Free the CISO, a podcast series that attempts to free CISOs from their shackles so they can focus on securing their organization, is produced by CIO.com in partnership with DataBee®, from Comcast Technology Solutions.
In each episode, Robin Das, Executive Director at Comcast under the DataBee team, explores the CISO’s role through the position’s relationship with other security stakeholders, from regulators and the Board of Directors to internal personnel and outside vendors.
Swipe Right on Security Insights: Finding the Perfect Match
Are you overwhelmed by the vast amounts of security data generated today? Managing all that data can often lead to significant trade-offs and frustration. Recently, DataBee hosted a webinar titled "Swipe Right on Security Insights: Finding the Perfect Match," moderated by Nicole Bucala, CEO, DataBee® by Comcast and featuring speakers: Noopur Davis, Executive Vice President, Chief Information Security and Product Privacy Officer, Comcast and DataBee co-founder and Edna Conway, CEO and Founder, EMC Advisors, LLC
This webinar delved into the evolving landscape of security data management, highlighting the challenges and innovations that have shaped the industry. Here’s a summary of the key points discussed:
The Turning Point in Security Data Management
The COVID-19 pandemic marked a significant turning point for security data management. With a sudden shift to remote work, the need for real-time data access became critical. This period saw an exponential increase in the use of digital platforms, which in turn amplified the need for effective security data management.
Edna Conway noted, "We had the technological capability to allow remote work, but we didn't have the percentage of the workforce literally doing it. All of a sudden, the need to access data in real-time in a meaningful way was turned on at a rate of speed and need that we hadn't seen previously."
At the same time, the security industry saw a proliferation of specialized tools and systems. Edna explained, "We [Security] created SIEMs and SOARs and threat intelligence that came in and ... we created a massive proliferation at a time when there was an exponential uptick in the utilization of digital platforms as the means by which we worked, lived, played, and learned."
The Emerging Technology of Data Fabric/DataBee
The driving force behind the data fabric journey was necessity. With a fixed budget and an ever-growing list of tasks, the need for efficient solutions became paramount. Traditionally, cyber teams focused on buying and deploying tools, often leading to duplication and inefficiency.
Noopur Davis highlighted, "We ended up buying yet another tool that duplicates 80% of what my other hundred tools are doing and maybe gives me 20% more, and then I have to spend forever maintaining it and keeping it up."
The concept of a data fabric was born out of this necessity, and DataBee became a solution to the fragmented approach in security data management. DataBee integrates data from various sources, normalizes it, and places it back into a customer’s data lake, making it readily available for use. This integration allows for a comprehensive view of security data, enabling organizations to pose queries and get real-time insights.
Noopur Davis shared, "And that is what [DataBee] has enabled us to do. Today, we're at a point where we have data from close to a hundred sources, not just cybersecurity, but other contextualizing information. It is all correlated, normalized, and ready for use."
The Value of DataBee
DataBee makes it easier for enterprise security teams to manage and analyze large volumes of data. It supports various security functions, including threat hunting, vulnerability management, and compliance monitoring. The ability to trace data lineage and provide evidence for audits and regulatory requirements is a significant advantage of using a data fabric like DataBee.
Edna Conway emphasized, "Because of the sheer volume of data that security needs combined with the volume of data with those full regulatory and audit requirements, it was very, very expensive to do in non-traditional SIEMs and so on."
While cybersecurity tools offer numerous benefits, they also come with growing costs and limitations due to the increasing volume of data. The need for cost-effective solutions, such as cheap storage and compute, is critical to managing these costs. Openness and accessibility of data are also crucial factors for the effective use of data.
Noopur Davis stated, "We had to come up with cheap storage, cheap compute, and openness. While some cybersecurity tools need to be used, they can also be restricted. You don't want everybody in the company going to your SIEM, so cheap compute, cheap storage, and openness are essential so that you can confidently open up the data to all those vertical functions across the enterprise."
The Use of Data for Compliance
Nicole Bucala noted compliance is a major driver for the adoption of a data fabric enabled by DataBee. The ability to provide evidence of compliance in near real-time is crucial for meeting regulatory requirements. By using a data fabric, DataBee can change the way compliance is managed. Organizations now have a way to know their actual state in almost real-time, with data coming from trusted sources that the audit team agrees to.
Noopur Davis explained, "There's no constant passing of spreadsheets that are out of date the minute you open them. We just don't have those arguments anymore. It's really changed the way we do compliance."
The Relationship Between AI and Data
The integration of AI with data management is another key topic discussed in the webinar. AI can help automate routine security tasks, such as asset ownership verification and anomaly detection, thereby improving operational efficiency. The importance of data integrity and accuracy in training AI models is also emphasized.
Noopur Davis provided an example of a very common issue in security: asset ownership. She explained, "A cyber program is as good as knowing where the assets are and who owns the assets, so when you find an issue with the asset, you can reach out to the owner. You can have a security operations center spend hours on an issue, thinking it belongs to a certain asset. We see it on this asset, can't find the owner in the CMDB. We think this is the owner because we can run a model to tell us who the likely owner is, but now I have to reach out to that person to confirm."
This kind of conversation, which can take a security operations center and analyst significant time, can now be automated with Gen AI. The AI reaches out to the person, presents them with all the information, and asks the simple question, "Based on this, are you the owner?" They can just say yes or no. This is just one example of how Gen AI is really helping with the operational side of security. This specific area of promise has been implemented by DataBee through Beekeeper AI, which is used internally to simplify rote security tasks.
Edna Conway commented on her work with the US government to build data integrity and accuracy through the life cycle of a large language model. She explained, "Think ingestion, analysis, and output. At no point should anybody think that this will not involve a human, but what it does involve is something that Noopur hit on, which is the place where integrated data that has been vetted can be accessed, evaluated, utilized, and if necessary, corrected. For me, I think data lies at the bottom of ensuring we can actually capitalize on the power of large language models. We're not quite there yet, more to come."
The Clear Case for DataBee
The evolving landscape of security data management presents both challenges and opportunities. The industry must continue to innovate and collaborate to stay ahead of emerging threats. The integration of data fabrics like DataBee and data lakes, combined with the power of AI, offers a promising path forward for managing the growing complexity of security data. The focus should be on creating solutions that are not only effective but also cost-efficient and scalable.
To watch the full webinar on-demand, click here.
Swipe Right on Security Insights: Finding the Perfect Match
Are you overwhelmed by the vast amounts of security data generated today? Managing all that data can often lead to significant trade-offs and frustration. Recently, DataBee hosted a webinar titled "Swipe Right on Security Insights: Finding the Perfect Match," moderated by Nicole Bucala, CEO, DataBee® by Comcast and featuring speakers: Noopur Davis, Executive Vice President, Chief Information Security and Product Privacy Officer, Comcast and DataBee co-founder and Edna Conway, CEO and Founder, EMC Advisors, LLC
This webinar delved into the evolving landscape of security data management, highlighting the challenges and innovations that have shaped the industry. Here’s a summary of the key points discussed:
The Turning Point in Security Data Management
The COVID-19 pandemic marked a significant turning point for security data management. With a sudden shift to remote work, the need for real-time data access became critical. This period saw an exponential increase in the use of digital platforms, which in turn amplified the need for effective security data management.
Edna Conway noted, "We had the technological capability to allow remote work, but we didn't have the percentage of the workforce literally doing it. All of a sudden, the need to access data in real-time in a meaningful way was turned on at a rate of speed and need that we hadn't seen previously."
At the same time, the security industry saw a proliferation of specialized tools and systems. Edna explained, "We [Security] created SIEMs and SOARs and threat intelligence that came in and ... we created a massive proliferation at a time when there was an exponential uptick in the utilization of digital platforms as the means by which we worked, lived, played, and learned."
The Emerging Technology of Data Fabric/DataBee
The driving force behind the data fabric journey was necessity. With a fixed budget and an ever-growing list of tasks, the need for efficient solutions became paramount. Traditionally, cyber teams focused on buying and deploying tools, often leading to duplication and inefficiency.
Noopur Davis highlighted, "We ended up buying yet another tool that duplicates 80% of what my other hundred tools are doing and maybe gives me 20% more, and then I have to spend forever maintaining it and keeping it up."
The concept of a data fabric was born out of this necessity, and DataBee became a solution to the fragmented approach in security data management. DataBee integrates data from various sources, normalizes it, and places it back into a customer’s data lake, making it readily available for use. This integration allows for a comprehensive view of security data, enabling organizations to pose queries and get real-time insights.
Noopur Davis shared, "And that is what [DataBee] has enabled us to do. Today, we're at a point where we have data from close to a hundred sources, not just cybersecurity, but other contextualizing information. It is all correlated, normalized, and ready for use."
The Value of DataBee
DataBee makes it easier for enterprise security teams to manage and analyze large volumes of data. It supports various security functions, including threat hunting, vulnerability management, and compliance monitoring. The ability to trace data lineage and provide evidence for audits and regulatory requirements is a significant advantage of using a data fabric like DataBee.
Edna Conway emphasized, "Because of the sheer volume of data that security needs combined with the volume of data with those full regulatory and audit requirements, it was very, very expensive to do in non-traditional SIEMs and so on."
While cybersecurity tools offer numerous benefits, they also come with growing costs and limitations due to the increasing volume of data. The need for cost-effective solutions, such as cheap storage and compute, is critical to managing these costs. Openness and accessibility of data are also crucial factors for the effective use of data.
Noopur Davis stated, "We had to come up with cheap storage, cheap compute, and openness. While some cybersecurity tools need to be used, they can also be restricted. You don't want everybody in the company going to your SIEM, so cheap compute, cheap storage, and openness are essential so that you can confidently open up the data to all those vertical functions across the enterprise."
The Use of Data for Compliance
Nicole Bucala noted compliance is a major driver for the adoption of a data fabric enabled by DataBee. The ability to provide evidence of compliance in near real-time is crucial for meeting regulatory requirements. By using a data fabric, DataBee can change the way compliance is managed. Organizations now have a way to know their actual state in almost real-time, with data coming from trusted sources that the audit team agrees to.
Noopur Davis explained, "There's no constant passing of spreadsheets that are out of date the minute you open them. We just don't have those arguments anymore. It's really changed the way we do compliance."
The Relationship Between AI and Data
The integration of AI with data management is another key topic discussed in the webinar. AI can help automate routine security tasks, such as asset ownership verification and anomaly detection, thereby improving operational efficiency. The importance of data integrity and accuracy in training AI models is also emphasized.
Noopur Davis provided an example of a very common issue in security: asset ownership. She explained, "A cyber program is as good as knowing where the assets are and who owns the assets, so when you find an issue with the asset, you can reach out to the owner. You can have a security operations center spend hours on an issue, thinking it belongs to a certain asset. We see it on this asset, can't find the owner in the CMDB. We think this is the owner because we can run a model to tell us who the likely owner is, but now I have to reach out to that person to confirm."
This kind of conversation, which can take a security operations center and analyst significant time, can now be automated with Gen AI. The AI reaches out to the person, presents them with all the information, and asks the simple question, "Based on this, are you the owner?" They can just say yes or no. This is just one example of how Gen AI is really helping with the operational side of security. This specific area of promise has been implemented by DataBee through Beekeeper AI, which is used internally to simplify rote security tasks.
Edna Conway commented on her work with the US government to build data integrity and accuracy through the life cycle of a large language model. She explained, "Think ingestion, analysis, and output. At no point should anybody think that this will not involve a human, but what it does involve is something that Noopur hit on, which is the place where integrated data that has been vetted can be accessed, evaluated, utilized, and if necessary, corrected. For me, I think data lies at the bottom of ensuring we can actually capitalize on the power of large language models. We're not quite there yet, more to come."
The Clear Case for DataBee
The evolving landscape of security data management presents both challenges and opportunities. The industry must continue to innovate and collaborate to stay ahead of emerging threats. The integration of data fabrics like DataBee and data lakes, combined with the power of AI, offers a promising path forward for managing the growing complexity of security data. The focus should be on creating solutions that are not only effective but also cost-efficient and scalable.
To watch the full webinar on-demand, click here.
Discover what DataBee can do for you
Heading