This episode is sponsored by “Selling to the New Executive Buying Committee,” an Acceleration Economy Course designed to help vendors, partners, and buyers understand the shifting sands of how mid-market and enterprise CXOs are making purchase decisions to modernize technology.
00:36 — There’s a lot of interest in process mining and leveraging it for various business use cases, including cybersecurity. If you’re not familiar with process mining, it’s essentially the analysis of event logs and data from various systems and applications to understand and improve business processes.
Which companies are the most important vendors in cybersecurity? Check out
the Acceleration Economy Cybersecurity
Top 10 Shortlist.
01:00 — Process mining can be valuable in the cybersecurity context. First, you could apply process mining to anomaly detection. You could analyze an event, log, and system data to identify unusual patterns or behaviors that deviate from normal operations.
01:38 — Another valuable use case for process mining is incident response. If you have a variety of logs and streams coming from endpoints, agents, security operations centers (SOCs), and security information and event management (SIEM), you can take these logs and analyze them to actually determine how to best respond to a situation or an incident. Another great use case for process mining is compliance monitoring.
02:46 — Next up is predictive analytics. For example, if you’re looking at these historical log events and data via process mining, you can start to look for potential security incidents and vulnerabilities that may not have occurred yet or look for patterns and trends that may be potential risks to the organization and take some proactive measures.
03:16 — Last is the insider threat. If we can identify insider threats by analyzing patterns of behavior from users and more, we can start to detect some of this unusual or suspicious activity, like an insider posing a security risk.