality. Take the film Ghost in the Shell, for example, which hits the big screen this week. It’s an adaptation of the fictional 28-year-old cult classic Japanese manga about human and machine augmentation.

Read More »

Topics: cyber security, machine learning, artificial intelligence


Security automation isn't AI security

Posted by Günter Ollmann on Jan 17, 2017 2:11:52 PM

This blog was orignially published on ISACA Now.

In many spheres of employment, the application of Artificial Intelligence (AI) technology is creating a growing fear. Kevin Maney of Newsweek vividly summarized the pending transformation of employment and the concerns it raises in his recent article "How artificial intelligence and robots will radically transform the economy."

In the Information Security (InfoSec) community, AI is commonly seen as a savior – an application of technology that will allow businesses to more rapidly identify and mitigate threats, without having to add more humans. That human factor is commonly seen as a business inhibitor as the necessary skills and experience are both costly and difficult to obtain.

As a consequence, over the last few years, many vendors have re-engineered and re-branded their products as employing AI – both as a hat-tip to their customer’s growing frustrations that combating every new threat requires additional personnel to look after the tools and products being sold to them, and as a differentiator amongst “legacy” approaches to dealing with the threats that persist despite two decades of detection innovation.

The rebranding, remarketing, and inclusion of various data science buzzwords – machine intelligence, machine learning, big data, data lakes, unsupervised learning – into product sales pitches and collateral have made it appear that security automation is the same as AI security.

Read More »

Topics: cyber security, machine learning, cybersecurity, artificial intelligence, security automation


Politics and the bungling of big data

Posted by David Pegna on Nov 17, 2016 12:00:00 PM

We live in the age where big data and data science are used to predict everything from what I might want to buy on Amazon to the outcome of an election.

The results of the Brexit referendum caught many by surprise because pollsters suggested that a “stay” vote would prevail. And we all know how that turned out.

History repeated itself on Nov. 8 when U.S. president-elect Donald Trump won his bid for the White House. Most polls and pundits predicted there would be a Democratic victory, and few questioned their validity.

The Wall Street Journal article, Election Day Forecasts Deal Blow to Data Science, made three very important points about big data and data science:

  • Dark data, data that is unknown, can result in misleading predictions.
  • Asking simplistic questions yields a limited data set that produces ineffective conclusions.
  • “Without comprehensive data, you tend to get non-comprehensive predictions.”
Read More »

Topics: Data Science, cyber security, machine learning


From the Iron Age to the “Machine Learning Age”

Posted by Günter Ollmann on Aug 30, 2016 8:00:00 AM

It is likely self-evident to many that the security industry’s most overused buzzword of the year is “machine learning.” Yet, despite the ubiquity of the term and its presence in company marketing literature, most people – including those working for many of the vendors using the term – don’t actually know what it means.

Read More »

Topics: cyber security, machine learning, cybersecurity


Ransomware, encryption and machine learning – Three key takeaways from Infosecurity 2016

Posted by Matt Walmsley on Jun 15, 2016 3:00:25 AM

Ransomware, encryption and machine learning – Three key takeaways from Infosecurity 2016

Last week was a long one. Vectra participated for the first time at Infosecurity Europe in London. Now that my feet have recovered from our very busy booth I thought I shared a few of the recurring themes I noticed at the show.

Ransomware. Definitely the threat de rigueur with vendors coming at the problem from various angles, including DNS management and client based solutions. Vectra was part of the buzz too, offering a network-centric approach with our newly announced ransomware file activity detection.

Read More »

Topics: machine learning, Encryption, Ransomware


Automate to optimise your security teams

Posted by Matt Walmsley on Jan 4, 2016 12:56:29 PM

Mind the gap
87% of U.K. senior IT and business professionals believe there is a shortage of skilled cybersecurity staff, the same percentage of UK security leaders also want to hire CISSP credentialed staff into their teams. Nothing of real surprise in that there’s a gap; let’s fill it with demonstrable high calibre professionals, right? Well, not quite. That skills gap also includes a “CISSP” gap. With 10,000+ UK security positions out there but just over 5,000 UK CISSPs, the math simply doesn’t add up. We should also consider that credentials like CISSP demonstrate excellent existing domain knowledge but does not help hiring managers understand soft skills, attitudes and other characteristics that combine to form the overall “talent and capabilities” of a candidate.

A pragmatic approach is therefore to hire on traits such as adaptability, collaboration and innovation alongside evidence of requisite technical capabilities. After all, in a rapidly changing digital landscape you’re hiring for tomorrow’s battle not yesterday’s, so agility is essential. Today’s security teams need to be ready to handle the new risks, challenges and the increased pace of change that Internet of Things (IoT) [Read more on IoT security],  cloud, mobility and social media all bring to the security challenge. The talent pool is limited, as are organisations' overall cyber security resources. It’s time to develop and support from within and broaden recruitment methodologies for those hard-to-fill open positions.

Read More »

Topics: machine learning, Automated Threat Detection.


Insider Threats: Spotting “the Inside Job“

Posted by Angela Heindl-Schober on Dec 14, 2015 11:38:29 AM

Incidents of fraud, theft and abuse enacted by rogue insiders present organisations with the ultimate in targeted threats. These are executed against them from highly motivated actors, operating with a high degree of internal organisational knowledge and comparative ease of access. Such threats have the ability to create sizable risks in relation to digital assets and are also the most challenging to manage.

Security leaders have to understand their organisation’s context and operations in order to strike a balance between protection, control and creating value.

Users tied up in complex and over-controlling systems are unable to perform. Too light a touch sees key assets and resources too easy to misuse, alter or steal. Blending layers of organisational, physical and technical policy and management can provide a meaningful way of reducing internal cyber attacks, but no solution can be perfect. Organisations must also enable themselves to identify and recognise illegitimate internal actions and make timely interventions.

Read More »

Topics: Insider Threats, machine learning


Automate detection of cyber threats in real time. Why wait?

Posted by Jerish Parapurath on May 15, 2015 10:01:43 AM

Time is a big expense when it comes to detecting cyber threats and malware. The proliferation of new malware variants makes it impossible to detect and prevent zero-day threats in real-time. Sandboxing takes at least 30 minutes to analyze a file and deliver a signature – and by then, threats will have spread to many more endpoints. 

Read More »

Topics: Targeted Attacks, Malware Attacks, Data Science, machine learning


Cybersecurity, data science and machine learning: Is all data equal?

Posted by David Pegna on May 9, 2015 9:00:00 AM

Big Data Sends Cybersecurity back to the future In big-data discussions, the value of data sometimes refers to the predictive capability of a given data model and other times to the discovery of hidden insights that appear when rigorous analytical methods are applied to the data itself. From a cybersecurity point of view, I believe the value of data refers first to the "nature" of the data itself. Positive data, i.e. malicious network traffic data from malware and cyberattacks, have much more value than some other data science problems. To better understand this, let's start to discuss how a wealth of network traffic data can be used to build network security models through the use of machine learning techniques.

Read More »

Topics: Data Science, cyber security, machine learning


Subscribe to the Vectra Blog



Follow us