[BreachExchange] The Big Connect: How Data Science is Helping Cybersecurity

[Destry Winant]

https://www.infosecurity-magazine.com/blogs/data-science-helping-cybersecurity-1/

More personal and organizational data is being shared, captured and
stored online than ever before. This digital ‘treasure trove’ is
enticing for cyber-criminals – it’s estimated that by 2023
cyber-criminals will steal an estimated 33 billion records.

Cue cybersecurity’s newest hero: the data scientist. There is a need
for data-driven solutions to cybercrime. A recent report from Indeed
showed a 29% increase in demand for data scientists year over year,
and a 344% increase since 2013. This demand comes from the needs of
cybersecurity, as well as data scientist’s multi-faceted skills across
a wide range of industries such as:

- E-commerce
- Finance
- Healthcare
- Insurance
- Telecommunications

We’ve taken a look at what a data scientist does, and the links
between data science and cybersecurity in our increasingly connected
world.

The Busy Schedule of a Data Scientist

The task of data analysis is mostly handled by data scientists. They
liaise with stakeholders to understand what information they need to
look for, which in turn helps inform what algorithms and methods need
to be used across their analytical tools. Data scientists will run
well-planned data models, receiving the information needed for
business growth.

They then present their findings in an easy to understand format by
using data visualization techniques. This helps to go from a confusing
spreadsheet to visually engaging charts and graphs, which better
communicate the findings of data modelling. This work can help
businesses gain insight into customer feedback, internal performance
and product outcomes.

The entire process a data scientist undertakes remains consistent and
successful by upholding security, integrity and privacy.

Security

With an estimated 12 billion records leaked in 2018, cybersecurity for
data scientists is a high priority. Weaker security protocols can lead
to vital business information being leaked or stolen, an expensive
issue to have, with such cybersecurity breaches costing the world
almost $600bn USD in 2018.

Cyber-attacks can pose a great danger to a business’ success, and the
expertise of data scientists is sought after in order to prevent
attacks from happening.

Integrity

Ensuring integrity across all modelling is a key part of a data
scientist’s role. This involves validating your assumptions about data
findings and making sure they match realistic outcomes that contribute
to business success. Understanding where data is coming from and how
it interacts with stakeholders is key.

Privacy

Preserving privacy and unbiased ethical standards in data science is
critical for those working in the field. Ensuring that a user’s
private data remains so is an important aspect of data ethics,
treating such information with confidentiality and transparency. Data
scientists can also ensure there is no bias present, and actively
program machine learning algorithms to remain unbiased.

The Impact of Data Science in the Cybersecurity Industry

Data scientists use machine learning to identify potential
cybersecurity threats, working to halt them. Machine learning
automation makes identifying any outliers in data much easier. This
allows data scientists to predict risks based on past exploits and
behavior patterns. Their work is vital to maintaining cybersecurity,
protecting businesses and the wider community from having their
information stolen.

Cyber-attacks may initially appear quite minor, but machine learning
can find patterns with minor outliers that could lead to larger
threats. There is a constant battle between cyber-criminals and
cybersecurity teams. Data scientists are challenged with staying ahead
of threats, balancing predictive and reactive methods.

Fraudulent behavior is an area where data scientists can use machine
learning to make a large difference across a number of industries.
Regression (prediction) models are a great tool that use an Intrusion
Detection System (IDS) to monitor computers for potential malicious
attacks.

Associate Rule Learning (ARL) is another example of where machine
learning can prevent cyber-attacks. This works as a recommendation
system, similar to how Netflix or Spotify suggests new media for
consumers based on their past preferences. ARL generates a response
for a particular risk based on its characteristics. Past threats with
the same characteristics will help ARL understand what may or may not
be a threat, constantly updating its database with new types of
cyber-attacks.

For those working in data science, it’s integral to understand the
management, security, privacy and ethics that underpin data and
information. One way to keep up with data science trends and
technologies is to specialize in Data Science.