Intelligent CISO Issue 01 | Page 52

COVER STORY

management ( SIEM ) software , as well as “ environmental indicators and stuff that goes on in the media or social media .”

Towers added : “ Our gap was proactive risk analytics ; being able to look for indicators of compromised or potential issues before they happen , whether that ’ s behavioural or based on access patterns . We thought Exabeam was the best fit for that gap .”

THE THE SOLUTION

Allergan implemented Exabeam ’ s User and Entity Behaviour Analytics ( UEBA ) solution to proactively protect itself from insider threats by ingesting security data from its myriad of security solutions and holistically analysing that data to baseline normal behaviour for its operations .

The key to effective security is to take a user-centric approach , understanding each and every user ’ s normal or baseline behaviour . This allows businesses to answer some of the key questions that cannot be resolved by network monitoring tools alone . These include : Who is accessing the network ? What are they accessing ? Is the person displaying normal user behaviour ? Once implemented , Exabeam was able to proactively detect any deviation from normal use or machine activity that might indicate a potential security event was emerging .

Towers said : “ Exabeam looks at behavioural patterns , access patterns ; basically how an individual works with the environment . The analytics allow us to build some sort of picture of normality for the users , both collectively and individually . Then , if we see anything that puts us in a higher risk scenario we look into it more deeply to find any potential compromises before they happen .”

Machine learning techniques can discover important connections between seemingly unrelated parts of identities , creating a detailed map of a user ’ s activity , even if various identity components are not explicitly linked . Machine learning algorithms analyse

52 Issue 01 | www . intelligentciso . com