Kenneth W Garland

Nice work. I liked how you addressed right up front your shift in focus. One area to watch yourself is in shifting between plural and singular. At certain points in the presentation you reference “we” found something. Later you used “I”. Just want to be consistent. Nice findings and analysis.

You may want to take a glance at Imperva’s product line. They essential have a behavioral tool for Web, Database, and Cloud. Probably not as sophisticated as what the article describes, but they do compete in this space.

Just my opinion, but machine learning isn’t likely to replace the need for human analysts any time soon. From what I have experienced, the more automation you throw at the problem, the more things you find to investigate. End result is you need more staff. Additionally, the staff is hard to keep. Good people have lots of external opportunities and are often “stuck” in their analyst role as they are deemed to valuable to allow them to transfer. This makes it even more likely they will leave.

Great article Silas. The company I work for brought in a speaker to talk machine learning for cyber. The idea behind it is to automate tasks that a human might do. For instance, in the case of incident response where there was a network breach. Instead of having a human do the analysis on what and how something was stolen, and patching the system, have the machine learning system do it instead. I doubt machine learning will ever replace humans, but it will be a great tool to use.

Here is another article for reference: http://www.cybersecurity-review.com/industry-perspective/applying-machine-learning-to-advance-cyber-security-analytics

Interesting article Silas. I think that machine learning and the IT staff need to work in tandem. As you mentioned, a computer’s abilities to run logic and algorithms is infinitely superior to a humans. Naturally, we should leverage machine learning to act upon its strengths. As professor Mackley mentioned, the computer will greatly increase detection of issues. As a result, less data analysis professionals will be needed. Conversely, with more issues needing to be addressed, more technical personnel will be required to manage the threats.

Still, the significance of the opportunities machine learning creates for detection and maintenance of security threats is undeniable.

Thanks everyone, today 9/7 I went to the team that is designing the algo positing the same notions as each one of you! It forced me to go back and research more heavily into the algo and into the ability of a machine learning algorithm (which seemingly is more than just a tool). In addition to next weeks article I will post an additional article and scholarly references for using statistical ensembles, statistical mechanics and congruent partition functions written into algorithms that predict intrusions; the possible business implications of such innovations are exciting to think about. These are becoming increasingly known as Distributed Intrusion Forecasting System and intelligent systems as opposed to simply a tool. I’ll post next week for all interested.