Act and Think like an Epidemiologist to Combat Digital Diseases

Act and Think like an Epidemiologist to Combat Digital Diseases

The presentation will cover a very short history of epidemiology and the similarities between information security and modern epidemiology processes used in the surveying of populations for indicators of potential epidemics.

Instead of passively waiting for a breach to engage Incident Response, information security needs to engage in the constant day to day surveying of population data to find the digital disease pathogen before it becomes an epidemic. The key to preventing digital diseases today and well into the future, will be to copy the investigation and prevention techniques of the 19th century Dr. John Snow and the 21st century Center for Disease Control and Prevention Epidemiological Intelligence Service way of thinking. This presentation will walk the audience through an epidemiological analogy to better explain the differences between passive and active digital disease surveillance and inform the audience on an alternative way to speak to management and users in a understandable manner using medical analogies. The presentation will also introduce some visualization and graphing ideas to give the audience a starting point in epidigitalogy.

  1. Introduction to the Epidigitalogical Concept adapted from Epidemiology

a. How I stumbled across this Epidemiology based idea.

  1. Brief history of the birth of Modern Epidemiology.

a. Introduce Dr. John Snow and his process of determining cause of Cholera and a mitigating control.

  1. Describe the similarities between biological disease control and digital disease control

a. The never ending story of hosts versus pathogens in both bio and digital realm.

  1. Introduce audience to the research methods used at the Centers for Disease Control and Prevention's Epidemiological Intelligence Service.

a. The CDC has been so successful, we don't even notice it. How to replicate this in the security environment.

  1. Walk audience through an epidemiological analog that can be used to communicate their day to day processes and success to users and management.

  2. Explain the benefits gained at the CDC EIS from the process of proactive statistical analysis of non-malware related logs.

  3. Introduce the (S.I.R) Susceptibility, Infection, Recovery inspired graph as a means of tracking a large number of systems over long periods.

  4. Show using CDC EpiInfo against endpoint security logs to demonstrate that the lessons learned in the biology field can be used in the digital disease area.

  5. Show more graphing examples to illustrate the benefits of proactive statistical analysis of logs.

  6. Sources of inspiration:

a. Johnson, Steven Berlin. The Ghost Map (Penguin Books Limited, 2008)

b. Pendergrast, Mark. Inside the Outbreaks: The Elite Medical Detectives of the Epidemic Intelligence Service

c. CDC EpiInfo 7. http://wwwn.cdc.gov/epiinfo/

d. Epidemiology: The Basic Science of Public Health https://www.coursera.org/course/epidemiology

e. Epidemics Â<8a>Â<97>Â<96> the Dynamics of Infectious Diseases

https://class.coursera.org/epidemics-001

f. Kass-Hout,Tah and Zhang, Xiaohui. Biosurveillance: Methods and Case Studies (Taylor and Francis Group, 2011)

g. Dean, Andrew G. et al. Epi Info and OpenEpi in Epidemiology and Clinical Medicine: Health Applications of Free Software (Andrew G. Dean, 2010)

h. Weaver, Ph.D., Ann and Goldberg, M.D., Stephen. Clinical Biostatistics and Epidemiology made ridiculously simple (Medmaster, Inc., 2011,2012)

i. Fletcher, Robert H. and Fletcher, Suzanne W. Clinical Epidemiology: The Essentials (Lippincott Williams and Wilkins, 2005)

Presented by