Cybersecurity has a diversity problem
As Ruth Bader Ginsberg once famously said, “Women belong in all places where decisions are being made.” Saryu says that this analogy applies to all industries, not just cybersecurity, but it is an unfortunate reality that women are significantly underrepresented in the security industry due to outdated and inaccurate perceptions of job fit and cultural bias. She believes that executive teams should proactively address this issue with constructive measures to attract and retain women. “We need to lead the change and fight for increased female representation at all levels, as security analysts, data scientists, product managers, forensic investigators, SOC engineers, CISOs, and more. The first step is acknowledging there is work to be done,” she adds.
Saryu is known for giving back to the industry through shared knowledge and expertise. Recently, she released the second edition of her book, ‘Borderless Behavior Analytics – Who’s Inside? What’re They Doing?’ which is available on Amazon and brings together the insights, lessons learned, and best practises from well-known and respected Chief Security Officers at major organizations. Moreover, she contributes to the security industry through her work with open-source threat detection models and sharing threat research. She leads Gurucul’s strategic collaboration with the US-CERT Insider Threat lab to develop and train ML models for Insider Threat use cases. She is actively involved in the testing and validation of these models. Also, she collaborates regularly with Gurucul partners, customers, open-source communities, universities, and threat research.
Changing the paradigm
Saryu states that, unfortunately, most SIEM products still deluge the security operations team with a flood of information, which makes it hard to prioritize events and alerts by their actual risk. In contrast, Gurucul offers extremely accurate threat detection and contextual information, which improves analyst productivity and allows them to focus on analyzing high-priority threats without wasting time manually piecing evidence together into incident timelines. Where most competitors offer black-box ML analytics that users cannot verify, Gurucul offers the ability to customize models via its open analytics, as well as the largest library of machine learning models out-of-the-box. Moreover, the company has spent the last decade helping organizations worldwide deter, predict, detect, and remediate insider threats. With the pandemic making remote work much more relevant, the need for a high-level insider threat detection system is becoming even more severe. The most effective way to detect insider threats without generating high volumes of false-positive alerts is to create time-based behavioral baselines that continuously learn what is acceptable behavior. This requires monitoring and analyzing massive amounts of data from a myriad of sources using advanced machine learning models and data science to pinpoint privilege abuse. She says, “This is what Gurucul does, in real-time, with exceptional accuracy.” She claims that Gurucul was the first company to extend behavior analytics from on-premises to the cloud and provides the only unified security and risk analytics product with AI/ML capabilities and automation that extends across threat detection, investigation, and response workflows. “This brings us to Gurucul’s User & Entity Behavior Analytics (UEBA),” adds Saryu.
Being a leader in threat detection, Gurucul’s Risk Analytics platform leverages over 2500 machine learning models powered by data science to produce actionable risk intelligence. It doesn’t rely on signatures, rules, or patterns. It allows organizations to identify zero-day threats in real-time and is designed to provide both contextual and situational awareness to detect and stop malicious behavior before cybercriminals or rogue insiders can harm. In conclusion, Saryu ensures, “Over the next several years, we will continue to innovate to make our threat detection solution more accurate to keep pace with modern malware and enable automated responses and remediation.”