Latest Cyber Lecture explores the intersection between data science and cybersecurity
On October 6, 2021, Dean Jelena Kovačević opened the 11th in a series of lectures co-sponsored by AIG and the NYU Center for Cybersecurity by reminding attendees that, as Cybersecurity Awareness Month, October was a particularly fitting time for the event.
Awareness was definitely raised, since the lecture’s theme, “Data Science as the Foundation for a Cyber Security Program,” was one that even the most seasoned cyber professionals may never have considered. “I realize this may be a contentious topic — not least because the term data science gets thrown around sometimes without being specifically defined or differentiated from AI or machine learning,” Kovačević explained, “but it’s also an exciting topic because it involves the intersection between two important fields, and often, that’s where the most compelling discoveries take place.”
Organized and moderated by Joel Caminer, the Director of Cybersecurity Education, the event included remarks by SVP and CISO of AIG Rich Baich and featured a panel discussion featuring:
- Sara Hall, Deputy CISO and Head of Security Operations & Engineering at MassMutual
- Damon McCoy, NYU Tandon Associate Professor of Computer Science and Engineering
- Chenxi Wang, Founder and General Partner of Rain Capital
- James M. Routh, Board Member, Advisor & Investor, Former CSO, CISO
Routh — who has overseen cybersecurity at such major companies as MassMutual, CVS Health, Aetna and whose laurels include induction into the CSO Hall of Fame, the ISE Luminary Award, and multiple Information Security Executive of the Year Awards — also gave the keynote presentation.
Among the major takeaways of the day:
- While still unconventional, model-driven cybersecurity can be a game-changer
- Data scientists can be given a foundation in cybersecurity, and, similarly, cybersecurity professionals can be taught the fundamentals of data science
- Model-driven security and real-time data streaming can be used to match data attributes to known patterns, resulting in deviation scores with thresholds that trigger automated actions in front-line cyber controls in milliseconds
- While the usual approach to granting access to a system involves defining the privileged user and forcing them to ask for a password, which then expires, a data science approach will capture baseline behavioral patterns for every user and set thresholds to either trigger a verification process or revoke privilege
- A caveat: many developers of cybersecurity solutions talk about leveraging data science, but don’t actually do it effectively
- As Damon McCoy pointed out, care must be taken when deciding what models to trust, since human bias is sometimes at play when developing the models
Caminer closed the event by asserting that data science can be a fundamental tool in a robust, mature cybersecurity program and that every cyber professional should be educated about its uses.