The Need for Risk Analytics

Huzefa Olia

Thu, 16th October 2014

Learning Objectives:

Huzefa will explain:

  • How to create a holistic view of risk posture, establishing content risk models, translating metrics to business success and prioritization for remediation.
  • Discuss topics including business drivers, challenges, solutions, methodology, data aggregation, correlation risk models, scoring and overall reporting.

Questions and answers

Max, Concise Courses:
13:10 What are your thoughts about rooted Androids and iOS?

Huzefa Olia:
We are looking for a mobile device solution to capture that information. What we see is that from an iOS standpoint is that if any of these issues that have been reported they must be able to tie that back to an enterprise infrastructure. Most of the organizations that are still struggling with their BYOD situation relates to reporting with respect to an enterprise standpoint.

[Rooted Androids and iOS] are still being treated as a separate entity and not in the overall risk analysis, [i.e.] not tying all that information together.

Max, Concise Courses:
14:05 This is a very broad question but, in general, is corporate security getting worse or better in your opinion?

Huzefa Olia:
There are a lot of controls which are being put into place within corporate security – which is an evolution in corporate security. More tools, more systems and more controls have been added. I think what has happened in corporate security is that the paradigm is shifting in a way that whereas compliance was the driver before, it is now getting lesser and lesser prominence. They are getting flooded by new regulations and now they are looking at it more from a risk standpoint. Risk was completely separate, decisions were being made for them. Corporate security now is getting involved into it. They are not just looking at SAC [Security access control] but they are looking at what are their actual issues are that impact their organizations.

Max, Concise Courses:
15:15 Does your organization suggest ways to limit internal threats from disgruntled employees that steal data or for example maliciously install a Trojan or backdoor?

Huzefa Olia:
We do identify those results. As part of the reporting that we do, is to identify all these different types of threats. They don’t necessarily come out as known threats in the organization, but if they are known threats then they will be. We call them more as anomalies so if we are reporting on these different metrics and different sets of data – if it goes outside that particular trend then we will identify these anomalies.