Aspirational Analytics

Thanks to the plethora of wearables and apps available to track our steps, workouts, calorie intake, sleep quality, heart rate and moods, we are now in a position to gather more data about ourselves than ever before — and more importantly, to use it to our advantage.

Take for example Glow, a fertility app which lets women monitor their ovulation cycles.

Its developers — a data science company also named Glow — claim that the app has helped hundreds of thousands of couples conceive naturally.

“We live in an incredible time in technology, where every aspect of how we work, live, communicate and interact is being digitised. A side effect of this is that we’re generating, enriching and codifying data at a scale that is really unfathomable,” said Dr Hugh Thompson, chief technology officer at software company Symantec.

He was giving a keynote address entitled ‘Radical Innovation: Revolutionising the Future of Cybersecurity’, on 26 July at the RSA Conference 2017 Asia Pacific and Japan, held at Singapore’s Marina Bay Sands Expo & Convention Centre.

The cybersecurity field can glean valuable lessons from how other disciplines — such as healthcare and the natural sciences — have used innovative analytics to make sense of these datasets, said Dr Thompson.

“Innovation is so important in security, especially at this time — not just incremental innovation, but radical innovation. This can fundamentally change how we approach the very difficult problem of security,” he added.

More than just cold, hard data

Said Dr Thompson, citing the example of the Glow app: “We often talk about analytics in a very cold, surgical way. But applied to the right problem, it can make a massive and very personal difference, as well as an important societal one.”

He added: “If we think very aspirationally about analytics, we’ll realise that it can do much more than just automating mundane tasks. Instead, it can transform how we work and live.”

Thinking aloud, he posed the following questions: What would cybersecurity look like if the field were as successful at analytics as other disciplines have been?

Cyberattacks typically inflict considerable damage before experts have the chance to react to and contain them. But with better analytics, experts would be able to predict incidents before they occur.

“If we get very good at analytics, we can identify the ‘potential energy’ for an attack,” he explained.

“Instead of detecting an attack that has already occurred, we can identify the conditions which will make an attack likely.”

When devices get security labels

In addition to incident response, the field would also get smarter about Internet of Things (IoT) security, said Dr Thompson, who envisions every IoT product coming with enough information to allow consumers to make an informed decision about its security risks.

“Imagine if you could look at a device and see something very similar to the food and nutrition labels that are on bags of chips,” he mused. “You could then make a choice from a security perspective — do I want to introduce this into my home or business environment?”

Such a label might bear information about what the device senses and captures — audio, video or location, for example.

Or its kinetic aspects: whether it has moving parts or can act on other devices on the same network; its connectivity; as well as its energy consumption.

Further, now that personal and work lives are so intertwined, many people will likely be using the same connected devices at home and at the office.

Better analytics can help address the privacy concerns associated with this trend, said Dr Thompson.

“With better analytics, we can start to build technologies that can truly adapt around a human being, changing as that person’s context changes. For example, different sets of protection could apply to the same device at home and at work,” he explained.

“These are important tools for allowing the same device to move in and out of different contexts, while still giving the user comfort.”

Rethinking the art of the possible

Cybersecurity today is seen as a ‘diseconomy of scale’: The bigger a network, the more potential security loopholes it contains, said Dr Thompson.

But analytics can turn this view on its head.

“With better analytics, security becomes more like a neighbourhood watch. If you live in a sparsely populated neighbourhood, and suddenly three new neighbours pop up, you’re actually better off —you have three more sets of eyes and ears to monitor the environment, and the security of the entire community is raised,” he explained.

For example, individual users in the ecosystem can be asked to report or confirm what they are doing at any one point in time.

If, for example, the security system picks up someone sending earnings information outside the company, but no one confirms it, this may indicate a security breach.

“There’s a lot of great work that has been done in security analytics and artificial intelligence, but we have a long way to go,” concluded Dr Thompson.

“I’d encourage you to rethink the art of the possible, and consider how we should measure ourselves against where other fields already are.”