How search empowers cybersecurity, fraud prevention and detection | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Anna Mascarello, regional vice president, public sector and education ANZ at Elastic. 

“The Commonwealth Fraud Prevention Centre estimates that fraud and error, including unreported fraud, could be costing the Commonwealth as much as $100 million a day.”

Cybersecurity is ultimately a data problem

Reducing the time to detection and validation is now critical. Platforms such as Elasticsearch provide the kind of search analytics capabilities that allow organisations to gain an advantage over cybercriminals by detecting potential fraud across vast volumes of data and keeping evidence searchable for the long term.

Fraud and cyber threats are a data problem. You need to have full visibility over real-time events and access to data that, in some cases, extends over multiple years to gain the insights as well as evidence to combat fraud.

When it comes to fraud and cyber threat detection, speed is critical. Improved detection rates and reduced false positives are driven by real-time data. Organisations can effectively identify abnormal behaviour and combat fraud by integrating a wealth of information into detection algorithms.

The earlier anomalous behaviours in the environment can be detected, the faster security teams can take action to prevent incidents from occurring.

Mascarello says Elastic’s ability to index structured and unstructured data across various systems enables detection speeds that put it at the forefront of cyber defence for many of the world’s most prominent public and private sector organisations.

“Our five senses — touch, smell, feel, sight, and hearing — are the way we experience the physical world as human beings,” she says. “But when we move into the digital world, the search function is the way we experience it: everything we do starts with a search.”

Elastic’s uniqueness, she says, is in taking artificial intelligence (AI) — machine learning (ML) and generative AI — and marrying it to search to offer new ways to discover, curate, and analyse data and to find anomalies that could pose a threat.

“This ability to ingest and index data to a single platform that enables distributed and federated search, across any given environment, is our superpower, ” says Mascarello.

“AI and ML technology can easily help establish and define normal behaviour, helping analysts close that loop to confirm and validate whether fraudulent behaviour has been happening.”

Enabling data search and security at scale

For some of the world’s largest organisations — Adobe, Uber,, and Cisco, who all leverage Elastic — scalability is key.

For Mascarello, Elastic’s ability to scale up and take on more is second to none.

“We have clients who scale to 100 petabytes of data to support cybersecurity. In their daily work, they ingest over 500 terabytes of data per day, which equates to 2.5 million events per second,” she says.

“Elastic’s threat detection rules analyse all of this to keep their technology and customers safe from fraud and cyber incidents. Without AI/ML-powered detection rules, the sheer volume of data makes analysis very timely and difficult.”

Professional services network Deloitte helps its clients leverage the Elasticsearch Platform to mitigate fraud. For Paul Curwell, a principal within Deloitte’s forensic practice, platforms such as Elasticsearch are closing the gap between criminals and detection.

“Fraudsters will always change their practices as soon as something stops working — they’re very innovative that way — and this is where machine learning comes in,” Curwell says.

“Provided it has the right environment and the right sort of data, it can start to learn what normal looks like and start to identify anomalies.”

Paul Curwell, a principal within Deloitte’s forensic practice. 

Curwell says that as the fraud detection sector matures, Elastic will remain “competitive and highly effective in this space”.

“We’re at the beginning of a wave where chief information officers (CIOs) are really starting to look to these sorts of tools,” he says.

Despite this, he adds, there will always be a need for human oversight of automated processes.

“Special fraud teams working with data science teams will utilise this kind of technology, but what we will see is the size of these teams changing,” Curwell says.

“At the moment, you could go into organisations and see hundreds of people managing potential fraud cases. I think this will decrease considerably to the point where you’ll have a small team with a lot of automation.”

Ultimately, for governments and businesses alike, the ability to trust in data is a need that will always be growing.

Mascarello says that Elastic’s future is set to grow alongside it.

“There’s going to be a heightened need and a requirement to ensure trust and to protect data,” she says. “Being able to skill people to use a single platform like ours with multiple capabilities will be critical.

“Having that single pane of glass that provides the necessary transparency will be crucial.”

To learn more, please visit Elastic.


Click Here For The Original Source.

National Cyber Security