Data-Driven Security

18
Data-Driven Security The Key to Determining What Works – and What Doesn’t

Transcript of Data-Driven Security

Page 1: Data-Driven Security

Data-Driven SecurityThe Key to Determining What Works

– and What Doesn’t

Page 2: Data-Driven Security

Who We Are

• Specialty non-profit academic pediatric institution

• 371 licensed beds• $2 billion annual revenue• Seattle Children’s Research

Institute - #5 in NIH pediatric funding

Page 3: Data-Driven Security

Who We Are Not

• In the business of information security

• Flush with resources• Security is waste

Page 4: Data-Driven Security

How Information Security Management is Typically

Performed

• Compliance-driven static checklists

• “Best Practices”• Crisis-driven culture that lauds

breakers over builders

Page 5: Data-Driven Security

We Know A Better Way

• Apply scientific rigor to security risk management

• Provide decision makers with credible information

“…the conscientious, explicit, and judicious use of current best evidence in making decisions about the care of individual patients” – Sacket, et all.

Page 6: Data-Driven Security

What is Data-Driven Security?

Domain Expertise

Data Management Programming Statistics Visualization

Page 7: Data-Driven Security

Framing the Question

• Identify stakeholders• Clarify problem to solve• Understand constraints and

limitations• Identify resources available

Page 8: Data-Driven Security

Performing the Analysis

• Open methodology• Search for insight vs. The Truth™

Page 9: Data-Driven Security

Presenting the Results

• First principles – Do No Harm• Understand and Communicate the

Story• The “So What” moment

Page 10: Data-Driven Security

Applied Examples

Vulnpryer Atlas Evaluator

Page 11: Data-Driven Security

Vulnpryer

• Vulnerability Prioritization• “Patch This Before That”• Tailored to our threat model

Open Source!https://github.com/SCH-CISM/vulnpryer

https://github.com/SCH-CISM/vulnpryer
Page 12: Data-Driven Security

Atlas

• Source of truth for application risk• FAIR-based application risk

assessment• Enables prioritization across

• Team• Directorate• Departmental

• Both strategic and tactical

Page 13: Data-Driven Security

Evaluator

• Program level security risk assessment

• FAIR-based strategic risk assessment

• Combines• Expert opinion• Real world data• Statistical sampling

Page 14: Data-Driven Security
Page 15: Data-Driven Security

Outcomes

• Improved response capabilities• Standardized conversations on risk• Prioritized resource allocation• Reduced work on non-productive

activities

Page 16: Data-Driven Security

How to Get Started

• Identify your pain points• Formulate the question• Create a hypothesis• Gather data• Test your hypothesis• Act with your increased knowledge!

Page 17: Data-Driven Security

David F. SeverskiSeattle Children’s

@DSeverski

Page 18: Data-Driven Security

References

Internal• CPI and Lean efforts• Biostatisticians

External• The New School of Information Security• Visualization Workshops• Stephen Few, Perceptual Edge

• Data-Driven Security• The Book!• The Podcast!

• How to Measure Anything & The Failure of Risk Management


PolicyPolicy--driven Distributed driven Distributed Data Management (iRODS)Data … · PolicyPolicy--driven Distributed driven Distributed Data Management (iRODS)Data Management (iRODS)

PolicyPolicy--driven Distributed driven Distributed Data Management (iRODS)Data … · PolicyPolicy--driven Distributed driven Distributed Data Management (iRODS)Data Management (iRODS)

Data management and security in a privacy- driven world

Data management and security in a privacy- driven world

The Journey to Data-Driven Security - Public · The Journey to Data-Driven COPYRIGHTED MATERIAL Security. c01.indd 01:13:33:PM 01/06/2014 Page 2 2 The Journey To DaTa-Driven SecuriT

The Journey to Data-Driven Security - Public · The Journey to Data-Driven COPYRIGHTED MATERIAL Security. c01.indd 01:13:33:PM 01/06/2014 Page 2 2 The Journey To DaTa-Driven SecuriT

Data-driven Cyber Security to Counterfeit Malicious Attacks · Data-driven Cyber Security to Counterfeit Malicious Attacks Yang Xiang Swinburne University of Technology, Australia

Data-driven Cyber Security to Counterfeit Malicious Attacks · Data-driven Cyber Security to Counterfeit Malicious Attacks Yang Xiang Swinburne University of Technology, Australia

Driven Security for Modern Threats - Reservoir Labs, Inc. · Driven Security for Modern Threats. ... Intelligence. Asset & CMDB. Employee. Info. Data. Stores. ... Corporate. Network

Driven Security for Modern Threats - Reservoir Labs, Inc. · Driven Security for Modern Threats. ... Intelligence. Asset & CMDB. Employee. Info. Data. Stores. ... Corporate. Network

What is Intelligence Driven Security? - Dell EMC · Adopt Intelligence Driven Security to build trust in a digital world What is Intelligence Driven Security? Intelligence Driven

What is Intelligence Driven Security? - Dell EMC · Adopt Intelligence Driven Security to build trust in a digital world What is Intelligence Driven Security? Intelligence Driven

Data-driven Security: Protect APIs from Adaptive Threats

Data-driven Security: Protect APIs from Adaptive Threats

The Data-Driven Economy as a Matter of National Security...The Data-Driven Economy as a Matter of National Security. 29 October 1969, the Internet Arrives! ... Connected Cities (e.g.,

The Data-Driven Economy as a Matter of National Security...The Data-Driven Economy as a Matter of National Security. 29 October 1969, the Internet Arrives! ... Connected Cities (e.g.,

Type-Driven Repair for Information Flow Security · Type-Driven Repair for Information Flow Security ... specifies a policy by annotating the source of sensitive data with a ...

Type-Driven Repair for Information Flow Security · Type-Driven Repair for Information Flow Security ... specifies a policy by annotating the source of sensitive data with a ...

Data-driven models of reputation in cyber-security · Data-driven models of reputation in cyber-security Tekna seminar, Digital trussel-etterretning med AI 05/02/2019 ... Predictions

Data-driven models of reputation in cyber-security · Data-driven models of reputation in cyber-security Tekna seminar, Digital trussel-etterretning med AI 05/02/2019 ... Predictions

Malware Task Identification: A Data Driven Approach - … · Malware Task Identification: A Data Driven Approach ... security expert’s own particular background. ... is only relevant

Malware Task Identification: A Data Driven Approach - … · Malware Task Identification: A Data Driven Approach ... security expert’s own particular background. ... is only relevant

Data-Driven Security-Constrained OPF

Data-Driven Security-Constrained OPF

Intelligence Driven Security

Intelligence Driven Security

Dynamic Data-Driven and Real-Time Verifica4on for ... · Dynamic Data-Driven and Real-Time Verifica4on for Industrial Control System Security PI: Dong (Kevin) Jin Ph.D. Students:

Dynamic Data-Driven and Real-Time Verifica4on for ... · Dynamic Data-Driven and Real-Time Verifica4on for Industrial Control System Security PI: Dong (Kevin) Jin Ph.D. Students:

BUILDING A DATA DRIVEN SECURITY STRATEGY1-v19-gdb-180418...SESSION ID: #RSAC Gabriel Bassett BUILDING A DATA DRIVEN SECURITY STRATEGY STR-R02 Senior Information Security Data Scientist

BUILDING A DATA DRIVEN SECURITY STRATEGY1-v19-gdb-180418...SESSION ID: #RSAC Gabriel Bassett BUILDING A DATA DRIVEN SECURITY STRATEGY STR-R02 Senior Information Security Data Scientist

Survey of Security Advances in Smart Grid: A Data Driven ...sensorweb.engr.uga.edu/wp-content/uploads/2016/10/... · 1 Survey of Security Advances in Smart Grid: A Data Driven Approach

Survey of Security Advances in Smart Grid: A Data Driven ...sensorweb.engr.uga.edu/wp-content/uploads/2016/10/... · 1 Survey of Security Advances in Smart Grid: A Data Driven Approach

The Evolution of Data Driven Security - MapR · 2019-07-16 · The Evolution of Data Driven Security Executive Summary Information is data with context. The number 42 is a data point.

The Evolution of Data Driven Security - MapR · 2019-07-16 · The Evolution of Data Driven Security Executive Summary Information is data with context. The number 42 is a data point.

Data-Driven Security - Government Executivecdn.govexec.com › media › gbc › docs › data-drive-security... · Data-Driven Security With the federal government gathering more

Data-Driven Security - Government Executivecdn.govexec.com › media › gbc › docs › data-drive-security... · Data-Driven Security With the federal government gathering more

BUSINESS-DRIVEN SECURITY POLICY MANAGEMENT · BUSINESS-DRIVEN SECURITY POLICY MANAGEMENT SOLUTION BROCHURE Security today must align with business processes. AlgoSec’s unique business-driven

BUSINESS-DRIVEN SECURITY POLICY MANAGEMENT · BUSINESS-DRIVEN SECURITY POLICY MANAGEMENT SOLUTION BROCHURE Security today must align with business processes. AlgoSec’s unique business-driven

Data-driven Reserve Allocation with Frequency Security ... Access-Xinran Zhuang.pdf · In this paper, a data-driven method for reserve allocation with frequency security constraint

Data-driven Reserve Allocation with Frequency Security ... Access-Xinran Zhuang.pdf · In this paper, a data-driven method for reserve allocation with frequency security constraint