Every year, new challenges in tech security emerge, with hackers finding new vulnerabilities and exploiting those that have gone unpatched. But with advances in machine learning and analytics, security operatives are getting some new tools of their own for the fight.

Sue Barsamian, SVP and GM of HPE Security Products at Hewlett Packard Enterprise Co. (HPE), sat down with Dave Vellante (@dvellante) and John Furrier (@furrier), cohosts of theCUBE, from the SiliconANGLE Media team, to discuss the persistent security challenges, new attitudes toward network securing and changing the way CSOs think of their opposition.

Changes in thinking

Leading with a look forward, Barsamian stated, “We really need machine learning and behavioral analytics in order to identify suspicious behavior,” feeling that as the technology evolved, it would offer more viable solutions to counter the actions of hackers.

At the same time, she said, customers are becoming more aware of the realities of security. “There’s not a customer that I meet today that doesn’t assume compromise,” she noted. “And if you think about that, that’s a massive fundamental shift from two years or even one year ago.”

But that shift in thinking should not be limited to the customers with something to lose, Barsamian added. “We need to think of the hackers and the adversaries [as] running businesses for financial gain and profit. They have a complete structure, they have R&D teams, they have marketplaces … the more you understand how they build their organization, and how their profit pool and business model looks like, the more you’re then able to disrupt it.”

Fighting back

With the changing security frameworks for customers, new options are emerging to lessen value impact even if hackers do get past defenses, Barsamian explained. “There’s no reason [to remain vulnerable] these days; if they’re after your intellectual property … you can render it valueless, even if they get it,” she said.

And as the amounts of data harvested by companies are ballooning with IoT and similar environments, she feels, “The whole category of data security, in the context of compromise, is becoming increasingly more important.”

While Barsamian and other security operatives are “increasing our capacity to detect the unknown with both analytics and machine learning … there are many data points, and so the important thing is that analytics is not a ‘one size fits all,’ but it is ‘what are the use-cases that you need to look at?’ and for that particular use-case, ‘what’s the data science that will help you identify the anomaly, and what are the sources of data that you need to analyze to do so?’”

Data-swamped futures

Looking further ahead, Barsamian identified “IoT, seas of sensors [and] collecting data from the edge” as what would likely be the next big points of interest for security.

But with these exciting technologies, customers can’t simply expect their security divisions to take care of things and let the solutions come to them. As Barsamian explained it, “What we would like to see is compliance equaling security. And what we see in many cases is compliance as complexity and cost, but [that] doesn’t actually translate into a secure environment.”

Watch the full interview below, and be sure to check out more of SiliconANGLE and theCUBE’s coverage of HPE Discover 2016.

Photo by SiliconANGLE