Security Analytics Repurposed for COVID-19 Monitoring
by Security Centric, on 17/03/2020 1:59:39 PM
The handy folk at Sumo Logic, behind the multipurpose security analytics tool, have used published data to present and dissect near real time data of COVID-19 spread. Data is broken down into active, new, total and deaths, with infection rates also a relevant indicator.
The budding analyst can also run their own queries and subqueries or call out certain stats for presentation on a wall monitor. Whilst relevant for many scenarios, the capability is useful for both operational views and incident visibility.
Whilst our specialty is not infectious diseases, the indicators relevant to understanding risk are similar to security incidents and trends. Often the total or current count of a particular metric is less of an indicator than say the rate of change or outlier multiple as a function of standard deviation. Rates, ratios, averages and similar statistical or mathematical functions work well to identify what is abnormal or should receive some focus, versus hardcoding threasholds or showing top x.
In this case, geographical data is supplemented with various categories of counts (confirmed, recovered, deaths, percentage, percentage of total), and overlayed with unstructured data from relevant authorities such as the WHO. This paints a rich picture on one or two screens to digest what is a complex, distributed and rapidly changing situation. The parallels to information security are obvious.