Both predictive and prescriptive analytics exist - but do you know the difference? Discover what prescriptive analytics are and how organisations can encourage and support adoption of prescriptive UEBA solutions.
Predictive analytics attempt to predict the future by taking big data and then creating a model using machine learning or User Entity Behaviour Analytics (UEBA) and data mining methodologies. In order to create a data model, you need data. Lots of it. Predictive analytics can definitely add value to your cybersecurity program and help your security analysts detect threats before a policy violation can be perpetrated and an incident raised. What predictive analytics do not do, however, is provide a way forward once a threat is detected.
The next area of UEBA is that of prescriptive analytics. While user input and analysis are required with predictive analytics, the prescriptive type does as much of the analysis for you that it can and then prescribes a solution. While security products using predictive analytics can tell you what they think is going to happen based on observed activity, prescriptive analytics can tell you, or indeed suggest, how you should react to the situation.
For instance, if your UEBA solution discovers that one of your users is creating connections to a third party cloud storage service and then tries to send files from a file server containing critical R&D data, it can provide a course of action for your responders. You may need to implement a firewall rule that blocks the connection. You may also want to leverage network access control solutions to eliminate the user’s network connection.
Prescriptive analytics look very promising when it comes to providing accurate actionable suggestions for your analysts. Although they could very well be taken a step further and provide a sort of self-defending network, we have some work to do before that can be a reality.
It is not so much a lack of capability with prescriptive UEBA solutions as it is with the way our IT systems are deployed organizationally. So, how can organisations encourage and support adoption of such security technologies?
Download our Whitepaper to delve deeper into prescriptive analytics and the power of UEBA solutions.