"Context-aware security is about making your systems smarter," Litan says in an interview with Information Security Media Group at the Fraud Summit Chicago, where she was a featured speaker. "Right now, there's not a lot of situational awareness in our security systems, so they're pretty linear. We can't tell a good action from a bad action, in many cases, because we lack that situational awareness."
Litan notes that if a staff member is accessing credit card data, and that's a routine part of their job, the activity may not be seen as a cause for concern. "But if we've seen that the person has accessed the credit card data 2,000 miles away from their desk and they're doing this at 3 in the morning, then that would look unusual and that would raise a red flag."
The use of context-aware security is not yet common, Litan says, because most security vendors have just begun building into their systems a few of the many necessary capabilities, starting with device ID and location.
In the interview, Litan describes:
- The role of data analytics in this new approach to security;
- How multiple layers of intelligent security can help pinpoint the most relevant alerts that systems generate;
- How context-aware security might have helped to detect the Target breach and Edward Snowden's activities at the National Security Agency;
- Why continuous profiling of users, accounts and devices is essential to fraud detection. "The only thing that's going to work in fraud detection and security is continuous profiling of your users, your accounts and your devices and looking to see if new activity ... correlates with what you expect," she says.
Litan, a vice president at Gartner Research, is a recognized authority on financial fraud. She has more than 30 years of experience in the IT industry. Her areas of expertise include financial fraud; authentication; access management; identity proofing; identity theft; fraud detection and prevention applications; and other areas of information security and risk. She also covers security issues related to payment systems and PCI compliance.