Josh Mahoney, Senior Analytics Advisor for Cybersecurity at SAS, discussed ways that organizations can eliminate security blind spots during his presentation at the 2015 Chief Information Security Officer Leadership Forum in Dallas on Oct. 21. In his presentation, Mahoney pointed out that defining security analytics and using data to study cyber threats can help organizations minimize such issues.
According to Mahoney, improving visibility on networks should be a top priority for organizations, as this enables organizations to explore cyber threats in detail. In addition, he pointed out that exploring ways to improve data quality can have far-flung effects on an organization: “You have to have awesome data quality when it comes to looking at all this. Your IT asset management systems that you’ve got the data from or your active databases; they have to be cleaned up. There’s a lot of noise.”
Mahoney also noted that training employees about analytics can help these workers understand data and use it to improve security. If an organization deploys effective workflow processes, Mahoney said, it can further minimize security dangers: “You have to have great workflow processes, there has to be an analytic culture around the data on your networks and that will get you closer to earlier detection times of any abnormal behavior. And I caution, I’m not going to say malicious, bad, good or indifferent because really what we’re looking at is not all activity on the network is bad.”