Bob Rudis and jay Jacobs have wide experience in the field of information security & IT Risk Management. In their book “Data Driven Security” they explore practices and principles of data analysis and visualization.
Following is an interview with Mr.Bob and Jay Jacobs about the book and sharing experiences.
Q. What inspired you to write a book on Data Security?
Fundamentally, it was the desire to help our profession (information security) move from protoscience (h/t to @alexhutton for the original use of the term in an infosec context) to a bona-fide, data-driven field. Sure, many aspects of information security involved working with data and making decisions with data, but we tend to operate like the fields of chemistry and electricity did prior to the mid-eighteenth century. We hoped that by introducing the tools & techniques that “data scientists” in other fields use and covering the core concepts of data analysis & visualization we would help other professionals take their security programs and research further and faster than before. Secretly, Bob is also hoping that he never sees a pie chart in an information security vendor report or dashboard ever again as a result of the book.
Q. Tell us about your book “Data driven security” in brief.
Data-Driven Security takes folks on a journey through the concepts, practices and principles of data analysis and visualization by looking through an information security lens. We set a historical stage for how modern statistical practices elevated other professions then use data that should be familiar to information security professionals to provide a comprehensive overview of how to apply those practices within our discipline. We focus quite a bit on R, which is a language created by and for data analysts. We also view the book as a “gateway drug” for each of the concepts we present. If a practitioner develops an affinity for statistics from the sections that cover those topics, we show where to go for more information. The same is true for machine learning or developing interactive visualizations.
Q. What has been the biggest challenge to secure data (information) and how Would we overcome it?
Wow. That’s a fairly big question, but I think I can sum it up in one word: complexity. It’s almost trivial to secure small quantities of information on a single system. When you interconnect systems and networks, layering applications, transactions and business processes you start to increase the complexity of the solution almost exponentially. That’s one reason we felt compelled to help folks understand how to break down problems scientifically and use data in ways they never have before to both gain visibility and make better choices in how to protect and defend their information assets.
Q. As having experience in the field of Information security & IT Risk Management what you see the future of data networks?
I seem them growing more diverse, distributed, complex and, well, perhaps the best word to use is “unruly”. There are definite comparisons between performing risk analysis in fields like meteorology and epidemiology and doing so in information security. The phenomena in those fields are difficult to predict and dissect. Both weather systems and the spread of disease involve complex interactions across a wide and diverse spectrum and you can definitely see the parallels. Cloud computing, mobile computing and the blurring of what is personal & corporate all pose significant challenges now and when you factor the emergence of and convergence with the “internet of things”, the “rise of the drones” and the advent of non-internet network fabrics, data will behave just like water and flow into all the places that let it. Our challenge will be to ensure we help organizations develop the capability to have data be aware of where it’s flowing and only let it be used in the ways it was designed to be (and where it should be allowed to be used).
Q. Tell us about the different Data tools used for Data security in Brief.
I’ll focus this answer on the tools used for data analysis & visualization within the context of “security data”. For “normal- and medium-sized data” (i.e. not “big data”) most of the tools are at hand. R, Python and Excel are all good at dealing with data of a manageable size and traditional databases and operating systems are fully capable of handling data management tasks. Rather than give a laundry list, though, I would encourage security professionals to keep a keen eye on organizations like Etsy, Netflix and Bit.ly to learn how to look at data in new and interesting ways and also at the tools they develop, use and provide openly to the community. We’ve spent far too long as an industry navel gazing at our own creations and we’ll only start solving real problems by blending capabilities, techniques and tools from other disciplines/industries.
Q. What was the hardest part of writing your book?
The schedule! Jay & I worked really well together and developed a great collaborative system using github, but we were on a very tight delivery schedule from June through November of 2013. In fact, I believe we spoke more to each other every day than we did to our respective families. I think I can also say “getting past the table of contents” as, perhaps, the other hard part. It took a few false starts before we came up with a chapter framework that resonated with both us and Wiley. We’re really pleased with the result.
Q. Can you share a little about your current work or projects?
Jay just finished up ~3 months of intense work on analytics behind the Verizon Data Breach Investigations Report (which is coming out soon!). I’ve been overseeing cross-sector “data projects” (best I can say for the moment) with the Advanced Cyber Security Center and working with my internal data science team on designing internal projects for the upcoming year.
Outside of work, Jay & I maintain a companion (to the book) blog and podcast at http://datadrivensecurity.info/ where we expand on topics from the book and try to highlight the excellent work being done by visionaries and pioneers in our field.
Q. Say few words for our readers?
We hope that we’ve helped encourage folks to take a peek into the world of security data science and would really encourage all of your readers to at least start down that journey even part of the way. A big piece of advice is to add a few of the non-security resources we feature in the book (and on the site) into their RSS-feed, Twitter stream and podcast rotation to see what those outside our field are doing and find something that really interests them. Finally, I’d encourage folks to find questions to ask, find data to answer them and develop the skills necessary to find answers scientifically and tell great stories visually.