Prescriptive security: using the haystack to find the needle

Posted on: April 8, 2019 by Zeina Zakhour

In our increasingly data-driven world, organizations are engaged in a race to gather operational and customer data and apply analytics to transform that data into valuable business insights. Yet one important application that is still rarely addressed is cybersecurity data analytics.

From proactive to prescriptive

We regularly hear about major cybersecurity breaches and wonder whether they were preventable. Prescriptive security is about exactly that: preventing breaches from happening by leveraging big data and supercomputing capabilities. As technologies advance, cybersecurity is shifting away from a reactive and proactive model to a prescriptive model that can analyze analytics patterns in order to identify the next threats and to automate the security control responses. While cybersecurity has been focused on finding the needle in the haystack, prescriptive security instead uses the haystack to find the needle by leveraging big data and machine learning analytics and utilizing all data generated within the organization and outside the organization, in order to bring 360° security visibility and eliminate all potential blind-spots.

With a Prescriptive Security Operations Centre (SOC), organizations will be able to:

Face the ever-evolving threat landscape: the threat landscape has been increasing exponentially as the adoption of new technologies such as Internet of Things (IoT), big data and cloud computing are expanding the attack surface. Every three months, over 18 million new malware samples are captured, with zero-day exploits (malware that goes undetected by traditional anti-virus software) expected to rise from one per week in 2015 to one per day by 2021. With prescriptive security, threat intelligence is no longer a separate technology watching process managed through alert bulletins, but an integrated part of the SOC where threat intelligence feeds give actionable risk scorings and can detect unknown threats before they even reach the organization.

Significantly improve detection and response times: time is on the side of any adversary who is patient, persistent and creative. We’re fighting human ingenuity and attackers aren’t playing by the same rules as we are. Prescriptive SOCs can change current operational models and considerably improve detection times and response times. Instead of thinking in days and months to detect and correct threats, with machine learning and automation we can neutralize emerging threats in real time and prevent future attacks.

Optimize cybersecurity resources: while cyberattacks are growing in volume, complexity and pervasiveness, organizations will need to counter these using limited resources. The latest research estimates that by 2020, over 1.8 million cybersecurity jobs will not be filled due to a shortage of skills. Prescriptive security, by introducing artificial intelligence and automatic response, will optimize the use of cybersecurity professionals who will be able to automate responses to common cyberattacks and focus on the more complex and persistent ones. It will also introduce new cybersecurity roles, such as cybersecurity data scientists to integrate statistical and mathematical models and provide innovative mechanisms to detect future cyberattacks.

Next-generation infrastructure

Prescriptive security advances a tri-dimensional paradigm by increasing the detection surface, increasing the velocity of response and decreasing the reaction time. By using big data, analytics and supercomputing, it also effectively optimizes the cost factor (human resources cost plus storage/compute power costs).

Prescriptive security SOCs will be the next-generation cybersecurity infrastructure that the digital economy needs to enable and engender confidence. With this in place, organizations will be able to effectively protect their business assets including valuable business data and customer personal data.

At Atos Technology Days, our cybersecurity experts will share the latest breakthroughs on our Security Operation Centers. Learn more from the event here.

Share this blog article

About Zeina Zakhour
Fellow, Global Chief Technical Officer, Digital security, Atos and member of the Scientific Community
Zeina Zakhour is Vice-president, Global CTO for Digital Security in Atos. Zeina has twenty years of experience in the Cybersecurity field covering the end-to-end spectrum of cybersecurity from security advisory, to security integration, Managed security services/Managed Detection and Response, to securing digital innovations (Cloud, IoT, Edge, AI etc…) as well as risk management, compliance and privacy. She holds a Bachelor of Engineering in C.C.E from Notre Dame University Lebanon, a M. Sc. From Telecom SudParis and an Executive MBA focused on Innovation & Entrepreneurship from HEC School of Management. Zeina is a member of the Atos Scientific community and a Fellow in cybersecurity. She is also a Certified Information Systems Security Professional (CISSP) and a certified ISO 27005 Risk Manager. She was the recipient of Atos Innovation trophy in 2013, was named in 2019 among the “100 fascinating Females Fighting cybercrime”, was listed in the CTO/CIO/CDO French top 10 influencers and was recognized as 2020 Cyber security leader by the Cyber Security Observatory.

Follow or contact Zeina