Big Data

Big Data: The future of info security?

by Steve Durbin, Information Security Forum, June 3, 2013

Big Data analytics in information security is critical as it replaces the practice of reacting to incidents with the need to predict, understand and respond to complex events, says Steve Durbin of Information Security Forum. He details the benefits and challenges of using Big Data analytics for information security

According to IBM, 90 percent of the data in the world today has been created in the last two years. From social media, mobile devices and digital sensors to e-mails, images and videos, these vast sources of data create a potential goldmine of valuable information about people and their activities. 

Whilst the promise of actionable insight from data is not new — business intelligence and other analysis capabilities have long been present in many organizations — what is new is the rate at which the data is growing, the way the data is changing and the demands being placed upon it.

ENTER BIG DATA ANALYTICS

Solutions provided by Big Data analytics are those for which insights and answers arise from analysis of vast, complex or disparate data sources. This is a highly creative and iterative exercise and breaks away from the traditional methods.

Retail and consumer industries have been early adopters, actively analyzing databases of customer transactions to determine buying patterns and trends. This enables a better understanding of customers and helps in figuring out the correct product mix, product placement and pricing. Newer analyses of social media (known as social media intelligence) and other sources enable companies to measure the emotional connection that customers feel toward a brand.  This takes the analysis one stage further to allow understanding of the full range of emotions that go into making a buying decision.

HOW IT HELPS IN ENHANCING SECURITY

Big Data analytics enables organizations to process and analyze huge volumes of disparate and complex data — providing a step change from standard reporting and monitoring toward correlating and probing for insight into threats, risks and incidents. That resulting insight can lead to improved information security, greater organizational agility, better cyber resilience and decreased business impact. This capability is critical as the practice of reacting to incidents is replaced with the need to predict, understand and respond to complex events. 

SO WHY THE DELAY?

However, there are challenges. Solving the Big Data problem often means something different for information security than it does for traditional business analytics. In many cases, Big Data solutions are not designed to be real-time. For security analytics, speed is critical because the faster an organization can discover a security incident, the more quickly it can respond — and that can mean the difference between a fast recovery, and a prolonged, public acknowledgement of a data breach.  Unlike other areas of the business where a lack of real-time analysis doesn’t represent a major issue, in the information security world, the lack of real-time analysis of Big Data sets can make a massive difference to both data security and system availability.

So while pressure has been mounting on organizations to embrace Big Data because of the enormous insights and competitive advantage it can provide, it hasn’t all been good news. 

Computers are increasingly crunching numbers to find answers previously thought unknowable. And here lies a further issue: poor quality information or untested models can send organizations off course. Big Data in the cloud — and let’s face it, a significant amount of data for this kind of analysis either originates from cloud-based systems or is stored in the cloud — is also creating a host of new, highly attractive targets for the cybercrime fraternity and it isn’t just about stealing data, it is also potentially about changing that data to result in the wrong analysis outcome.

Organizations are also using Big Data analytics solutions for data mining, and many of the Big Data analytics implementations use cloud-based systems to store and process information. One of the issues with the data sets associated with the Big Data analytics is that they are an aggregation of information in an organization. Consequently, the personally identifiable information (PII) they contain can be highly detailed and should therefore be subject to the same assessments and protection as other cloud-based systems that contain PII, such as data masking and encryption. Yet more work for overstretched security departments.  

However, benefits of Big Data analytics in information security outweigh the challenges. For example, financial risk can be lowered by using Big Data analytics to detect fraudulent transactions, errors or evidence of non-compliance. Also, Big Data analysis can reduce information security risk by providing better attack detection, identification and intelligence.

Big Data analytics may well be able to improve information security to the extent that we have seen in the retail and consumer markets if the same sophisticated analysis can be applied to relevant security data. The really good news for information security, is that Big Data analytics 

comments powered by Disqus

Subscribe for Newsletter

Stay connected to the best business technology content every week. Subscribe to our daily newsletter now!

Slide Shows

Upcoming Webcast

Turning the Tables on Cyber Attacks

Join Trend Micro for this upcoming webcast as it will delve deeper on the cause and effects of these responses against cyber attacks. The Speakers will tackle existing real-world developments showing how market forces, private companies, and law enforcement agencies react to the ever-changing threat landscape. They will also discuss how these trends will settle into the global and local market and how cybercriminals are likely to exploit them. Speakers: Macky Cruz, Security Focus Lead, TrendLabs, and Paul Oliveria, Security Focus Lead, TrendLabs. Date & Time: September 4, 2014, 3:00pm India Time