In previous posts of mine I discussed the work we are doing at HP Labs in the space of Security and Identity Analytics.
Cloud Computing is an area where Security (and Identity) Analytics can help to explore hot questions and tension points. Specifically, it can be used to analyse the implications of moving IT processes and applications/services in the cloud, the impact on Identity and Access Management processes and the involved risks.
In this context, Security Analytics can help to explore trade-offs (e.g. security risks vs. cost cutting) and analyse various decision options, by keeping into account the relevant security and business risks … Economics are going to play a key role here, too, to better understand decision makers’ strategic business priorities and security preferences and provide targeted decision support.
I would like to remind that our Security Analytics approach is a top-down approach, based on a rigorous scientific methodology, to provide decision support to strategic decision makers: modelling and simulation techniques are applied to represent the involved processes, IT systems, people behaviours and threats. What-if analysis is carried out to explore options. This is different from more traditional bottom-up analytic approaches, aiming at providing support by analysing and correlating wide sets of low-level data.
So here is a new buzzword: “Cloud Security Analytics” ...
More to come …
--- Posted by Marco Casassa Mont (here and here) ---
--- NOTE: use this mirror blog if you prefer posting on an external blog site ---
--- NOTE: my original HP blog can be found here ---
No comments:
Post a Comment