What do false positives have to do with Cyber Security ?

What are false positives and negative positives ?

From Wikipedia https://en.wikipedia.org/wiki/False_positives_and_false_negatives

In medical testing, and more generally in binary classification, a false positive is an error in data reporting in which a test result improperly indicates presence of a condition, such as a disease (the result is positive), when in reality it is not present, while a false negative is an error in which a test result improperly indicates no presence of a condition (the result is negative), when in reality it is present. These are the two kinds of errors in a binary test (and are contrasted with a correct result, either a true positive or a true negative.) They are also known in medicine as a false positive (respectively negativediagnosis, and in statistical classification as a false positive (respectively negativeerror.[1] A false positive is distinct from overdiagnosis,[2] and is also different from overtesting.[3]

In statistical hypothesis testing the analogous concepts are known as type I and type II errors, where a positive result corresponds to rejecting the null hypothesis, and a negative result corresponds to not rejecting the null hypothesis. The terms are often used interchangeably, but there are differences in detail and interpretation due to the differences between medical testing and statistical hypothesis testing.

What conditions are we interested in ?

There is an area in our portal that is reserved for ” Trends “.

Trends of companies and trends of individuals.

At the moment we trend Internet availability but whilst being useful and valued by our clients this is only the start of where we are heading.

Once we understand ” normal activity ” from a company or individual on the network we are monitoring we can also tell abnormal activity.

A Cyber Attack is an example of abnormal activity.

Once seen we will flag this to the network manager or Cyber Security Officer.

Pin It on Pinterest