ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
0 likes•236 views
The document discusses the evolving landscape of identity and access management (IAM), emphasizing the need for organizations to transition from traditional systems to next-generation, commercially viable solutions that enhance scalability, auditability, and risk management. It highlights the importance of addressing identity risks, particularly with the rise of machine identities and the increased attack surface due to remote working and cloud environments. Myvayda is presented as a solution integrating machine learning to optimize risk analysis and identity management processes, improving organizational efficiency and compliance.
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
- 1. MyVayda™ & An Identity Risk and Cost Optimization Platform Copyright ©2021 ForenSec, Inc. | Privileged and Confidential. All rightsreserved.
- 2. Copyright ©2020 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. Today’s Identity owners are assessing the following IAM Investments Shifting Legacy or home grown IAM to a next gen “OTB” commercial model Effectiveness of controls and auditability within mature IAM deployments With Next Gen IAM, companies are assessing The ease of audit and near real time risk-based analysis System scalability to manage access needs for a growing volume of access points and devices Leveraging these systems to better provide insights for first line of defense systems within security When the wall protecting data -Vanishes Employees access data, on any “thing” and this data moves between traditional, hybrid and cloud environments § The function of Identity has been evolving from defense and control to enablement Mobility |Cloud |Social Networks Image: Global Identity and Access Management (IAM) Market
- 3. Copyright ©2021 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. Link to Identity Every business transaction, attack surface or target involves a credential and a service or piece of data. These identities are targets… Individuals Shared Accounts End Users and Privileged Accounts Largest target of phishing attempts due to account sprawl and reuse of passwords. While relatively low in number because focus on their lack of accountability, these accounts still do exist and require additional scrutiny. Machine Identities An often overlooked identity and becoming increasingly prevalent with IOT. Big focus on digital keys and certificates. Service Accounts Default accounts allowing for standard transactions. ~50% of accounts. APIs fall into this category as they use service accounts. Fun facts …. 20% have never changed the default password and 73% fail to audit, remove, or modify default accounts in prod.
- 4. Copyright ©2021 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. Yet we continue to spend like the model still works. More and more, we see departments and users operating and storing data outside the wall. Attack Surfaces are Changing
- 5. Copyright ©2020 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. Network 61% Endpoint 19% Web 12% Email 8% Security Spend Source: Gartner Information Security (2019 forecast) Source: 2019 Verizon Data Breach Investigation Report 93% of breaches are targeting people… 94% of those via e-mail Threat Vectors are Changing Are we targeting the right thing? Requires an identity-centric approach to threat management. And while we continue to spend like this …. …. attacks are targeted here.
- 6. Copyright ©2020 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. Risk, Compliance and Governance are Changing Reporting, Analysis and Remediation done in silos…. …. Need to become more unified and share common table talk sessions especially with leadership and the board of director Move from a checklist to understanding business risk and operational impact. Understand how audit, regulations and privacy requirements tie to legal and operations Identities and system personas are key gateways for attackers to hobble an enterprise Have a single source or unified agnostic system that can interact and glean insights from disparate systems
- 7. Copyright ©2020 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. Identity Optimization with Next Gen Tech Standardization of Ecosystem Allows to evolve with industry standards & regulatory requirements at the same time it should be cost effective Consolidation of legacy applications(end- of-life) performing similar IAM Functions will promote reuse of IAM functions Adopting to strategic cloud capability of IAM function Adopting to market leading IAM function and capabilities –Identity as a service(IDaaS) Productive Provisioning Automation in Provisioning and De-Provisioning Reduce the risk by reducing manual process and decreasing number of elevated rights of security admin teams Automated provisioning and de- provisioning speed the enforcement of strong security policies while helping to eliminate human error End to End Reconciliation Effective audit reporting Reduce SOX Deficiencies and Audit Findings Mapping to Privacy and Risk Management One Stop Platform Improved User Experience by Implementing single point of collection and fulfilment for access administration & Identity Portal
- 8. Copyright ©2021 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. Analytics + ML with a Single Pane of Glass Detective Controls Apply an identity-specific approach to incident prioritization, analysis, response and remediation Observe the interactions between entities. Based on the behavioral interactions between identities and accessed resources or assets, dynamically determine each identity’s level of privilege. Entities with similar access patterns are grouped as peers. Often performed leveraging artificial intelligence and machine learning models. Determine abnormalities of interactions between privileged identities. Compare a given access request to the access history to determine similarity with prior access. Focus on the differences that have security implications and consequences. Assign aggregated risk score to those identities based on action and context to drive prioritization. Pivoting to usage patterns + behaviors + integrated systems and not just static access. Static Access can be compromised… Maps to IT Audit & Regulatory Compliance Requirements
- 9. ü How can I identity the most critical areas to spend on cyber technologies? ü How does our cyber exposure impact the business? ü What do you spend on cyber & risk management? ü What is the ROI on cyber & technology spend? ü What Next-Gen technology investment results in maximum risk optimization? ü Can we quantify the business impact of our cyber threat and risk exposure, across silos? ü What prioritizes risk buydown? MyVayda™ Risk Impact + TCO Modules CFO ü Does Cyber Insurance address our risk profile? ü Does your technology architecture pose challenges that increase costs? MyVayda™ - Connecting the Questions you face … … with the Insights you need Copyright ©2021 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. MyVayda Business Enablers
- 10. Leveraging BigML Machine Learning Copyright ©2021 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. How MyVayda™ Works MyVayda’s works across Platforms and is Tool Agnostic. Custom connectors pulls or pushes feeds from endpoint solutions. RADIATE couple with BigML’s Machine Learning Algorithms assesses, categorizes, structures and aligns raw data for analysis and alignment to regulatory requirements. MyVayda provides management capabilities for Identity Behavior and Pattern Analysis, calculates compound risk analysis across infrastructure technologies and also assesses risk impact and remediation costs. Focused on: -Compound Risk Management, leveraging Identity Analytics. -Identity Fraud & -Cost Optimization. Identity Behavior & Pattern Analysis (IBPA)
- 11. MyVayda System Modules Copyright ©2021 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. Increased operational efficiencies Contextualized decision making for access authorizations Identification / Containment of threat User Actions (Continuous Profiling and Alerting) Risk Awareness (Integrated Security & Business teams) User Access (Continuous Control and Remdiation) Compound Risk Calculations Behavioral Analytics driven Indicators of Compromise Dynamic Discovery of associations between user authorizations Identity & Authentication Systems Business Application Audit Events Gateway Device Events Continuous compliance & Improved productivity Quantification & Prioritization of cyber risks Measuring & Improving Cybersecurity ROI Assets & Vulnerability Systems Clustered Analysis of roles, entitlements & attributes Simulated estimates of cyber risk value Anomaly Detection of outliers in usser actions System Sources MyVayda Modularized Features Outcomes Identity Trust Security & Analytics Risk Meter & TCO
- 12. MyVayda System Modules Copyright ©2021 ForenSec, Inc. | Privileged and Confidential. All rightsreserved. Identity Trust User Access Cost User Actions Risk Aware Access Risk Indicators to enable Intelligent Access Assignments Security & Analytics Visibility into Threat Vectors in a Hybrid ecosystem Baseline of potential cyber loss for identified indicators of exposure Risk Meter TCO Estimate of business value at risks based on expected regulatory fines Clustered Analysis of roles, entitlements & attributes Behavioral Analytics driven Indicators of Compromise Compounded risk calculations Simulated estimates of cyber risk value
- 13. Value Add from MyVayda Presents a Unified Operating View around Risk Management for People, Processes and Technologies –leveraging implemented technologies Leverages ML and proprietary analytics to provide centralized reporting and actionable insights for executive stakeholders § Optimizes reporting for Cybersecurity and Risk Management remediation. § Enable and Arm ERM leaders with impactful risk reporting, for executive strategic decisions around budgeting, transformation and daily operations § Reduces staffing requirements and costs, both in headcount and skills and map skills training based on analytics on system usage § Reduces cost of Audit Remediation § Increase focus on standardizing operations and error reduction with around tools, platforms, systems and people skills VALUE CAPABILITIES An organizational focus on identity, technology and cost optimization, and compound risk …. … to accelerate valuable insight and impactful decisions. Copyright ©2021 ForenSec, Inc. | Privileged and Confidential. All rightsreserved.