Blog | CloudAlly Transparent Logo
Cloud to Cloud Backup Blog
  • Home
  • Posts
  • Cyber Resilience: Using Machine Learning for Anomaly Detection

Cyber Resilience: Using Machine Learning for Anomaly Detection

As we mark Cybersecurity Awareness Month, we invite Dena Bauckman, VP Product Management at Zix to share practical pointers to add Machine Learning (ML) to data protection, cybersecurity advice, and
machine learning in data protection dena bauckman | CloudAlly
dotted blue horizontal | CloudAlly
Share this:

Today on Thought Leader talks we speak with Dena Bauckman, the VP of product management at Zix Corp. Dena is a CISSP with a keen interest in leveling up data protection using Artificial Intelligence (AI) and Machine Learning (ML). Watch or read Dena’s pointers on using machine learning for anomaly detection, the significance of Cybersecurity Awareness month, the role of encryption and backup in cybersecurity planning, advice to MSPs on incorporating data protection in their cloud suite, and more about cyber resilience.

Watch or read helpful insights from other Thought Leaders including Salesforce Ben, Gemma Blezard, Richard Tubb, and others.

The Role of Machine Learning in Anomaly Detection

Teresa: Dena, if we are playing buzzword, bingo, the jackpot would have to go to Artificial Intelligence and Machine Learning. Can you de-jargonize it to, with a use case of how it can improve SaaS data protection for an organization?

Dena: Yes. And, and you’re absolutely right. AI and ML machine learning are definitely the buzzwords we hear a lot today. And quite honestly, people are kind of using them interchangeably, but there is a big difference.

Machine learning is much more of what we see these days; where you can teach a machine to identify and look for insights in data. Data protection is obviously a very broad area, covering everything from encryption at rest or in transit to backup and recovery. Everything to do with protecting against malware and ransomware. And what we really see more than anything in all of those spaces is machine learning.

So on to some exact examples to help explain how machine learning helps with data protection. The first thing is we’re seeing more and more solutions doing is learning to understand what a user’s normal behavior is. And by doing that, we can then identify if something is abnormal or out of the ordinary. Let me give you an example of encryption. With phishing attacks, sensitive data gets sent to the wrong person. Well, if you could identify and understand a user’s behavior – when they typically communicate or who they typically communicate with, then you can identify when something is abnormal. For instance, a user sends an email to somebody they’ve never emailed. Detecting anomalies and then preventing them from going through. Machine learning has an important part to play in improving anomaly detection. That’s probably one of the biggest roles that I would identify.

The same machine learning-driven anomaly detection can be applied to backups. Being able to have the system understand what is “typical” for changes in the data you’re backing up and then identify and notify somebody if there’s an anomaly occurring.

Teresa: That’s an interesting use case. We recently introduced anomaly detection in Salesforce backup where the system raises a red flag if suspicious deletion or updating of data is occurring.

Pointers for a Secure Cloud Adoption: Backup is a Must

Teresa: What pointers would you give companies migrating to the cloud? What are the must-haves for a successful and secure cloud adoption?

Dena: Yeah, so a couple of things I would focus on there is first, if you don’t have a lot of expertise in migrating to the cloud, you may want to partner with a vendor that can help you do that. We work a lot with smaller businesses that don’t have a large IT organization, where it can be really kind of scary trying to do something like moving your data to the cloud. I’d advise you to partner with a managed service provider (MSP) that is very familiar with cloud migration.

Regarding making your cloud adoption secure, as you’re going to move your data and your systems to the cloud, you need to make sure you have a good backup before you start that process. So if anything should go wrong, you have the ability to recover or at least get back to where you were right.

Teresa: That’s true. Backup is a safety net for your data.

Advice to MSPs: Ease of Use Critical for Data Protection

Teresa: What advice would you give an MSP seeking to add data encryption and protection to their suite of solutions – what are the pitfalls they should avoid?

Dena:  I’m going to focus on encryption in transit. That’s the area I have experience in specifically. As an MSP, one of the things that is incredibly important when is you’re looking at different encryption offerings is to understand what impact that is going to have on your customer. Different solutions will impact users in different ways. For example, there can be a very big impact on your customers sending an encrypted email. Hence the ease of use is going to be one of the most important things to look at. Am I going to make it hard for the users or is it going to make it easy for the users and what is the trade-off? You don’t want to be fumbling through a complex app when, when you’re sending an email or when you’ve lost your data.

Shared Responsibility Model

Teresa: A recent survey by IDG reported that thirty-five percent of the market mistakenly assume that their SaaS vendor is responsible for data protection. What are the practical implications of the Shared Responsibility Model? It’s a big shift when you move from on-premises to the cloud.

Dena: That IDG report was something I think a lot of us in the industry have known, it really pointed out something that people need to stop and think about. When you move to the cloud, you can’t assume that your SaaS vendor is going to take care of everything for you. Right? You need to understand what they do as part of their service and what’s still your responsibility. Aspects like security – what security are they going to provide as part of the service and what are you still expected to do? One of the most common areas where we see an issue here is that people mistakenly assume when you move to a cloud service that the service provider is going to protect your data; they’re going to do backups of your data. And so if anything happens, they’ll just restore your data. That’s not always true. You need to make sure you understand exactly what the vendor is taking responsibility for and what’s your responsibility. And take the onus of putting in measures for your part of the “shared responsibility” of data protection.

October is Cybersecurity Month: How Do You Combat the Ghoul of Ransomware?

Teresa: October is National Cybersecurity month – a mixed celebration, given the continued ransomware storm targeting all industries – healthcare, education, financial, government, and now even a major candymaker ahead of Halloween. What “tricks” would you advise to combat the ghoul of ransomware? 

Dena: Yeah. Unfortunately, ransomware has become so rampant, it’s almost commonplace. My first advice would be to focus on the primary attack vector that is used in ransomware and in a lot of different types of malware attacks, and that’s going to be email. The reason email is a primary attack vector is that if you can get your ransomware to pass whatever defenses are in place and in a user’s inbox, your chances of a successful attack are high. This is because users are our weakest link; they can be tricked in all kinds of ways to kind of get them to react and do something they shouldn’t. That’s why during October’s Cybersecurity month, we need to emphasize the importance of cybersecurity awareness training; because users are your last defense. While you surely need to have your email as secure as possible, you also need to make sure that users are aware of and on the lookout for red flags and tricks that attackers employ. Good email hygiene training is important. 

Email Encryption and Compliance

Teresa: In a crowded email encryption and compliance solution market, what would you say differentiates Zix Secure Cloud? 

Dena: You’re right. There are a lot of vendors in this space, but what makes us different is that we focus on ease of use; trying to make security and compliance easy for everybody who is involved in it. That could be from our MSP partners, to our customers, and to the end-users. That’s very critical because a lot of what we also see is the harder that you make security and compliance, the more people don’t fully embrace it and they don’t do everything that they should. Thus by making it easy to implement, configure, manage, and use, it makes it better for everybody involved and makes people more likely to take advantage of all the security capabilities.

Thanks, Dena! You’ve shared some great insights on machine learning for anomaly detection and how we need to engrain backup and email security into the very fabric of our cybersecurity plans. Particularly so during National Cybersecurity Awareness month.

Watch or read helpful insights from other Thought Leaders including Salesforce Ben, Gemma Blezard, Richard Tubb, and others.

Share this:

Related posts:

Thought Leader Talks

Series of Intriguing Q&A with the leading IT influencers

Click the RSS icon below sign up and get our blog posts by RSS

Subscribe to our latest blog posts