Behavior Doesn’t Lie: NH-ISAC and Model Driven Security in Healthcare

Behavior doesn’t lie. Gurucul attends the National Health Information Sharing and Analysis Center (NH-ISAC) summit to discuss the value of model driven security, behavior analytics and investing in data scientists in healthcare.

NH-ISAC is a global, non-profit, member-driven organization offering healthcare stakeholders a trusted community and forum for coordinating, collaborating and sharing Physical and Cyber Threat Intelligence and best practices for professionals. Gurucul aims at providing these professionals with the best behavior analytics, model driven security and data scientists in the field.

They have two Summits a year. Gurucul has been a NH-ISAC partner since the inaugural event in 2015. We are sponsors at the 2018 NH-ISAC Spring Summit this month. And, we will be at the Fall Summit in San Antonio, TX in November.

Data Scientists Know You Can Steal an Identity, but You Can’t Steal Behavior

The event kicked off with a keynote by our healthcare provider customer who talked about the importance of model driven security and investing in data scientists. Model driven security is the use of math and algorithms to evaluate behavior in order to make real time security control decisions. Instead of relying on humans to enter those control changes into a console, machine learning models drive automated response and orchestrate decisions.

What’s that thing that doesn’t lie?” he asked the audience. “Behavior. Behavior doesn’t lie.” Behavior based security analytics is the definition of model driven security.

He told us one of the reasons he chose Gurucul’s solution for cybersecurity in healthcare, was because of our deep bench of data scientists. He didn’t even realize how important that was until we got into a POC with 4 other security analytics vendors. That’s when our talent pool quickly became evident.

Model Driven Security Drives Front Line Security Controls

Later in the week we were talking with a customer who has 300 machine learning models in production. He is looking to expand to 500 models by year end. That’s when he said, “There’s so much more we can do with this!

A reason to need model driven security

A recent large organization had 15,000 servers taken down in under 90 seconds. There are no people in this world that can respond fast enough to mitigate those sorts of attacks. You need to be able to move at machine speed. That is why our customers are moving to model driven security because it gives them a machine-based reaction time to critical threats.

One of the cool things this particular customer does with Gurucul is identify a way to block select emails from leaving the environment if a user’s risk score is high. This is a great example of model driven security: action is taken on identified risks with no human intervention. If a user’s risk score goes up, that user can no longer send certain emails outside of the company. Behavior doesn’t lie.

Model Driven Security Applies Automation to High Risk Scenarios

Our healthcare customers were constantly trying to sift through thousands of alerts per day. When they started to model specific behavior, it gave them the ability to focus on what was most important. It greatly reduced the amount of time they were spending looking through incidents that may not be risky and gave them the opportunity to focus where they needed to – on risky behavior.

Our customers are driving very powerful behavior analytics use cases. You could, too. Contact us today to get started. After all, behavior doesn’t lie!