Ryan Hohimer

Ryan Hohimer
Ryan has been working with “Big Data” before “Big Data” was cool. Dealing with the challenges of managing massive data sparked his interest in metadata, Semantic Web Technologies (SWT) and Knowledge Representation and Reasoning (KR&R) -- which led to the development of the technology behind DarkLight's patented reasoning engine. Ryan is Co-Founder and CTO of Champion Technology Company.

Recent Posts

Modeling The Storm of Cybersecurity Data

Modeling The Storm of Cybersecurity Data

Consider the job of the weather person. It used to be that a weather forecast was almost unusable because of low accuracy. But now, it is commonplace to put a reasonable amount of faith in the forecast. Really, not that long ago, we used an almanac to get a sense of the weather. My, how things have improved!

I actually rely on the forecast I access on my smartphone. Why is the prediction so much better today than it was in the past?

Read More »

Cybersecurity Tower of Babel

Cybersecurity Tower of Babel

Cultures and Languages

If you think there is an easy solution to the complex problems of cybersecurity and cyber defense, you need to think again. There is no easy button for cybersecurity; no quick solution for cyber defense.

One of the reasons that it is so hard is that there are so many different perspectives and viewpoints. And, each of those perspectives can have their own verbiage, terms, and languages. I mean let's face it, if you want to be proficient in a foreign land, you have to learn the culture and language. There is no easy shortcut.

Read More »

Deviation From Normal Does Not Always Mean Malicious Intent

Deviation From Normal Does Not Always Mean Malicious Intent

An approach to solving cybersecurity problems is to use machine learning to baseline normal behaviors so that deviations from normal can be identified.  This, at first glance makes perfect sense.  However, there are flaws that must be considered and avoided. 

Threat Intelligence: Non-Malicious Deviations

One of the flaws is that deviations from normal may not be malicious in nature. They may reflect new behaviors that are non-malicious in nature. For example, new software, new policies, new scope of work, or any other of a myriad of changes may cause a deviation from normal. 

Read More »

Are You Fighting the Cyber Battle or the Overall War?

Are You Fighting the Cyber Battle or the Overall War?

From Mental Models to Computational Models

It used to be that a diligent team of analysts with some programming skills could do a respectable job of protecting an enterprise on their own. They knew enough of the specific threats, the specifics of the enterprise, and the specifics of the enterprise network, that they could monitor for problems and mitigate those problems. Unfortunately, the volume and voracity of the threats has grown. The variety of business models has expanded. The complexity of enterprise network topologies has increased. These factors mandate that cybersecurity solutions evolve. Cybersecurity teams must upgrade to a better strategy.

No longer are one-off scripts and the programming of lookup tables adequate to face the criminal elements. The risks and liabilities are just too high.

Read More »

Cybersecurity Analysts - Give Credit Where Credit is Due

Cybersecurity Analysts - Give Credit Where Credit is Due

Some cybersecurity analysts amaze me. In fact, in broader terms, experts amaze me. When you see an expert in action they frequently make very difficult things seem so simple. Their experience has honed their skills to the point they can understand very confusing scenarios. In particular, cybersecurity experts can intuitively recognize suspicious actions and network conditions that mere mortals can’t. 

They are so impressive because they have learned in great detail the ins and outs of their enterprise’s network, the enterprise business, and the people of the enterprise. Somehow, they are able to recognize suspicious and malicious things seemingly instinctually. 

Read More »

The Big Picture....Belief Propagation with a Common Object Model

The Big Picture....Belief Propagation with a Common Object Model

Ever heard someone use phrases like “I put two and two together,” or “I started to connect the dots?” What is usually meant is that in the examination of the facts at hand an understanding of a feasible explanation is forming. By considering details, a bigger picture can be formed. 

Belief Propagation Network

A belief propagation network (BPN) is a network where messages are passed through a series of nodes in a graph.

Read More »

Can We Possibly Write Cyber Security Intelligence Software that Thinks?

Can We Possibly Write Cyber Security Intelligence Software that Thinks?

Artificial Intelligence in Cyber Security 

This has been the endeavor of many before me, and probably many after me. My hope is that someone, or some group, cracks the barrier to true  cyber security intelligence in my lifetime. It will be a cool thing to witness.

In the meantime, we will continue to write less than true Artificial Intelligence code in order to approach the goal. The phrase "fake it 'til you make it" comes to mind. We can mimic the cognitive processes until we actually author cognition.

Read More »

Do Complex Cybersecurity Issues Cause You Chaos?

Do Complex Cybersecurity Issues Cause You Chaos?

Cybersecurity is really complicated. It is a topic of massive amounts of minute details. From those details, incredibly important big pictures must be formed. Cybersecurity is the art of being situationally aware in chaos.

Software engineering is really complicated. It is a topic of massive amounts of ones and zeros. From those bits (1s and 0s) helpful applications must be formed. Software engineering is the art of creating knowledge from big data formed of bits.

Cybersecurity is inherently complex, as is the world of software. How do we make complex things less complex? How do we "get our heads around" all the things in the cyber domain?

Read More »

Artificial Intelligence Saccades in Cybersecurity

Artificial Intelligence Saccades in Cybersecurity

The human perceptual systems are pretty darned amazing. Without our conscious control the brain acts to gather the information needed to construct and mold our perception of reality.

Consider our vision. When something first catches our eyes our brains begin to try and figure out what it is we are seeing. Unconsciously our brain starts jerking our eyes about to gather the information needed to correctly classify that something. This is known as "saccadic eye movement" or "eye saccades".

When we first see a face, our motor cortex takes control over our eyes in order to collect up corroboratory information. Basically, our brain says, "If this is a face, I should see a nose here, an eye here, another eye over here, and a mouth here." Each time the eyes jerk from one location to another, they are collecting information that can confirm or nullify that you are looking at a face.

Read More »

Artificial Intelligence for InfoSec in Cybersecurity is Here (...To Stay)

Artificial Intelligence for InfoSec in Cybersecurity is Here (...To Stay)

Artificial Intelligence for InfoSec (AI) has wavered up and down in reputation over the decades. Sometimes it is seen as being on the brink of great breakthroughs. At other times it is seen as an impossibility. My opinion is; it’s already here. Mostly due to my definition of AI.

Defining Artificial Intelligence for InfoSec

Alan Turing’s definition was written in his paper “Computing Machinery and Intelligence.” He proposed a test that defined AI by judging whether or not the behavior of the machine was indistinguishable from that of a human.

Read More »

Subscribe to Email Updates

Subscribe via RSS to the blog

Recent Posts