Prescriptive security: using the haystack to find the needle


Posted on: April 8, 2019 by Zeina Zakhour

In our increasingly data-driven world, organizations are engaged in a race to gather operational and customer data and apply analytics to transform that data into valuable business insights. Yet one important application that is still rarely addressed is cybersecurity data analytics.

From proactive to prescriptive

We regularly hear about major cybersecurity breaches and wonder whether they were preventable. Prescriptive security is about exactly that: preventing breaches from happening by leveraging big data and supercomputing capabilities. As technologies advance, cybersecurity is shifting away from a reactive and proactive model to a prescriptive model that can analyze analytics patterns in order to identify the next threats and to automate the security control responses. While cybersecurity has been focused on finding the needle in the haystack, prescriptive security instead uses the haystack to find the needle by leveraging big data and machine learning analytics and utilizing all data generated within the organization and outside the organization, in order to bring 360° security visibility and eliminate all potential blind-spots.

With a Prescriptive Security Operations Centre (SOC), organizations will be able to:

Face the ever-evolving threat landscape: the threat landscape has been increasing exponentially as the adoption of new technologies such as Internet of Things (IoT), big data and cloud computing are expanding the attack surface. Every three months, over 18 million new malware samples are captured, with zero-day exploits (malware that goes undetected by traditional anti-virus software) expected to rise from one per week in 2015 to one per day by 2021. With prescriptive security, threat intelligence is no longer a separate technology watching process managed through alert bulletins, but an integrated part of the SOC where threat intelligence feeds give actionable risk scorings and can detect unknown threats before they even reach the organization.

Significantly improve detection and response times: time is on the side of any adversary who is patient, persistent and creative. We’re fighting human ingenuity and attackers aren’t playing by the same rules as we are. Prescriptive SOCs can change current operational models and considerably improve detection times and response times. Instead of thinking in days and months to detect and correct threats, with machine learning and automation we can neutralize emerging threats in real time and prevent future attacks.

Optimize cybersecurity resources: while cyberattacks are growing in volume, complexity and pervasiveness, organizations will need to counter these using limited resources. The latest research estimates that by 2020, over 1.8 million cybersecurity jobs will not be filled due to a shortage of skills. Prescriptive security, by introducing artificial intelligence and automatic response, will optimize the use of cybersecurity professionals who will be able to automate responses to common cyberattacks and focus on the more complex and persistent ones. It will also introduce new cybersecurity roles, such as cybersecurity data scientists to integrate statistical and mathematical models and provide innovative mechanisms to detect future cyberattacks.

Next-generation infrastructure

Prescriptive security advances a tri-dimensional paradigm by increasing the detection surface, increasing the velocity of response and decreasing the reaction time. By using big data, analytics and supercomputing, it also effectively optimizes the cost factor (human resources cost plus storage/compute power costs).

Prescriptive security SOCs will be the next-generation cybersecurity infrastructure that the digital economy needs to enable and engender confidence. With this in place, organizations will be able to effectively protect their business assets including valuable business data and  customer personal data.

At Atos Technology Days, our cybersecurity experts will share the latest breakthroughs on our Security Operation Centers. Learn more from the event here.

Share this blog article


About Zeina Zakhour

Global CTO for CyberSecurity and member of the Scientific Community
Zeina Zakhour is the Global CTO for Cyber Security in Atos, creating , by day and a few nights, innovative solutions to be a step ahead of cybercriminals. Not an easy task you might say… But she is putting her 17 years of experience in the Cybersecurity field to good use. Zeina covers the end-to-end spectrum of cybersecurity from security advisory, to security integration, Managed security services and IoT and Big data Security. She worked closely with Fortune 500 companies to advise them in their security strategy and secure their infrastructure and protect their data. She holds a Bachelor of Engineering in C.C.E from Notre Dame University Lebanon, a M. Sc. From Telecom Sud Paris and an Executive MBA from HEC. She is member of Atos Scientific Community & a Distinguished Expert in CyberSecurity. She is also a Certified Information Systems Security Professional (CISSP) and a certified ISO 27005 Risk Manager. Yet she believes that when it comes to cybersecurity, we never stop learning.

Follow or contact Zeina