Is Predictive Analytics the Future of Cybersecurity?October 22, 2018
What is one of the best ways to combat adversaries?
Know in advance how they behave.
This principle is the driving force behind the use of predictive analytics in cybersecurity – an approach that is generating heightened interest as the profession grapples with escalating threats. Some even call it the future of cybersecurity.
Daniel Newman, writing for Converge, sums up the buzz.
“Predictive analytics can discover a data breach before it happens,” Newman explains. “Like a radar that shows the enemy approaching, these analytics determine when and where attacks may occur… Instead of discovering a breach after the war has already been lost, predictive analytics enable you to outmaneuver hackers and come out victorious.”
Briefly defined, predictive analytics uses a combination of historical data and statistical algorithms to calculate the likelihood of future outcomes based on past events. It can be applied across broad areas of human endeavor, from sports to healthcare.
Michael Lewis’s 2003 bestseller, Moneyball, recounts how the Oakland Athletics employed a form of predictive analytics to gain a competitive edge despite scarce resources. Nearly everyone is familiar with the predictive analytical methods used by credit agencies and insurers to determine whether you can obtain a home loan, or to calculate your insurance rates. And those are only two of the many applications.
In cybersecurity, predictive analytics is a potential game-changer because it implies a shift in paradigms, from reactive to proactive. One especially promising aspect: machines can be taught to do it. Indeed, the development of predictive analytical approaches to cyber has already become closely intertwined with machine learning.
“Every breach creates anomalies in the network, like a thief leaving DNA evidence at the scene of a crime,” says Dr. William Butler of Capitol Technology University, highly regarded for its flagship cybersecurity program. “A skilled analyst can use this information to identify patterns of attack. Algorithms can then be developed that look for these patterns and red flag them to cybersecurity teams.”
“Attackers are becoming more and more sophisticated and we have to meet the challenge,” says Dr. Helen G. Barker, Capitol’s chief academic officer and vice president for academic affairs. “Predictive analytics is helping us do this.”
Two converging trends are driving the interest in this approach. One is the rapid increase in both the volume and sophistication of cyber threats. The emerging “Internet of Things ,” in which a wide array of devices are IP-enabled, has dramatically increased the number of attack vectors that a hacker or adversary can exploit.
Meanwhile, the number of trained cybersecurity professionals continues to be far lower than needed. Not only are too few people going into the field, but companies and organizations frequently scrimp on cybersecurity personnel and resources, balking at the investment.
Taken together, the two trends make for a potentially catastrophic mix. And while predictive analytics is unlikely to be a cure-all, magic-bullet solution, it can be a powerful addition to the cybersecurity toolkit.
It also heralds a new organizational role: that of cyber analyst. As organizations become increasingly drawn to the efficiency and effectiveness of analytics-based approaches, they’ll be looking for personnel who understand cyber threats – and also understand data. Hence Capitol’s new cyber analytics program, is dedicated to training exactly this kind of professional.
“The demand for this combination is unbelievable,” says Barker, the Capitol CAO. “Because of the lack of degree programs and other avenues for training, companies have had to train their own teams to do this internally. There hasn’t been anything out there that combines cybersecurity and analytics.”
There’s a saying among cybersecurity professionals: hackers are active 24 hours a day, seven days a week – but a cybersecurity team needs sleep.
With the aid of predictive analytics in combination with machine learning, that will be less of a hindrance.