SAS Fortifies Cybersecurity Solution with ‘White Box’ AI
SAS Cybersecurity Helps Eradicate Data Silos and Drives Efficiency to Stretch Limited Security Resources
Last year’s ceaseless data breaches involving once-trusted brands underscore the urgent need for organizations to reassess and reinforce their information security. SAS Cybersecurity is a security analytics solution that illuminates network and device behavior and strengthens defenses beyond existing technologies.
“With worldwide cybersecurity spending projected to exceed $114 billion last year, the data breach epidemic clearly isn’t the result of industry apathy or inaction,” said Stu Bradley, Vice President of Fraud and Security Intelligence at SAS. “In fact, the average enterprise uses 75 different security products to safeguard its networks. The irony is that this patchwork of diverse systems meant to protect actually causes vulnerability.”
Disparate, siloed security solutions give a fragmented picture of risk and create visibility gaps that increase the likelihood of undetected security events. SAS Cybersecurity combines data from these disjointed systems and unifies data and analytics capabilities into a single, AI- and machine learning-enhanced hub.
The software’s industry-tested analytic algorithms and transparent, white box architecture deliver intuitive capabilities to create and deploy AI models (including open source) tuned to specific environments. The result is accurate insights that surface security risks and help prioritize remediation.
“The security industry has viewed analytics as merely a math problem, largely disregarding the complex analytics ecosystem created when cybersecurity teams deploy point security products to add analytics capabilities to boost effectiveness,” said Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group. “Organizations need more than just threat detection algorithms. They need a security analytics architecture, an end-to-end suite of security analytics capabilities with governed and managed processes to optimally defend their networks. SAS has the analytic prowess to deliver where point tools have fallen short, because SAS is truly a data analytics leader focusing its expertise on cybersecurity.”
Flexible, open security analytics
SAS Cybersecurity integrates into existing security architectures, helping organizations centralize and accelerate analytically driven security event detection and investigation. Continuous analysis of inbound, outbound and internal network activity on all devices and entities helps security personnel detect and prevent unauthorized access and malicious attacks.
The SAS solution contains out-of-the-box data descriptions for common data sources (e.g., NetFlow, authentication, web proxy, DNS, DHCP, endpoint protection data and more) and also allows user-defined formats for custom or rare data formats. Further, the open architecture enables custom model development with Jupyter Notebook and Python-based analytics.
Greater efficiency, deeper insights
Even the best-prepared organizations face myriad pitfalls as their security teams toil to protect ever-expanding networks against ever-evolving threats:
- Data quality issues – Often overlooked, data management is foundational to any sustainable analytic program. Data preparation accounts for about 80 percent of security professionals’ time, leaving only 20 percent for critical investigative work. A lack of alert context further hinders incident detection and response.
- The cybersecurity talent gap – With a global shortage nearing 3 million workers (roughly 500,000 in North America alone), qualified security professionals are hard to find.
- Missed security alerts – Overburdened and under-resourced, 42 percent of security pros say their organizations ignore a significant number of security alerts because they can’t keep up with the volume.
Organizations can overcome these challenges by improving the efficiency of their existing resources. SAS Cybersecurity helps them do just that by:
- Consolidating data and the time and resources required to prepare and manage it.
- Dramatically reducing false positives to slash the overall volume of alerts.
- Providing context and guidance for security investigations.
- Augmenting human efforts through machine learning and AI.
- Delivering an intuitive user experience to manage analytics.
Today’s announcement came at the RSA Conference in San Francisco, the world’s leading forum for enterprise and technical information security professionals. Attendees can preview SAS Cybersecurity at North Expo Booth 5452. In addition, Scott Mongeau, Principal Cybersecurity Solutions Manager at SAS, will present There’s No Intelligence in AI Without Security Data Management on Wednesday, March 6, at 11:10 a.m. in the South Expo Briefing Center.