SOAPA Video with SAS Software (Part 1)

Stu Bradley, VP of fraud and security intelligence stopped by the Enterprise Strategy Group video studio to participate in our latest SOAPA video. 

If you are a cybersecurity professional and you don’t know SAS, I strongly suggest you watch this video (and part 2 which is posted here). SAS Software has had a leadership role in data analytics for years and is now applying its craft to cybersecurity. In part 1 of this SOAPA video, Stu and I discuss:

1. SAS’s role in cybersecurity. I wanted to give the cybersecurity community a bit of background on SAS before digging into SOAPA-specific content. Stu summarizes the SAS cybersecurity position by talking about the need for flexible security analytics. The goal here is to make it easy for the SOC team to tap into security analytics and drive business outcomes. This makes sense since job-one for every CISOs is to protect critical business assets. 
2. SAS customers. Who are they? Stu says that they come in all shapes and sizes, but their main goal is to accelerate threat detection while decreasing the volume of false positive security incidents. In other words, customers call on SAS to help them with high-fidelity, real-time, and actionable security alerts. This has positive ramifications for threat prevention, detection, and response. 
3. It’s all about the data. In my interactions with SAS, I’ve been impressed with the company’s knowledge and guidance around data modeling and data management for cybersecurity analytics. Stu talks about the need to enrich the data, providing the right context for security analysts. When I pressed Stu on how he defines data enrichment, he offered a great example of data enrichment around user authentication anchored by NetFlow data. SAS has the right emphasis, as data synthesis is the “holy grail” of cybersecurity analytics. 
4. Risk management. Cyber-risk analytics is an under-appreciated use case for SOAPA but it’s one of SAS’s focus area. SAS uses unsupervised machine learning to model entity behavior using a multi-pass approach to model creation. Stu claims that this really improves the model, giving analysts a birds-eye view of risk. CEOs and business executives are clamoring for better cyber-risk metrics, so SAS has a great opportunity here.

While many security vendors approach security analytics with an alarmist perspective, Stu really demonstrates SAS’s deep knowledge and experience with data analytics that happen to be applied to cybersecurity. This made for a refreshing conversation. 

Many thanks to Stu Bradley and SAS for participating in the ESG SOAPA video series.