Elisabeth Weber – Expel
Jane Doe isn’t the only sales rep at Acme Widgets who spends some of her weekends catching up on emails and unfinished tasks. In fact, since she’s been working remotely, she’s found it easier to fulfill the oft-competing demands of her home and family lives. She can get a lot done in what used to be her off hours.
But what if her logins begin occurring even outside her new work routines? What if they’re late at night? Are they actually an attacker using stolen credentials to access her account? And what if these unusual logins go undetected and Acme gets hit with ransomware or a data breach?
These are the types of scenarios facing Elisabeth Weber. As the principal data scientist at Expel, she builds the predictive models the company uses to alert its customers to potential cyberthreats and how to remedy cybersecurity issues.
“I love to take big messy data sets and use them to drive decisions—to make something from them while also finding ways to simplify them and make them easier for others to understand,” Weber says. “Data science can often be a black box, and in the security space, it’s incredibly important to be able to see why a model is making a decision.”
SOC it to them
Founded in 2016 by Dave Merkel, Yanek Korff and Justin Bajko, Expel is what’s called a managed detection and response provider. It uses the existing security products of customers to monitor their IT environments 24/7/365. If they identify a potential incident or vulnerability, Expel informs customers, takes action to stop malicious activity in progress, and offers solutions for the causes.
Expel offers MDR services for cloud platforms including Amazon Web Services, Microsoft Azure and Google Cloud, as well as on-premises infrastructure and software as a service, or SaaS applications.
Analytics and statistics are crucial to building the cybersecurity models Expel’s customers don’t always have the means or staff to do, Weber says.
Weber is a data scientist employing the traditional scientific method, beginning with an observation that leads to a question. That’s followed by testing the hypothesis and collecting data, analyzing the data, drawing conclusions, and reporting the results.
“We call it ‘optimizing the human moment.’ The data science life cycle is engineering, analysis, determining what’s predictive, and retrying models,” Weber says. “I work on building out the models that help with security operations center, or SOC, efficiency.”
AI and accessibility
As 2022 began, Weber was concluding research for a model to identify anomalous user behavior for Expel’s customers. In addition to detecting anomalous login patterns, the model analyzes things such as IP addresses and locations used for the logins and flags cases that are suspicious for a specific user. Once identified, the model also assesses and prioritizes the severity of threats.
Once the model is built, it will need testing that includes how large a workload the model puts on Expel’s SOC analysts, Weber says.
“The goal here is to combine automation and analyst expertise. We’re trying to provide analysts the most relevant information to help them make a decision,” she says.
All the models she makes need frequent updating to keep pace with emerging cyberthreats. So Weber uses
Arthur AI to monitor the quality of the models she builds—either to aid in explaining a model or uncovering flaws that could prevent understanding the severity of a cyberthreat.
“Arthur AI is great for detecting when it’s time to retrain a model. It can see if the data your model is currently processing has drifted from what you originally used to train the model,” she says. “Arthur AI also helps you understand why the model is making the decision that it makes. In the security space, it’s incredibly important to be able to see why a model is making a decision.”
She adds it’s just as important to have models that are easy for Expel’s analysts to understand and explain as they work with customers.
“Our analysts are my customers. I want the model to be understandable and used with confidence,” Weber says.
A tangible career
Growing up near Richmond, Virginia, Weber excelled at math. However, she was undecided on a major when she enrolled at Virginia Tech University—she wanted to use math tangibly, she says. Statistics was the best way to do that, and as data science was growing in popularity, Weber says she “kind of stumbled onto it.”
After earning her bachelor’s degree in statistics in 2014, she joined Nielsen, the company most known for compiling ratings on TV shows. In her first two years, she was an associate in its emerging leaders program helping to develop technology and process improvement solutions through data science.
Weber became a senior data scientist in 2016 and was lead data scientist when she joined Expel in April 2019. Away from the office, Weber says she and her husband enjoy hiking, and they’re expecting their first child in 2022.
“As the data science field grows, I want to ensure I’m always learning and developing, learning new techniques and new skills,” Weber says. “I can then share that knowledge and teach what I’ve learned, both within and outside the company. That’s something I really enjoy.”
View this feature in the Spring I 2022 Edition here.
Showcase your feature on your website with a custom “As Featured in Toggle” badge that links directly to your article!
Copy and paste this script into your page coding (ideally right before the closing