GRC Tuesdays: How Machine Learning Helps to Improve Security Part 1
As our businesses become more digital in all dimensions, high-profile information security breaches are making the news headlines with increasing frequency. The recently-announced card hacking activity at online travel service Orbitz is just one of the latest examples. On March 20, 2018 Orbitz announced a security breach that exposed information derived from at least 880,000 customer payment cards. The breach took place between October and December of 2017, involving customer transaction records dating from 2016 and 2017. Although data captured on Orbitz.com was not affected, the company advised customers using Orbitz travel services within the past two years to check their credit and debit card billing statements from this period and to contact their banks if fraudulent charges were identified.
Along with at-risk organizations around the world, SAP customers are increasing their investments in cybersecurity protection. According to Gartner, worldwide cybersecurity spending will climb to $96 billion in 2018. Unfortunately, some of this spending is not aligned with actual security threats and their known sources. Surveys continue to show that solutions such as network anti-virus, malware detection, and website firewalls continue to receive most investment, although misuse and abuse of user credentials is the most common source of data breaches.
The reasons for persistent misalignment of security breach causes and remediation solutions are not well documented. One of the reasons may be the proliferation of specific security tools in IT departments over a fair number of years. The fact remains that human (mis)behavior confounds, supersedes, or works around many of the go-to security technology ‘fixes.’
With regard to this gap, a number of interesting findings were revealed in a recently-released Dow Jones Customer Intelligence study (learn more in “CEO Disconnect on Cybersecurity Increases Risk of Breaches”). Among other revelations, this study found that:
- 66% of companies surveyed have, on average, been breached five or more times
- 55% of responding CEOs admit that their organizations have experienced at least one breach, while 79% of CTOs acknowledge breaches have occurred. One in four CEOs (24%) were not aware whether their companies have had even a single security breach.
- 62% of CEOs surveyed inaccurately identified malware as the primary threat to cybersecurity integrity
- 68% of responding executives whose companies experienced ‘significant’ breaches now believe that these incidents could have been prevented by more mature identity and access management strategies
One of the most valuable findings from this study was that CEOs can reduce the risk of a security breach by improving their identity and access management capabilities. Nevertheless, 62% of the responding CEOs said they believe that ‘multi-factor authentication’ is difficult to manage. Thus, a related primary concern of these CEOs is how to avoid delivering poor user experiences with an increase in user security controls.
In the context of this general misunderstanding, machine learning approaches can help strengthen the foundation of authentication and screening techniques to improve security effectiveness without complicating user experiences.
Machine Learning’s Role in Preventing Major Security Issues
Machine learning tools can help to resolve an ongoing dilemma faced by many organization. The problem is, we spend millions of dollars each year to strengthen information security yet experience major breaches that threaten our stability and ability to grow. Thus, we continue to look for better answers.
It turns out that there are many ways machine learning can be used to help improve enterprise security. With identity authentication and password authorization being primary points of attack, there are several ways machine learning can be leveraged to help minimize data breach incidents.
In Part II of this series, we’ll examine some key examples of machine learning applied to user access authorizations that improve information security. In addition, we’ll highlight some related areas in which SAP is embedding machine learning security capabilities today.
Join Us at Upcoming Events
The SAP GRC team will be exhibiting at several events related to cybersecurity this year. We hope you’ll join us there.
- ISACA GRC Conference – August 13-15 Nashville, Tennessee, USA
- SAPinsider Cybersecurity for SAP Customers – June 27-29 Prague