The Law Offices of Mary N. Chaney, P.L.L.C.
The Cyber Security Law Firm of Texas

Mary's Blog

The Breach Whisperer

About Mary....

Mary N. Chaney, Esq., CISSP® is a former Special Agent for the FBI where she investigated cybercrime, a seasoned corporate executive that built and operated information security teams and now a cybersecurity attorney.

As a self-described “Breach Whisperer” our firm can train your company to properly prepare for your eventual breach!

The overall goal of our firm is to use our wealth of knowledge and expertise to help support, translate and advise, Boards of Directors, CIO's, CISO's and General Counsel's on how to legally protect their company from cyber related risk.

Blog Entries


 

Profiling Is Not Always A Bad Thing

See Article Here

The attached article speaks about how TSA PreCheck applies security to the individual in exchange for detailed background information about the traveler, to provide an expedited screening process. Now there are other companies like Clear and Global Entry which asks for additional information in exchange for even faster screening. However, the point is by focusing screening on an individual, TSA is able to formulate a risk profile and have a pattern of normal behavior. It follows that any deviation from that normal behavior will trigger some sort of alert and trigger extra screening.

If you apply some of that same logic to behavioral analytics you can now profile an individual user and create a profile of normal behavior, so when something happens out of the ordinary, you are alerted and can respond faster. This of course assumes that your security tool stack is well tuned to incorporate behavioral analytics and automation to obtain this level of detail. That could be a large order the larger the environment, however, it can be deployed on high risk users, folks that have higher levels of access within your company. Performing a risk assessment on your users will allow you to obtain some good detail about where to start. I suggest highly privilege access users (i.e. admin users), data base administrators, and application owners, but that’s just my personal wish list. Have fun!