CyberEye

Blog archive
Is predictive analytics really a game changer?

Is predictive analytics really a game changer?

A recent report painted a curious picture of the state of federal government’s cybersecurity stance a year after the attack on the Office of Personnel Management, and its massive breach of government employee data, was revealed.

The report, by the non-profit industry group (ISC)2, suggested overall that government is still struggling with cybersecurity and how to effectively protect its networks, systems and data. Critical offices in many agencies, which by now should understand security imperatives, still aren’t on board.

However, what the report indicated for one key security tool may be the most interesting part.

When it comes to the technologies agencies can use to improve security, a large wedge of those security and IT professionals surveyed said they are looking to predictive analytics as the most significant and “game-changing” solution available to them. Predictive analytics received over 40 percent of the votes, against just single-digit tips for other solutions such as next-generation, identity-based distributed firewalls.

The report itself pointed out that the predictive analytics hype generated by the security industry could be behind that response. No security solution today is complete without at least some mention of a powerful analytics engine at the heart of it that will help the user get ahead of the bad guys and the threats they pose.

Analytics, as in being able to sift through vast amounts of data and flag potential dangers, certainly is a vital tool for security organizations. It provides a way to automate threat detection and allows organizations to more quickly respond to threats and intrusions, which in itself can significantly limit the impact of cyberattacks.

Predictive analytics, on the other hand, promise those organizations an ability that’s a step or two beyond that. As one of the respondents to the (ISC)2 report said, although “the jury is still out,” it’s a key component in getting ahead of the threat and preventing malicious activity rather than just cleaning up after the fact. The verdict on these predictive tools “is coming soon,” this former federal CISO said.

The Department of Homeland Security, for one, certainly seems convinced of the potential. In its fiscal 2016 performance plan, the DHS Office of Inspector General put predictive analytics front and center in preventing terrorism and enhancing security.

It’s not just security that can benefit. Other industries, such as healthcare, also see enormous potential in predictive analytics, and it’s apparently already driving a transformation in the way medical professionals assess their patients’ risk of contracting various diseases and conditions.

There’s no question that big data (itself once a much-hyped term) and analytics are becoming a large part of how organizations set themselves up to respond to cybersecurity threats, particularly as the black hats continue to design more sophisticated threats. Gartner, for example, has regularly projected their uptake by companies over the past few years.

When it comes to predictive analytics, however, some Gartner analysts are less sanguine. The results of predictive analytics don’t make for a convincing argument so far, though  there’s always hope.

To be fair, the (ISC)2 report also makes that uncertainty clear. Another respondent to the survey noted that while predictive analytics may help, they can’t be considered a silver bullet because bad guys these days work very hard to mask their activities and to make themselves look like routine users of the network.

So is predictive analytics really the game changer many seem to think it is, or at least could be? It seems likely to be a part of the security toolkit, and possibly even a vital part.  But given the way the threat industry has managed to twist and morph itself around defenses so far, it’s unlikely to be the answer.

Unfortunately, even for it to get that far, government organizations need to get much more serious about their security overall. On that issue, at least, the (ISC)2 report seems to be certain: The situation is depressingly bad.

Posted by Brian Robinson on May 20, 2016 at 8:30 AM


inside gcn

  • false missile alert

    Avoiding a repeat of Hawaii's 'wrong button' mistake

Reader Comments

Mon, May 23, 2016 Chris Crofton, MD

One thing to note, predictive analytics or pattern matching from a baseline that detects anomalies is a wonderful tool, I think the problem with OPM is they did not put money in their infrastructure and in their people. There is an article that mentioned the hack was worse than what people admitted to - https://www.lawfareblog.com/why-opm-hack-far-worse-you-imagine. From my understanding, this was not the first time and was reported. Katherine Archuleta did not put controls in place to address the first breach, she stepped down but during her watch, 21.6 million records were stolen in total (19.7m - 1st hack, 1.9m - 2nd hack) . I am not sure about you but why was she not sent to jail. She affected the lives of millions of people across the world, this was a travesty and nothing happened. This was almost as bad as the banking scandal (mortgages) and pensions (Enron) the same level of bureaucratic "sweeping this under the carpet and no one getting punished for it. The same ole stuff remains and nothing is changed - https://www.fas.org/sgp/crs/natsec/R44111.pdf. We keep talking about the same stuff, when is something going to get done. The person who was running OPM was focused more on raising awareness than addressing the most important aspect of all, "the client's PII information". Again, the technology is out there to address the problems but the problem is not with the technology it is resides with the people (a engineer can explain a problem to someone but if they don't take the time to review and understand it, it means nothing. I will close by saying, look at the trouble William "Bill" Benny and Thomas Drake went through trying to do the right thing, congress knew about it (they authorize anything about 3 million dollars for the NSA) and nothing was done until someone said something, and they wanted to leave it up and running for 6 more months after they violated the rights of the American people. Look at the indians, review the problems with found with the marines (Siempre Fi). They say God, Honor and Country and they were thrown under the bus by a select few. I won't talk about 9-11, that is another story (Thermite) but I will leave that alone. Chris

Mon, May 23, 2016 Research Scientist

The closer we get to real prediction, the more we can understand and identify the individual, eliminating any sense of privacy. If we collect health, mental health, education, family, genetics, and other personal records to analyze, we can likely identify risk targets before they act (see Minority Report); however, we also completely eliminate privacy and enhance the probability of false conviction without action. Are we willing to take that step for perceived security?

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

resources

HTML - No Current Item Deck
  • Transforming Constituent Services with Business Process Management
  • Improving Performance in Hybrid Clouds
  • Data Center Consolidation & Energy Efficiency in Federal Facilities

More from 1105 Public Sector Media Group