Leveraging Disparate Enterprise Data for Cybersecurity Purposes
February 2023 • Poster
Rosalie Bakken (Mayo Clinic), Matthew Spitzer (Mayo Clinic)
This poster describes a data lake poised to address the most pressing cybersecurity use cases expeditiously and efficiently.
Software Engineering Institute
This poster was presented at FloCon 2023, an annual conference that focuses on applying any and all collected data to defend enterprise networks.
Like many large organizations, ours has collected a wide variety of types of data across the enterprise for many years. This data comes in many forms and spans many systems and purposes. The data is disparate, unintegrated, and stored in a variety of locations. Each data source varies in quality, and each type of data has a differing retention period. As a result, while a vast array of data can theoretically be useful for cybersecurity purposes, it is rarely leveraged to its full potential.
Collectively, these efforts resulted in a lake poised to address the most pressing cybersecurity use cases expeditiously and efficiently, plus a replicable process for augmenting the lake with additional data sources in the future, and an enhanced ability to interpret results accurately and translate them to business insights.