At the 10th IEEE International Conference on Data Science and Advanced Analytics (DSAA 2023), I presented the paper A Data-Driven Approach for Risk Exposure Analysis in Enterprise Security, focusing on advancing proactive cybersecurity strategies within Security Operation Centers (SOCs).
The work addresses the limitations of traditional security tools such as SIEM and IDS, which are primarily designed for reactive threat detection and struggle to cope with the increasing volume and complexity of modern cyber threats. In particular, the research highlights how attackers increasingly target the human element as the most vulnerable point in the attack chain.
In this study, I introduced a data-driven framework that models user and entity behaviour during the early stages of the attack lifecycle. The system estimates the probability of an entity being exposed to a threat actor during the delivery phase, enabling earlier detection of risk and providing actionable insights for targeted mitigation.
The approach was validated in a real-world environment through controlled phishing simulations, demonstrating its effectiveness in identifying high-risk entities and improving anticipation capabilities. This work contributes to shifting enterprise security from reactive detection towards proactive, behaviour-driven risk prevention.