finding emerging cyber threats in real time
TRANSCRIPT
FICO® Cybersecurity Solution
© 2015 Fair Isaac Corporation. All rights reserved. 2
Finding Emerging Cyber Threats in Real Time
You are the frontline of defense Your business partners are counting on you to ensure information security and network integrity and deliver on several security imperatives. Among them: anticipating and resolving business risks, securing intellectual property, safeguarding the flow of digital information and protecting your company’s reputation.
Is your team ready to fight the most sophisticated and complex cyber threats?
© 2015 Fair Isaac Corporation. All rights reserved. 3
Finding Emerging Cyber Threats in Real Time
You are under attack as you read this
Yet many attacks will stay under the radar of most businesses for weeks or even months.By the time most new cyber threats are discovered, they have already damaged your network, your business and, potentially, your customers.
100%
75%
50%
25%
2004 2006 2008 2010 2012 2014 Companies’ time to discovery
Attackers’ time to compromise
Cyber criminals are more aggressive and inflicting more damage faster. A recent report* found that nearly 100% of cyber attacks now inflict damage within days – some within just hours. That represents a 20% increase from 2004. Yet discovery of breaches within the same time frame is holding constant at less than 25%, so the gap between compromise and discovery is actually getting wider. The right cybersecurity solution should close that gap and keep it closed.
* Source: Verizon 2015 Data Breach Investigations Report
The gap between cyber attacks and discovery is growing
55% 61% 67% 62% 67% 89% 62% 77% 45%55%67%
% W
HER
E DA
YS O
R LE
SS
Finding Emerging Cyber Threats in Real Time
© 2015 Fair Isaac Corporation. All rights reserved. 4
A lot is on the line when it comes to cybersecurity
A retailer’s market cap plummeted nearly US$5 billion after a cybersecurity breach. Can your business afford that? The hard truth is that the damage from a cybersecurity breach extends far beyond the initial hit to your stock price. Breaches impose significant financial and reputational costs in the short-term, and over a longer horizon.
Midterm
Expensive system upgrades
Increasing supplier and vendor skepticism
Long term
Reduced employee productivity, morale
and retention
Erosion of brand equity
Short term
Costs of investigation and litigation, lost customers
and sales
“Defensive” advertising and PR campaigns
© 2015 Fair Isaac Corporation. All rights reserved. 5
Finding Emerging Cyber Threats in Real Time
Transform cybersecurity now –
or risk everything
To detect unknown threat patterns and emerging risks, your cybersecurity system must evolve.Today, an effective cybersecurity solution incorporates:
Real-time analysis to recognize cyber crime while it is happening – not months after the fact
Scoring and prioritizing functions, so that your resources can be deployed against the worst attacks
An analytic infrastructure that constantly learns then adjusts automatically to identify and counter new attack vectors
Finding Emerging Cyber Threats in Real Time
© 2015 Fair Isaac Corporation. All rights reserved. 6
Apply analytics to cybersecurity
Data scientists at FICO use unique algorithms to identify breaches and data loss, in real time.Drawing on decades of experience in fraud detection, security and compliance, FICO created the FICO® Cybersecurity Solution. It allows teams to identify threats and fight cyber crime with:
• Real-time, predictive, streaming analytics
• Machine-learned, multilayered self-calibration
• Threat scoring and threat review workflows for prioritizing responses
• A proven, effective consortium model
© 2015 Fair Isaac Corporation. All rights reserved. 7
Finding Emerging Cyber Threats in Real Time
The FICO® Cybersecurity Solution
fills a critical gap in your
security strategy
FICO’s proprietary, rigorous testing in financial services firms informed its uniquely robust cybersecurity solution.Differentiating dimensions of the FICO Cybersecurity Solution include:
• Transaction profiling
• Self-calibrating outlier analytics
• Global profiles
• Consortium analytics
0
00
0
0 0
0
0
0
0
0
0
SCORES + REASON CODES + ALERTS
SCORES + REASON
CODES
CYBER CON
SORTIUM
01
1
1
1
1
1 11
1
1
1
11
1
1
1
11
1
CYBE
R CO
NSO
RTIU
M
INVE
STIG
ATIV
E CA
SES
01010
ALERTMANAGEMENT
INTERFACE
SELF-LEARNINGANALYTICS
DECISIONENGINE
TRANSACTIONPROFILES
SELF-CALIBRATINGMODELS
FICO®
CYBERSECURITYSOLUTION
© 2015 Fair Isaac Corporation. All rights reserved. 8
Self-calibrating outlier analytics detect emerging threats in real time
Actionable scoring and threat review
FICO’s threat scoring and threat review workflows help accelerate your response. Updates to archetypes, belief propagation and clique analysis combine to help you categorize, prioritize and address the gravest threats quickly.
Detection capabilities that adapt on the fly
• Automated, self-calibrating models generate a dynamic perspective on network activity.
• Another benefit: Self-calibrating models do not require constant revision as policies or rules change.
Streaming analytics distinguish malicious anomalies
• Current industry solutions use historical signature models that, by definition, are out of date.
• FICO’s self-calibrating outlier analytics identify emerging threat vectors, in real time.
Finding Emerging Cyber Threats in Real Time
© 2015 Fair Isaac Corporation. All rights reserved. 9
Finding Emerging Cyber Threats in Real Time
Input node Hidden node Output node
Weights tuning
Multiple layers of self-calibration enhance security• Each hidden node is a separate self-calibrating model
• Factor analysis is used to minimize correlation of features in nodes
• Output weighting of hidden nodes can be tuned to improve performance or study effectiveness
Multilayer self-calibrating
score
DNS Requestor IP
Flow Resolved IP
DHCP Domain Name
Other
Web Log Requestor IP + Domain Name
Review threshold
Case review
Self-Calibration In the FICO® Cybersecurity Solution
© 2015 Fair Isaac Corporation. All rights reserved. 10
Finding Emerging Cyber Threats in Real Time
FICO’s cyber consortium
deepens your cyber insight
Unlike other solutions, the FICO® Cybersecurity Solution seamlessly combines threat information from other organizations.Sharing and synthesizing information about rare pattern exemplars, new threat archetypes and global network topologies closes critical gaps in each consortium member’s knowledge.
First deployed successfully to protect payments organizations, the FICO consortium approach strengthens companies’ cybersecurity defenses continually.
NORTH AMERICA +1 888 342 6336 [email protected]
FOR MORE INFORMATION www.fico.com www.fico.com/en/blogs
LATIN AMERICA & CARIBBEAN +55 11 5189 8267 [email protected]
ASIA PACIFIC +65 6422 7700 [email protected]
Finding Emerging Cyber Threats in Real Time
FICO is a trademark or registered trademark of Fair Isaac Corporation in the United States and in other countries. Other product and company names herein may be trademarks of their respective owners. © 2015 Fair Isaac Corporation. All rights reserved. 4118BK_EN 06/15 PDF
EUROPE, MIDDLE EAST & AFRICA +44 (0) 207 940 8718 [email protected]
We are in this fight together Your business partners, suppliers and customers trust you to keep them secure. The FICO® Cybersecurity Solution uses innovative, predictive analytics to help you detect new threats and remove them before they can do damage.
The FICO Cybersecurity Solution fills a critical security gap. It safeguards and protects your precious business assets: your reputation, intellectual property, and sensitive customer and financial information. We help you stay secure, today and tomorrow.
Learn more
Download: View:
Hot Topics in Cybersecurity Q&A Cybersecurity video