The Security Analyst Conundrum: Evolving Data into Wisdom

It is no secret that the shortage of qualified security analysts has resulted in an overworked and overwhelmed workforce. The sheer volume of alerts is too much for even the most efficient Security Operation Centers. The biggest security challenge created by today’s cyber landscape is the ability to weed through all the alert clutter and take action on threats that are most pertinent.

Semantic graphs are an efficient and powerful approach to finding, detecting, mitigating, categorizing and documenting threat intelligence data. Attendees will see firsthand accounts of how semantic graphs are used to gain new insight and knowledge from facts coming from existing network and security appliances, and how such insight is generated by a Description Logic inference engine.

This panel will help bring to the forefront the benefits of formal description logic solutions for incidence response and demonstrate how formal logic can computationally infer new facts from known facts.

Panelists will cover the following topics:

The shortage of security analysts cannot keep up with the volume of alert clutter in order to take action on the most crucial threats.
A powerful new artificial intelligence approach is emerging - Description Logic Reasoning over semantic graphs of cyber events.
This artificial intelligence approach will successfully automate the reduction of false positives, enabling automated hunting and significantly reducing response times.
Unlike all other workflow-driven or machine learning-based automation tools, this patented approach more effectively models normal and abnormal user and network behavior.
This approach can infer facts and identify anomalous activity that would otherwise only be obvious to a team of security analysts.

Ryan Hohimer received a Bachelor of Science in Electrical Engineering (BSEE) in 1995 from Washington State University. Immediately after, the US Department of Energy (DOE) Pacific Northwest National Laboratory (PNNL) put him to work in data collection and analysis in energy and national security domains. This placed him into “Big Data” before “Big Data” was cool. Dealing with the challenges of managing massive data sparked his interest in metadata. The Semantic Web Technologies (SWT) which emerged from metadata representations became a central component of Ryan’s Knowledge Representation and Reasoning (KR&R) acumen. Ryan honed his KR&R skills through nearly 19 years of research and project management at PNNL. He is the lead inventor of the DarkLight technology. He was the Principle Investigator and Project Manager overseeing the development of the first prototypes. The first prototype addressed cyber-behaviors in Insider-Threat and Cybersecurity.

As the Director of Cyber Security Science for Monsanto, Shawn Riley serves as the global head of cyber security analytics and leads the transformation and implementation of a comprehensive date-driven, intelligence-based, cyber security program. Shawn has had 24 years of technical, cybersecurity, information security, and information assurance experience in the defense and intelligence communities prior to joining Monsanto.