Protecting Your Revenue with Machine Learning and Data Science
The New CISO - A podcast by Steve Moore - Joi
Categories:
In this episode of The New CISO, Steve is joined by returning guest Steve Magowan, VP of Cyber Security at Blackberry.Steve returns to dig into the reality of data science and AI and ML in cyber security. Breaking through the buzzwords, Steve understands the current state of technology and how it's used to protect revenue today. Listen to the episode to learn more about communicating expectations, using risk management to generate funding and the current landscape of security threats.Listen to Steve and Steve discuss educating executives and how utilizing data science in your security program can reduce friction and translate risk:Welcome Back, Steve (1:45)Host Steve Moore reintroduces our guest today, Steve Magowan. As a reminder, Steve manages everything security-related for Blackberry, from corporate security development to spearheading IoT initiatives.When asked to define AI, Steve Magowan explains that what AI means to the security world today is machine learning, both unsupervised and supervised, to prevent risk. In general, AI is still being widely researched and is often a buzzword thrown around, but full-on AI remains theoretical.Turning AI Into Action (6:22)Steve asks Steve Magowan how he handles the AI suggestion from executives, who may need more clarification on how this tech is used. Steve Magowan recognizes that he is a business enabler whose job is not only to protect data but to protect revenue. He would need to keep his company's resources in mind when discussing AI and determine if this type of tech is necessary for the goals ahead.Protector of Revenue (11:30)Steve Magowan has the unique position of protecting revenue for his company, an uncommon skill set for CISOs. Steve uses ML technology to map business activities and relate that to security. Having that ability allows him to communicate with executives in business terms to ensure their funds remain safe.Clear Lines (15:34)Although Steve has this authority, he believes CISOs should refrain from reporting to a CFO or CIO because their mandates conflict. Although executives wish to simplify their correspondence by going to a CIO for a one-stop shop, conflating their roles with a CISO would downplay both positions and render them less effective. Understanding Risk Management (19:10)Steve Magowan always tells leaders that risk management is the language in which security leaders gain money because you can turn security problems into dollars and cents. Pulling data allows you to understand and pitch how to receive resources based on the security issues faced.Ultimately, Steve's job is not to separate operations and business. His role is not to achieve technical outcomes but business outcomes using technical outcomes. Walking Through Detection Triggers (27:22)Steve asks Steve Magowan why the detection of bad things has shifted from signatures to "normal vs. abnormal."Steve Magowan explains how the landscape has changed and that cybercriminals now have more money to commit crimes and have the same education as security professionals. With cyber criminals getting more clever, ML is the only way to detect patterns that don't make sense, though even that is getting challenging.Staying Resilient (32:42)When facing sophisticated threats, you must ensure that you have data backups that cannot be breached and limit the scope of the hacker's blast radius for any hit. There will always be threats, but you must do your best to remain resilient. The Bias Problem (34:58)Steve Magowan outlines the risks of building your own ML program, such as personal biases that can skew the results of your data. The biggest lesson is that data...