Page 1

magazines title ideas for personal essays 05 10

professional cv writing services london 05 11


pseudoscorpionida classification essay 05 13

make my creative writing on age of consent for cheap 05 15

death penalty should not be abolished debate 05 11



tombolato limena prezi presentation 05 11


4pi microscopy ppt presentation 05 13


type dissertation abstract on age of consent due tomorrow 05 10


scdl managerial economics papers 05 14

handheld laser paper cutter 05 03

writing test for ielts 05 12


apa research evolution writers bibliography 05 04

essay checker for free 05 02

where can i write stories online yahoo answers 05 14

argumentative essay 101 05 02

mark doty souls on ice essay 05 13

10 best philosophy papers 05 14

dfs replication health report not loading 05 13

examples of persuasive essay for college 05 15



apa citation style 2018 05 08

evolution writers to help handwriting 05 04

cover letter for ngo job application 05 14

model evolution writers of technical helper 05 04 2

article 78 of uae labour law 05 13

looking for someone to write essay on military now 05 14

a level biology evolution writers 5 revision 05 05

argumentative research evolution writers outline 05 03

lol how many reports for tribunal 08 18


afrikaans evolution writers 3 grade 11 2018 05 03 2

kirikaeshi essay help 05 12

edit my dissertation on parents due tomorrow 05 15





all evolutionwriters 05 05

swedish pulp and paper research institute stfi 05 12


ai weiwei sunflower seeds essay format 05 09


Juilliard School, Lincoln Center for the Performing Arts, Manhattan ​thank you John decades my goodness it was I was four year old when I started it seems a lot longer than actually and John's opening at the very beginning was quite pertinent for me in terms of putting things in perspective the perspective being cybersecurity is very very important to all of us you know it keeps our companies profitable it allows us to guard against the tax but it's nowhere near as important as human health and you know to be a life-threatening illness from the outset is pretty impressive but puts things in perspective so well done John and secondly John's card system about if you don't tie me all good is gonna raise a red card and as a Newcastle United supporter I've got no aversion to seeing red cards being lifted here so I equate I don't mind but I'll stay with them tell you my promise so yeah as John said my background being in technology sales for about 30 years for the past 10 years and 15 years in cyber cyber security predominantly in the UK cost middle eastern Africa and some experience in North America as well and joined a very exciting organization who wanted today's sponsors his own Fox we're upstairs and we were founded seven years ago out of nickel University in Edinburgh and the original ethos of the product wasn't about preventing bad stuff or finding bad people but was essentially invented to prove innocence of a certain individual so what I mean Bella we were faced with the opportunity of a company that was linked to the University who had a senior executive who's about to be fired because they thought they accessed and shared data that he shouldn't have when an actual fact we developed a solution seven years ago that managed to prove his innocence by virtue the fact that his account was compromised and it wasn't him that was the third actor so security seems to have a very negative connotation when you look at what what traditional companies do but in actual fact what we started doing then and what we still do to this day very much protect your employees and allows you to prove innocence and prove integrity and in a lot of cases we've got just under 50 customers globally we were based headquartered in Edinburgh in Scotland and we we've got a stand upstairs we'd be delighted to talk to you throughout the course of today one of the key case studies we talk about entities and this is not a sales purchases to talk about predominately insider threat and life beyond GDP are and we're not GDP are experts but there are plenty in the room and but one of our key case studies was rockstar games and we essentially protect the code for grand theft auto that's released every six months so we're pretty proud of that and they're they're one of our larger customers that we have on a global basis so life after gdpr what's gonna happen there's been lots of fear uncertainty and doubt out there if you look at an forsake last year this year next year won't be so bad but everybody and their dog has got a gbbr solution everybody can solve your gdb our problem and not the case similarly with us as a company we've got solutions that help you understand what's happening internally but we don't have an end-to-end gdpr solution so there is there are plenty of facts our own gdpr and there's plenty of fodder on gdpr but this is a fun free zone if you like just over 18 years ago we had a very large compelling event around year 2000 and again it was the same scenario where we had lots of hype lots of IT spend and lots of scare mongering and on January the 1st 2000 the world kept spinning it didn't stop spinning people didn't lose their jobs companies kept growing companies kept making profit so it's slightly similar to GDP our and that come the 25th of May 3 months today I don't see a huge amount and use hitting the press I think we'll still be in a position where businesses are ongoing they'll be continuing to elevate their security posture they'll be doing what they can but there's no massive compelling event 3 months from today I just think it's the start of a new era in terms of how people view this as a previous speaker said the ICO do not have a chance in hell of being able to come and legislate every single organization that reaches GDP are but obviously there's going to be some big targets along the way as I said earlier there's no such thing as a silver bullet although many vendors would have you think that there is we believe it's not for us it's about the classification of the data that you hold in your organization and how you treat that data and how you control that data and it's about having a plan it's about a Nevitt ability of perhaps you will be the next breach and if so what do you do what is your action plan because that's as important around GDP are as protection of not being breached obviously and the traditional controls and perimeters you know they're old-fashioned and they just they just don't work excuse me so the traditional controlled continuing to put controls at the perimeter where is the perimeter of these days the perimeter is constantly moving the perimeter is no longer at the external part of your business you've got partners you've got employees you've got consultants so it's a virtual perimeter these days so the continuation of doing the same things over and over and expecting a different outcome would be akin to Einstein's theory around insanity is doing the same thing over and over again but expecting a different outcome even this week you know you

could have a slide deck of 25 to 50 slides of all the breaches all the news items of that have hit us over the last couple of years but within the last week three partner ones would be the Guardian a significant government figure saying that it's not a matter of if but Wayne and I think everybody subscribes to that in the room we could all be the next target so vigilance is the key secondly card from warehouse seems to have been in the press for years but eventually there's this week it was announced that they had a four hundred thousand pound fine post 25th of May that scenario might have been significantly more so maybe that happened earlier I'm not sure and as early as the day before yesterday NHS Wales had an issue whereby a nurse was leaking information not sensitive information patient information between action on the north but it really elevates the position of NHS Wales in terms of their security posture and how they got caught out every organisation has got staff your most important asset also sometimes your biggest threat as well and there was a survey of over 600 seesaws published recently by the Ponemon report and they accepted that the insider threat the human error not malicious actor but accidental actor was by far the number one threat and any organisation we built our business around died it's not a sales pitch as I said we built our business turned up but we see that all the time that that's the part that people seem to leave to last and that's the part that we hopefully address very well so what can we do I mean the attacks are increasing and I need to check my audience here for Millennials how many people have heard of dads army just digital quick shoe events thank goodness for that so if that's your traditional defense on the left hand side the traditional attack that's coming at you is on the right hand side so we have to get a little bit different and a little bit smarter about about how we respond about how we actually detect and how we respond to the traditional threats how do we do that we do that in a number of ways we use technology we use people but let's use the power of machine learning and that's pretty much where we're coming from on this so what's the problem we're getting close to Easter I'm assuming most of us like cream eggs and chocolate and stuff like that the the whole cybersecurity problem over the last 20 years could be summed up by looking at cream egg a cream after it's been in the fridge has got a very crusty very hard exterior and it's very very well protected but once you break that exterior and get on the inside the gooey part that's uncontrollable on the NSA is effectively the data and also the people are owning that data so that's our cream egg scenario so you know we don't have any cream eggs with us we should have had some cream eggs and stand alone I think but we don't have any with us but effectively it can have sums up the problem and if I explain cybersecurity to my young children or to my elderly parents I would explain it so like a Tremec and it's about the part exterior and the valuable stuff on the inside and gaining control of that is a massive challenge so addressing this the the kind of a 101 of of yuba user behavioral analytics and that's kind of what what we're about and what our business is based on and harnessing the power of machine learning obviously was much faster it's much more scalable in terms of the human element and be able to spot stuff that's different not necessarily bad but different from the norm and I've got I've got a graph to show you in a second to they'll explain that slightly better and building a profile over use it over time so in collecting data from all your users and how they're doing their job on a day to day basis but then over time building up a normality level or raising the baseline in terms of what's good and what's bad what's accepted what's not accepted and user controls Active Directory super users can be a challenge but again understanding what these people do within your organization to be able to effectively police in control and gather more data around what's right what's wrong what's good for the business what's an S it was not necessarily good for the business peer group analysis really really interesting around examples we found of large organizations who have maybe 50 or 60 accountants working in their business of the 50 accountants 49 generally do the same thing at the same time most days access the same types of data in the same types of areas but but one of those accountants does things slightly differently not necessarily bad but anomalous so it's what the investigation and that's the human element that any traditional rules based detection system would not pick up it was certainly a messed up and comparing an individual's behavior this week to last week or the week before another real-life example of a large sales organization that we did some work with and were able to detect the likelihood of certain salespeople leaving the organization can akin to that probably years ago but my own scenario that you do change the person here about to leave an organization your your light your liability goes up your loyalty goes down what you do working hours but various things changes and it's difficult to spot that from a human to human scenario but when you put machine learning in place you can actually start to detect that and whether this particular organization we were able to fairly accurately predict a whole bunch of people that are about to leave a large motor manufacturer were to leave their organization so education and people are the key it's about rules education and vigilance and the other thing to think about here is it's about training as well and understanding that and as individuals it's so easy to get caught out we had a scenario internally where one of our developers clicked on a link accidentally from an email and they were effectively fished they panicked but immediately went to the CTO and said I think I've done something rather silly but that open communication that culture of not being afraid to put your hand up and say I've done something silly that's

what we need to embrace and and further continue to do through any organization this is the whole cyber thing getting fished and getting caught seems to be an area that's that's feared and it shouldn't be the case it should be an open and key communication amongst all employees so any successful team things happen things change various people my counts been compromised top talent people will be malicious with their actions people will be accidental I think some like 82% of all and insider challenges inside the threats are generated by accidental behavior not necessarily malicious of course there will always be malicious actors out there there'll be employees with the grievance but the vast majority as I said are insiders that are making mistakes perhaps under pressure workload hadn't had adequate training stuff like that it all leads to the same thing data potentially leaving your organization which is valuable so this is the graph one on how the machine learning works in terms of peer group analysis so I'll build this up so we've got engineering what sales team we've got finance we've got facilities and pretty broadly speaking they're working within the same parameters of each other with it within their actual Department and this is how the the UVA analytics works in terms of adding machine learning to this bottom left statistically there's someone very very different and it says you're bad guy aka bad bad guy perhaps but perhaps just a little bit different so it's about spotting this anomalous behavior and investigating it and effectively this gives us the ability to cut the wood from the chaff and be able to go straight to the this different person and understand why they're different you know you you interviewed a person you understand what's going on and you realize what they're doing is actually quite right we need to perhaps create another group for this but it just allows you to spot that anomalous behavior and then decide whether it's good bad or indifferent for the business and we refer to AI as augmented intelligence rather than artificial intelligence augmented on the basis that it's the it's a mix of AI and machine learning with the human element hence the Augmented part so when we refer to a I if you speak to us upstairs at any point later on AI for us is augmented intelligence and in terms of what this looks like in production weekly graphic use of your sales team weekly graph of your bunch of accountants overall your staff we can then detect that something very different and let me be clear about that not necessarily bad but something very different is happening at 8:00 p.m. on waiting state so let's look at that rather than scan lots of different stuff that's happening over 24 hours of the over 70s so a touched on this earlier and very very important in my opinion and this business is about people cybersecurity is about people and people caused the problem people have the resolution and I personally have been fished and I'm pretty techy savvy when it comes to cybersecurity it's very easy they're very very clever so developing a culture internally internally with your people around not having the fear of any recrimination about putting your hand up and seeing I think I've done something silly or I think I've being caught out and it's having that relationship with your senior managers and also the board it's a board level issue around people and the development of this type of culture so what should be doing my opinion this hype is over height I'm not under estimating it I think it's very important it's certainly driven a lot of interest it's driven a lot a budget line and a lot of large organizations many of you today will have budgets this year you didn't have last year specifically around gdpr but I'm assuming most of that will be spent on people process probably a little bit of technology and a mix of the both so in our opinion is it's not necessarily another year 2000 but it's another large event that's the end of my presentation thank you and today's 25th of January happy Robert Borenstein from Scotland thank you very much Nyack College (School of Music).