Home » Security Bloggers Network » Cybersecurity Data Science

Cybersecurity Data Science

by Greg Belding on October 14, 2019

Introduction

Boiled down to its most simple explanation, data science offers understanding. Everyone in every industry would like to better understand the landscape they operate in, and cybersecurity is no exception. It takes understanding to be able to anticipate and respond to attacks, threats and other cybersecurity issues.

This article will detail the state of cybersecurity before the impact of data science, as well as the many ways that data science can be used in cybersecurity. Data science is used in intrusion detection, behavioral analytics, data protection and forsaking laboratory scenarios for real-world examples. This article will conclude with a well-founded recommendation for how cybersecurity data science can improve with one small change.

Cybersecurity before data science

The most accurate description that I have come across about cybersecurity before data science is that of FUD, or fear, uncertainty and doubt. A significant number of decisions were made, right or wrong, based upon assumptions: assumptions about how attackers may attack, where they may attack and more. Assumptions were potentially the core of many organizations’ information security strategies.

Data science has effectively illuminated this previously dark space of FUD-based assumptions and has moved the cybersecurity playing field towards basing decisions more on facts. This does not mean the job of cybersecurity is now a cakewalk that cybersecurity analysts and information security professionals can basically ignore. Rather, they now have the data-driven methods and tools that will allow them to do their jobs better.

Currently, many organizations service their cybersecurity data science needs by hiring outside consultants to lend their expertise. This has proven to be exceedingly insightful for many organizations, as they now have a more realistic vision of their own cybersecurity risks and strengths. These external consultants generally do not collaborate much with organizational security teams.