Intelligent CIO Europe Issue 10 - Page 25

LATEST INTELLIGENCE CISOS INVESTIGATE: USER BEHAVIOR ANALYTICS U ser Behavior Analytics (UBA) was born in part due to identity and access management’s (IAM) inability to provide thorough data analysis. The earlier generation IAM solutions were unable to parse the data effectively across complex networks and provide normalisation. As IAM matured, UBA evolved, increasing its ability to provide normalisation and more importantly to identify anomalies. A great example of the evolution of User Behavior Analytics comes from the retail space. Initially used for marketing to identify users’ interests and spending patterns, it became clear that the intelligence garnered could be utilised for other purposes within the business. As losses mounted from fraud and abuse, the industry put a focus on and became smart about transaction analysis. A purchase in New York City and then, seconds later, one from Paris, France, is an abnormal spending pattern. The developers of UBA took note of this capability and the opportunity to pinpoint discrepancies and applied it increasingly to other needs within the business, in particular security and compliance. Online banking is another fantastic example of how UBA was able to learn from previous challenges. The mid- 2000s saw the FFIEC (Federal Financial Institutions Examination Council) require adaptive authentication for online banking transactions. For example: someone logging into their account may normally check their balances and then transfer funds. However, an attacker may log in, edit account records and wire money. UBA technology alerts generated based on the observation that these are two entirely different behaviour patterns is a result of the technology being applied to new challenges. n Download whitepapers free from INTELLIGENTCIO 25