In Part 1 of this series, we reviewed the continued disconnect between corporate IT security spending and the cause of most security incidents. Most breaches are known to be caused by the misuse or takeover of user-access authorizations. In this blog, we suggest some machine-learning-based approaches to user access that will help improve organizational security.
Five ways machine learning can improve enterprise security
1. Repudiate compromised credential attacks with risk-based models that validate user identity based on behavioral pattern analysis.
Machine learning uses constraint-based and pattern-matching algorithms. These techniques are ideal for analyzing behavioral patterns of people signing in to systems that contain sensitive information. Compromised credentials are the most common and destructive type of information security breach. Applying machine learning to this challenge using a risk-based model that “learns” user behaviors over time is superior to many other intrusion-detection methods being used today.
2. Maintain “zero tolerance” security settings using risk-scoring models that include evaluations of changing information management requirements.
Machine learning enables security frameworks to scale, providing threat assessments and graphic analysis that across locations. Scoring models are valuable in planning and executing growth strategies quickly across multiple geographic regions.
Some CEOs view multifactor authentication as a foundation of security frameworks that can help them grow faster. Machine learning enables IT resources to accelerate the development of these frameworks and to scale them globally. Removing security-based barriers to business growth potential is a high priority for several forward-thinking CEOs. A scalable security framework can contribute to total revenue growth alongside major distribution and selling channels.
3. Streamline security access for new employees with 360-degree, role-based risk models that can be customized by IT for specific needs.
Some CEOs are worried about how poor user experiences can impact productivity. Multifactor authentication workflows that have slowed user performance can be improved with contextual insights based on more precise person-based risk models. As machine learning models “learn” the behaviors of employees related to access, user authentication accuracy improves. By learning a range of approved patterns over time, machine learning can accelerate authorized employee access to secure services and systems.
4. Apply predictive analytics to the sources of data security threats, threat profiles, and remediation priorities.
CIOs, CSOs, and security teams increasingly need enterprise-wide visibility to all potential threats, prioritized by potential frequency and impact severity. Machine-learning algorithms can provide this capability with threat assessments and priority threat identification at a level of sophistication that allows both incident prevention and predictive response capabilities.
5. Stop malware-based breaches by learning how hackers modify code bases to bypass authentication.
One of the most popular techniques used by hackers to penetrate enterprise networks is to use impersonation-based logins and passwords that deliver malware to corporate servers. Malware breaches are notoriously challenging to track and remediate. One effective approach involves implementing an enterprise security framework with specific scenarios that trap, stop, and eliminate malware.
Fortunately, machine learning has been embedded in SAP S/4HANA to monitor breach activity from social media and the “dark” (non-indexed) web and in SAP Business Integrity Screening to take advantage of predictive analytics pointed at fraud detection and suspicious payment blocking.
The SAP GRC team will be exhibiting at several events related to cybersecurity this year. We hope you’ll join us there.