Eric Dull, Drew Walsh, Scott Riede (Deloitte and Touche)
Cyber has been the original big-data for decades. Since Denning and Neumann’s 1985 whitepaper on statistical analysis for intrusion detection systems1, cyber has seen the need for complex event processors to manage the scale of cyber data. Security Operations Centers (SOCs) have been successful in overcoming this challenge, as evidenced by the rise of behavioral analytics, supervised machine learning methods, training data sets, and the scaling of technology. This talk will describe the strategies used in successful automation, AI adoption, and implementation and offer a framework for engaging executives to help guide effective AI use in the broader organization outside of the SOC.