Data Loss Prevention (DLP) , Governance & Risk Management , Incident & Breach Response

Machine Learning Threat Protection

Damballa's Newman on How to Put Data Analytics to Work
Machine Learning Threat Protection

When it comes to advanced threat protection, security leaders increasingly turn to new machine learning solutions. Stephen Newman of Damballa discusses key skills and strategies necessary for success.

His first bit of advice: Understand exactly what machine learning is and how it works best in an enterprise security environment.

"In my experience, most [security leaders] really don't understand machine learning, beyond the general concept that a computer predicts some outcome based on data," says Newman, VP of products at Damballa.

The best analogy is to compare machine learning to the human brain. "Software-based machine learning attempts to emulate the way the brain works in processing data," he says. "In software-based [machine learning], we gather data. In the brain ... we gather information around our surroundings."

In the context of advanced threat protection, solutions are developed with certain classifiers, Newman says. "Those classifiers consider a lot of different features that describe the behavior of any device in an enterprise network and its communications from that device, over time, to determine if that device is compromises."

But Machine Learning Systems alone are not sufficient, Newman says. They require data scientists and subject matter experts to maximize the value of the analytics.

In an interview about using machine learning for advanced threat protection, Newman discusses:

  • How to make machine learning most efficient;
  • The critical role of data scientists;
  • Practical ways to improve threat protection.

Newman brings over 17 years of product management leadership to Damballa. He has designed products and product strategies for leading, innovative technologies throughout his career. Since joining Damballa in 2009, his team has successfully built upon the company's 16 patented/patent-pending innovations to create advanced threat detection solutions that harness big data science. Specific contributions include the creation of contextual-based detection engines; the Case Analyzer, an intelligence platform that makes automatic decisions about the status of infected devices; and Risk Profilers, which prioritize compromised assets so incident responders can take immediate action on incidents. Prior to joining Damballa, Stephen developed a range of security products for companies like EarthLink, MegaPath, Secure Computing and McAfee.


About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 37 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.