Presented By O’Reilly and Cloudera
Make Data Work
September 11, 2018: Training & Tutorials
September 12–13, 2018: Keynotes & Sessions
New York, NY

Next-generation cybersecurity via data fusion, AI, and big data: Pragmatic lessons from the front lines in financial services

Usama Fayyad (Open Insights & OODA Health, Inc.), Troels Oerting (WEF Global Cybersecurity Center)
11:20am–12:00pm Wednesday, 09/12/2018
Data-driven business management, Expo Hall
Location: Expo Hall Level: Non-technical
Secondary topics:  Data Integration and Data Pipelines, Financial Services
Average rating: ***..
(3.00, 1 rating)

Who is this presentation for?

  • CISOs, CDOs, CIOs, and CEOs and anyone interested in making advanced technologies work for everyday problems

What you'll learn

  • Learn the power of combining big data with AI/ML in the context of real cybersecurity, how to make this work well with humans in the new SOC, and the power of collaboration to address daunting unsolvable problems


At the center of the global financial institution is trust. Trust is a differentiator for the modern customer, and in a hyperconnected world, customers demand that their most sensitive personal information (i.e., identity, address, salary, mortgage, credit card spending, pension, travel, and shopping habits) are kept safe. Usama Fayyad and Troels Oerting share outcomes and lessons learned from building and deploying a global data fusion, incident analysis/visualization, and effective cybersecurity defense based on big data and AI at Barclays, in collaboration with several financial services institutions.

Barclays recently rebuilt its Global Information Security Division to be strategic, intelligence led, and future-proof by implementing new capabilities and developing a new “fusion cell” concept that is able to utilize big data, AI, and machine learning. This enables a truly strategic view for the bank’s operations and has already led to new and enhanced functions, including cyberintelligence, insider threats, red teaming, threat hunting, cyberinnovation, and outreach. At the heart of the system is a context cloud, as the change from big data is powered by the context and focus. Context, generated by analytical judgements, reference data and historical understanding is pushed into the stream enriching new data automatically. This means a human-led, machine-driven SOC with highly trained and skilled analysts at its heart. It is also supported by next-generation technology and expanded insight. Analysis and response requires the ability to create inference based on machine learning, statistics, and other matching techniques. Machine-generated inference needs to communicate the uncertainty around its validity to SOC staff and decision makers. Communicating uncertainty and the relative likelihood false positives will be key. Success is dependent on the ability to harness autonomous agents that have the ability to analyze large volumes of data automatically and in real time.

Partnership is the new unique selling proposition. Each hub is interconnected, with shared infrastructure, offering a two-way connected exchange and collaboration on response. These hubs are integrated with the geographically disparate centers of excellence and promote innovation and capability through “share by default” alerts to external events and changes in environment. This new cooperation philosophy must rest on existing or future data privacy and data protection legislation that regulates what can be exchanged, by whom, and how. This is part of the trust at the center of public-private partnerships.

We need to improve cooperation between financial institutions and other companies holding big digital assets. It’s not enough to share outdated incomplete information with limited value. We need to share much more detailed information on how adversaries have tried or succeeded in breaching us to help our colleagues either patch or change procedures. If a company is hacked on Monday, a neighboring company is sure to be hacked or DDoSed on Tuesday. An ideal solution would be to establish a regional SOC of SOCs. The second-best solution would be to develop a secure platform that could be accessed only by approved platform members to upload indicators of compromise, malware, and other actionable information. The information would be searchable through advanced tools and utilization of AI and would provide advance alerts and flag selected dangerous new tools or modus. Such an entity should of course be supervised according to privacy and data protection

Absolute security does not exist in the physical world; neither does it exist in the virtual world. If we invest in next-generation security and cooperate, we will, at least, be able to provide the same—and hopefully acceptable—level of security in both worlds.

Photo of Usama Fayyad

Usama Fayyad

Open Insights & OODA Health, Inc.

Usama Fayyad is a cofounder and chief technology officer at OODA Health, a VC-funded company founded in 2017 to bring AI and automation to create a retail-like experience in payments and processing to healthcare delivery, and founder and chairman at Open Insights, a technology and strategic consulting firm founded in 2008 to help enterprises deploy data-driven solutions to grow revenue from data assets. In addition to big data strategy and building new business models on data assets, Open Insights deploys data science, AI and ML, and big data solutions for large enterprises. Previously, he served as global chief data officer at Barclays in London after he launched the largest tech startup accelerator in MENA as executive chairman of Oasis500 in Jordan; held chairman and CEO roles at several startups, including Blue Kangaroo, DMX Group, and DigiMine; was the first person to hold the chief data officer title when Yahoo acquired his second startup in 2004, where he built the Strategic Data Solutions Group and founded Yahoo Research Labs; held leadership roles at Microsoft and founded the Machine Learning Systems Group at NASA’s Jet Propulsion Laboratory, where his work on machine learning resulted in the top Excellence in Research award from Caltech and a US government medal from NASA. Usama has published over 100 technical articles on data mining, data science, AI and ML, and databases. He holds over 30 patents and is a fellow of both the AAAI and the ACM. Usama earned his PhD in engineering in AI and machine learning from the University of Michigan-Ann Arbor. He’s edited two influential books on data mining and served as editor-in-chief on two key industry journals. He also served on the boards or advisory boards of several private and public companies including Criteo, InvenSense, RapidMiner, Stella, Virsec, Silniva, Abe AI, NetSeer, ChoiceStream, Medio, and others. On the academic front, he’s on advisory boards of the Data Science Institute at Imperial College, AAI at UTS, and the University of Michigan College of Engineering National advisory Board.

Photo of Troels Oerting

Troels Oerting

WEF Global Cybersecurity Center

Troels Oerting is a globally recognized cybersecurity expert. He serves on a number of corporate boards, including as nonexecutive director in key companies and in high-profile advisory roles. Troels has been working on the cybersecurity frontline for the last 38 years and has held a number of significant posts both nationally and international. Previously, Troels was group chief information security officer (CISO) and group chief security officer at Barclays, where he had end-to-end responsibility for all security in Barclays Group, leading the more than 3,000 security experts worldwide who protect the bank’s 50 million customers and 140,000 employees. Before joining Barclays, Troels was director of the European Cybercrime Centre (EC3), an EU-wide center located in Europol’s HQ tasked with assisting law enforcement agencies in protecting 500 million citizens in the 28 EU member states from cybercrime or loss of privacy. In this role, he also initiated the establishment of the international Joint Cybercrime Action Task Force (J-CAT) comprising global leading law enforcement agencies, prosecutors, and Interpol’s Global Centre of Innovation. The J-CAT has since been recognized as the leading international response to the increasing threat from organized cybercriminal networks. An expert in cybersecurity, Troels has constantly been looking for new legislative, technical, or cooperation opportunities to efficiently protect privacy and security for internet users, and he has been pioneering new methodologies to prevent crime in cyberspace and protect innocent users from losing their digital identity, assets, or privacy online. Troels was cyber advisor for the EU Commission and Parliament and has been a permanent delegate in many governance organizations, including ICANN, ITU, and the Council of Europe. He has also served as an advisor to several governments and organizations for cyber-related questions. Troels established a vast global outreach program that brought together law enforcement, NGOs, key tech companies, industry leaders, and academic research institutes to establish a multifaceted global coalition against cybercriminal syndicates and networks, with the aim of enhancing online security without harming privacy and inventing new ways of protecting internet users. Earlier in his career, Troels was assistant director for Europol’s Organised Crime Department and the Counterterrorist Department, as well as director of operations for the Danish Security Intelligence Service and director of the Danish Serious Organised Crime Agency (SOCA). Troels is an extern lecturer in cybercrime at a number of universities and business schools and has been recognized several times by global law enforcement agencies for his international leadership in fighting cyber and organized crime. He is author of a political thriller published in Danish: Operation Gamma.