Peers Discuss Building Security Data Science Capability


Posted on by RSAC Contributor

By Clay Carter, Security Architect Leader, GE Digital

Security data science is an emerging space and it was clear from our RSA Conference Peer2Peer session, Building Security Data Science Capability, that many companies are still just starting to explore how they can build their security data science capability. The group was hesitant at first to contribute, but we were fortunate to have a few key participants who were willing to share their successes so far with applying data science techniques.  

We focused on the methodology of applying statistical rigor based on the scientific method. In our one-hour discussion, we covered topics including problem definition, data types, analysis methods, presentation techniques, finding the right talent, and working with vendors in the space.  t was a great experience, and I was encouraged by how many people were interested in the topic.

There were two major themes of the discussion that stood out. First, applying data science to security is still very new. Many are interested and want to learn more, but there are few successful programs out there that are willing to serve as examples. We need more companies and individuals to share their successes and failures with the community. Security isn’t a zero-sum game between the defenders.  

Second, there is a clear skills gap between security subject-matter expertise and the mathematical and analysis skills required to succeed. The skillset of understanding and interpreting statistical models is quickly becoming a key requirement for security analysts. Security organizations need to start building this talent now.

The other major gap area is in building and refining these models targeted at security use cases. This is a lessor priority from a talent standpoint since vendor platforms or external consultants can create these models. In the future, the in-house capability to build and refine models will become a more pressing need.

Outside of our Peer2Peer session, I was able to visit many vendors and discuss the state of data science in security with several of the P2P participants. The hype around User Behavioral Analytics (UBA) is massive and nearly every security product from endpoint to network to identity has its own UBA module.

This reinforced our discussion during the session that we need better examples of successes and failures with data science within the security community. We need leaders to talk about their journeys in applying more mathematical rigor and how others can learn from these experiences. I’m looking forward to next year and hearing about the progress everyone is making!

Clay Carter has experience presenting in front of large technical and academic audiences (100+ members) on topics such as technology trends and career pathing in information security. He is a master’s candidate in systems engineering and is actively researching these topics as well as applying them on a daily basis in his role as a Security Architect at GE. Prior to GE, Carter was a Security Architect at Genworth Financial and has wide exposure to vendor solutions and platforms promoted in this space.

Contributors
RSAC Contributor

, RSAC

data security

View More Blogs

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs