O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Modernizing Cybersecurity Operations with Machine Intelligence

Book Description

Adversaries and hackers have gained significant and distinct advantages in cyber warfare today. Creative, fast, and opportunistic attackers have created an ecosystem of advanced persistent threats that is growing in scale and complexity, and evolving more rapidly than our capabilities to respond. By integrating machine intelligence (MI), you can significantly modernize your organization’s security operations to better keep pace with these threats.

With this ebook, Peter Guerra and Paul Tamburello—chief executives at Booz Allen Hamilton—provide examples to show you how MI can change cybersecurity operations to be more effective and efficient in threat detection, monitoring, and risk analysis. Applying MI to automate cybersecurity processes will enable swifter and more accurate identification of new and emerging threats in this continually changing landscape.

Attacks are only likely to increase in size and frequency across companies, institutions, and government agencies. This ebook demonstrates a powerful tool that can help you level the playing field.

You will learn:

  • The scope of the existing threat landscape, and benefits of applying MI to cybersecurity
  • What machine intelligence can and cannot do when applied to cybersecurity
  • Specific security applications of machine intelligence in the real world
  • How to address your organization’s maturity and readiness for cybersecurity with MI
  • The first steps for moving ahead with MI security in your organization
  • How to overcome difficulties and challenges when adopting machine intelligence

Table of Contents

  1. 1. Introduction
  2. 2. The Benefits of Applying Machine Intelligence to Cybersecurity
    1. Machine Intelligence Defined
    2. The Current Threat Landscape
    3. Common Challenges
    4. Why Machine Intelligence Offers a Better Solution than Current Approaches
  3. 3. The Capabilities of Machine Intelligence Today
    1. Current Capabilities of Machine Intelligence
      1. Automating Human Processes
      2. Detecting Cyber Threats
      3. Capturing Attacker Tradecraft
    2. Current Limitations of Machine Intelligence
    3. Recommendations for Successful Machine Intelligence Implementations
  4. 4. Real-World Security Applications for Machine Intelligence
    1. Hunting for Advanced Threats
      1. Why Threat Hunting Poses a Challenge for Cyber Operations
      2. How Machine Intelligence Applies to Threat Hunting
      3. How to Build a Machine Intelligence Capability to Support Threat Hunting
      4. Utilizing This Machine Intelligence Technique in the Real World
      5. Tips and Best Practices
    2. Detecting and Classifying Malware
      1. Why Malware Detection Poses a Challenge for Cyber Operations
      2. How Machine Intelligence Applies to Malware Detection
      3. How to Build a Machine Intelligence Capability to Support Malware Detection
      4. Utilizing this Machine Intelligence Technique in the Real World
      5. Tips and Best Practices
    3. Scoring Risk in a Network
      1. How Risk Scoring Poses a Challenge for Cyber Operations
      2. How Machine Intelligence Applies to Risk Scoring
      3. How to Build a Machine Intelligence Capability to Support Risk Scoring
      4. Utilizing This Machine Intelligence Technique in the Real World
      5. Tips and Best Practices
  5. 5. Addressing Readiness and Maturity for Machine Intelligence in an Organization
    1. First Steps to Applying Machine Intelligence to Security
    2. Overcoming Common Challenges
  6. 6. Conclusion