Role of Identity in Recent Breaches at Cyber Security World 2015

Saryu Nayyar to Explain how Identity Compromise was Root Cause of Break-ins, Data Exfiltration and Fraud in SONY, Anthem and Other Incidents


Saryu Nayyar, CEO of Gurucul, a provider of identity-based threat detection and deterrence technology based upon behavior analytics. She is a recognized expert in information security, identity and access management, and security risk management. Prior to founding Gurucul, Saryu was a founding member of Vaau, an enterprise role-management start-up acquired by Sun Microsystems. She has held leadership roles in product strategy for security products at Oracle and Sun Microsystems. Saryu also spent several years in senior positions at the IT security practice of Ernst & Young.

WHAT: Most data breaches share a common denominator – identity compromise. The Anthem breach was discovered by an administrator who noticed unauthorized queries running with admin credentials. In this session entitled, “SONY, Anthem and Other Breaches: It all Comes Down to Identity” Saryu will explore the role of identity in recent breaches and how a new approach called identity-based User Behavior Analytics (UBA) can assist in threat deterrence, detection and incident response. Using three real-world case studies on financial fraud, IP theft and high privileged access misuse, she will illustrate:

  • Why the compromise and misuse of identities are the root cause of most data breaches
  • How to reduce identity as a threat plane using identity access intelligence data science
  • How insider threats and hijacked accounts can be detected using user behavior analytics (UBA)
WHERE: Cyber Security World 2015, FHI360 Conference Center, Washington, DC
WHEN: Thursday, October 29, 2015 from 1:30 pm – 2:40 pm

About Cyber Security World 2015

Cyber Security World 2015 brings together security experts, practitioners, and researchers who will share their firsthand knowledge and open the discussion to information sharing between public and private sector attendees. Conference sessions provide in-depth discussion on cybersecurity management and strategy, operations, cybercrime, and privacy. For more information, visit:

About Gurucul

Gurucul is changing the way enterprises protect themselves against fraud, insider threats and external intruders both on premise and in the cloud. The company’s user behavior analytics and identity access intelligence technology uses machine learning and predictive anomaly detection algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and identify, predict and prevent breaches. Gurucul technology is used globally by organizations to detect insider fraud, IP theft, external attacks and more. Gurucul is based in Los Angeles. To learn more, visit us at and follow Gurucul on LinkedIn, Facebook and Twitter (@Gurucul).