Building the Self Defending Enterprise

Algorithms. Algorithms. Algorithms.

If Steve Ballmer were still running the show at Microsoft, I’m pretty sure that would have been his chant at the next conference. The abundance of data being generated, collected and analyzed now is so vast that it has been a completely logical progression to move away from human analysis to algorithmic analysis in this “big data era”. Data science is hot, and its methods and mind set have already transformed the advertising, retail and media industries – all in pursuit of the noble goal of improving the odds of making a sale through targeted marketing and recommendations. However (queasy) you may feel about that, it is an undeniable fact that many industries are moving towards automated decision-making which takes humans out of the equation and promises better outcomes based on data and analysis.

RiseOfMLAlgo

So what does this mean for identity management and security? I’ve been exploring this ever since I gave my talk at the 2014 Cloud Identity Summit. The history of the security industry is littered with failed products built on the promise of expert systems. But I believe we are at a convergence point; we now have an ever growing mountain of data available for analysis, while machine learning and other data science methodologies have improved significantly in both capability and performance. The result: security solutions that have the ability to dynamically identify, report and even remediate issues which the vendor and operator didn’t need to foresee and create predefined policies or conditions for. And while the military may be leveraging this to build what amounts to a cyber-Skynet, it is also driving real innovation in the areas of enterprise and online security. Security automation is creating solutions that go beyond simply enforcing your defenses, and actually dynamically define them. 

Security automation is just one of a few factors that are helping create a security blueprint for what I have coined ‘The Self-Defending Enterprise’. Not a terribly original moniker, I know, but one that has a nice ring to it as it speaks to both a pressing need and an emerging capability. In a borderless IT environment where threat vectors continuously shift, evolve and multiply, we cannot rely on security models that are network-based, prescriptive and hardened. This brave new world needs bold new solutions.

I’ll be expanding on the model and these other factors in the coming months. Some of this has been driving the work I’ve been doing in my day job (which has kept me away from my real day job of engaging in twitter banter with Paul and Brian). And with RSA Conference happening in San Francisco in a little over a week (I’ll be there along with other folks from CA – check out details of our presence there), there should be ample opportunity to discuss this and see different vendors whose solutions are changing the landscape. So stay tuned for my twitter commentary on location; and as usual, ping me if you’d like to meet up.

Algo-Cartoon