# Blame the Poisson

I recently met Mark Rodbert, CEO of Idax Software, who has an interesting theory on statistics. We often see the ‘Normal’ bell-shaped distribution – where the top of the bell represents the most likely outcomes, and the left and right tips (outliers) are rare events. Rodberts believes real world events are more likely to follow a Poisson distribution – and this has implications for IT. In this guest blog, Rodbert explains the theory:

At idax we spend a lot of time demonstrating that maths really can help describe the real world. As idax uses mathematics to identify individuals with unusual access it’s pretty important that our clients share our understanding.

Of course, people are used to getting on planes, making a phone call or using Amazon, all of which require pretty sophisticated analytics, but in the realms of big data some things are still counter intuitive. If we got two sales leads last week and 1 the week before we’re on an upward trend, if my train was late twice last week, it will be late this week, and most importantly for us, if I find several people with a high risk profile in their access then someone must be someones fault.

London 2012 – Mo Farah (Photo credit: garda)

But how likely really are these events. Well it turns out that what we need is not someone to blame, but the Poisson distribution. The Poisson is a very versatile statistical tool rather like a lopsided normal distribution, that is good for estimating event frequency, especially if the events are rare. And my all time Poisson concerns the distribution of gold medals for Team GB at the London Olympics. It seems strange to remember that at the start of the games we went a whole three days without a British gold medal. As the press shrieked that we were heading for disaster, unable to meet our targets despite massive investment, the nation held its breath. So what really were Mo Farah’s chances?

Well, as we all now know, actually pretty good. Of course only an idiot would assume that winning 29 medals over 16 days should equate to 2 every day with Sundays off, but how likely was a medal-less day. Well if you assume a Poisson distribution and take an average of 1.8 a day, the chance of a day with no medals is 16%. The chances of a super Saturday with 6 medals were actually 7%.

The bad news is that, as you can see from the chart above the Poisson doesn’t quite fit what actually happened. The good news is that a day without any golds was actually more likely at 38% of all days. The least likely (below 5) was a single gold day, which only happened once. The last day of the boxing, since you ask. So why does any of this matter? Because it shows that human beings are very bad at estimating how frequently things are likely to happen. We assume that events are evenly distributed and get confused when they’re not. Not much of a problem with gold medals; quite a big problem when you’re tying to detect fraud, rogue trading and high levels of access risk. We assume that because unusual failures are, well, unusual they are also uniformly infrequent.

So when it comes to Access and Identity Management its clear that an approach that defines cumulative controls by exception management, otherwise known as “my boss checks my access” – will perform well with the frequent but not so bad but does nothing to stop the infrequent but high risk. So the good news is that if you ask your staff why they have access to something you’ll probably remove a few copies of Visio, but you’re unlikely to spot the guy with access to the general ledger and the payments system who’s ripping the company off. Which just goes to show that what companies need is real analytical capability, and of course a bit of mathematics.

Mark Rodbert is CEO of Idax Software, the identity analytics software provider

#### Start the conversation

Send me notifications when other members comment.

## SearchCIO

• ### Trying to wrap your brain around AI? CMU has an AI stack for that

In this episode of 'Schooled in AI,' Andrew Moore, dean of the School of Computer Science at Carnegie Mellon University, talks ...

• ### Some may not know it, but companies want CIOs with cloud expertise

Organizations know what benefits cloud computing can bring -- and they're seeking out IT leaders with cloud expertise to make ...

• ### 'Patient journey' propels hospital's digital transformation

The chief innovation officer at Boston Children's Hospital explains how digital technologies are changing the 'patient journey' ...

## SearchSecurity

• ### Gemalto Sentinel flaws could lead to ICS attacks

Security researchers found 14 vulnerabilities in Gemalto Sentinel hardware tokens which could allow dangerous ICS attacks, ...

• ### Intel Meltdown patches pulled with little explanation

Intel claims it has determined why the Spectre and Meltdown patches caused issues on some chips. The vendor is working on a fix ...

• ### Insider threat behavior: How to identify warning signs

Enterprises can prevent insider threat incidents if they know what to look for. Peter Sullivan explains the precursors to and ...

## SearchNetworking

• ### ThousandEyes-Juniper pact focuses on hybrid WANs

ThousandEyes and Juniper boost visibility for hybrid WANs; IDC records sharp rise in cloud spending; and a vendor group issues ...

• ### ExtremeLocation latest addition to Extreme wireless portfolio

Extreme Networks is targeting retailers with a new set of services, called ExtremeLocation. The latest technology adds ...

• ### Take network configuration management tools to the next level

Script management systems and intent-based networking are driving the future of network configuration management tools, shifting ...

## SearchDataCenter

• ### Three requirements for a hybrid cloud computing deployment

As the hybrid cloud computing approach gains steam, organizations will need to pay close attention to cross-cloud connectivity ...

• ### Five debunked myths about SSD issues

Solid-state drives are mature now, and the technology has eclipsed hard disk drives with superior performance, manageability and ...

• ### Future data center trends hinge on the edge, cloud and staffing

Edge computing, colocation, cloud and IT staffing issues lead the way as industry analysts make their predictions for the future ...

## SearchDataManagement

• ### How AI and IoT will influence data management in 2018

AI and IoT will alter the data management landscape in 2018, according to analyst James Kobielus. AI will need regular updates, ...

• ### Apache Hadoop 3.0 goes GA, adds hooks for cloud and GPUs

Is this the post-Hadoop era? Not in the eyes of Hadoop 3.0 backers, who see the latest update to the big data framework ...

• ### Expert: For BI, you must know the data integration process

Understanding the data integration process is central to self-service BI and data architecture design, consultant Rick Sherman ...

Close