Security Analytics Repurposed for COVID-19 Monitoring

by Security Centric, on 17/03/2020 1:59:39 PM

The handy folk at Sumo Logic, behind the multipurpose security analytics tool, have used published data to present and dissect near real time data of COVID-19 spread. Data is broken down into active, new, total and deaths, with infection rates also a relevant indicator.

threat detection monitoring for covid-19

The budding analyst can also run their own queries and subqueries or call out certain stats for presentation on a wall monitor. Whilst relevant for many scenarios, the capability is useful for both operational views and incident visibility.

threat monitoring repurposed for covid19


Access the Live COVID-19 Dashboard


Whilst our specialty is not infectious diseases, the indicators relevant to understanding risk are similar to security incidents and trends. Often the total or current count of a particular metric is less of an indicator than say the rate of change or outlier multiple as a function of standard deviation. Rates, ratios, averages and similar statistical or mathematical functions work well to identify what is abnormal or should receive some focus, versus hardcoding threasholds or showing top x.

In this case, geographical data is supplemented with various categories of counts (confirmed, recovered, deaths, percentage, percentage of total), and overlayed with unstructured data from relevant authorities such as the WHO. This paints a rich picture on one or two screens to digest what is a complex, distributed and rapidly changing situation. The parallels to information security are obvious.


Finally, an actionable blog

The purpose of this blog is to make available the real-world lessons, experience, observations and mistakes that are part of the daily life of a group of cyber security professionals.

Read about:

  • What mistakes organisations are making (anonymously of course!)
  • What effective actions are available to quickly and economically achieve effective protection (without buying new kit)
  • Trends we're seeing, via our incident response and forensic investigation capabilities
  • And sometimes, just frustrations about what is wrong with cyber :|

Subscribe to Updates