Welcome!

Cloud Security Authors: Maria C. Horton, Elizabeth White, Liz McMillan, Ravi Rajamiyer, Pat Romanski

Related Topics: Cloud Security, Java IoT, Microservices Expo, Linux Containers, Agile Computing, SDN Journal

Cloud Security: Article

Security Threats Continue to Grow

How Big Data and Machine Learning Can Work Together to Solve Security Threats

They read like a list of horror stories for businesses big and small alike. Sony’s PlayStation Network is hacked twice, exposing the personal information of 77 million customers. Zappos becomes the victim of a hack that exposes the addresses and phone numbers of 24 million people. Up to 81 million Yahoo email customers’ passwords are compromised, forcing the company to tell its users to reset them immediately. 110 million customers are affected when hackers infiltrate Target, and PIN numbers and credit card information are stolen. But these stories of major security breaches aren’t works of fiction--they actually happened, and it’s a concern businesses all over the world live with. Many companies are now turning to big data and machine learning as a way to tackle these risks and make sure valuable data is protected at all times.

Dealing with IT security issues is certainly nothing new for businesses. Computer viruses, malware, worms, and other threats have been around for a while, forcing companies to come up with solutions to either eliminate them or minimize the damages they cause. Much of this approach has been reactive in nature, essentially identifying a new threat or tactic hackers are using and developing the means to fight it. Older security systems had to search through smaller clusters of data to identify patterns that might indicate an attack, but the systems required significant resources and time to work, and even then their success rate was hit-and-miss. Systems were usually finding themselves being left behind by would-be attackers, forced to play catch-up in a game with a lot at stake.

With the growth of big data, data security has become even more complex and difficult to manage. More and more data is being created around the world, and trying to sort through all of it to identify security risks would tax older systems immensely. With new solutions desperately needed, many experts turned to machine learning. In simple terms, machine learning is a system that performs certain tasks by continuously learning from data without the need for specific programming. Machine learning can be used to detect security threats by sorting through all that data, something that simply wasn’t possible to that extent several years ago. Unlike traditional systems, which can get bogged down the more data they have to sort through, machine learning can actually get better if more data is added.

The way machine learning is able to detect security threats is by going through the data and identifying the signs and code that point to potential risks. This in turn creates a profile of what to look for, allowing machine learning and security systems to be able to predict and act on threats before they even happen. Essentially, machine learning can be used for security in much the same way it is used for advertising and marketing, targeting certain features it has determined through pattern recognition and using behavioral analytics to make more accurate predictions. This analysis is not only able to capture the hard data involved in security risks, it captures the context of risky events and can connect the relationships of those events to better understand just how threatening the risk actually is. This entire process takes less time than traditional systems and does not slow down productivity.

Threat detection through machine learning and big data was once out of reach for smaller businesses due to cost concerns and personnel requirements, but as these technologies have matured, smaller operations are now getting more access through big data cloud technology. The advances in recent years makes the utilization of machine learning possible for smaller security teams. In fact, security threat detection through machine learning is more of a hands-off process since machine learning systems undergo training on their own. The system is always learning, populating training sets to always get better at detecting security risks, even if they are new. The processing power and storage capabilities needed for machine learning are also within reach for small businesses thanks to advances in flash storage. The growing adaptability for companies makes security more robust and predictive instead of reactive.

There will never be a way to completely eliminate all security threats. Hackers and malware artists will always be looking for news ways to infiltrate and steal corporate information. But with a better understanding of the ways big data and machine learning can work together toward addressing this common problem, security breaches will be rarer and not as painful as those that have happened in recent years. A more secure future is definitely possible through machine learning.

More Stories By Gil Allouche

Gil Allouche is the Vice President of Marketing at Qubole. Most recently Sr. Director of Marketing for Karmasphere, a leading Big Data Analytics company offering SQL access to Apache Hadoop, where he managed all marketing functions, Gil brings a keen understanding of the Big Data target market and its technologies and buyers. Prior to Karmasphere, Gil was a product marketing manager and general manager for the TIBCO Silver Spotfire SaaS offering where he developed and executed go-to-market plans that increased growth by 600 percent in just 18 months. Gil also co-founded 1Yell, a social media ad network company. Gil began his marketing career as a product strategist at SAP while earning his MBA at Babson College and is a former software engineer.

IoT & Smart Cities Stories
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessio...
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, compared the Jevons Paradox to modern-day enterprise IT, examin...
While the focus and objectives of IoT initiatives are many and diverse, they all share a few common attributes, and one of those is the network. Commonly, that network includes the Internet, over which there isn't any real control for performance and availability. Or is there? The current state of the art for Big Data analytics, as applied to network telemetry, offers new opportunities for improving and assuring operational integrity. In his session at @ThingsExpo, Jim Frey, Vice President of S...
Rodrigo Coutinho is part of OutSystems' founders' team and currently the Head of Product Design. He provides a cross-functional role where he supports Product Management in defining the positioning and direction of the Agile Platform, while at the same time promoting model-based development and new techniques to deliver applications in the cloud.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settl...
@CloudEXPO and @ExpoDX, two of the most influential technology events in the world, have hosted hundreds of sponsors and exhibitors since our launch 10 years ago. @CloudEXPO and @ExpoDX New York and Silicon Valley provide a full year of face-to-face marketing opportunities for your company. Each sponsorship and exhibit package comes with pre and post-show marketing programs. By sponsoring and exhibiting in New York and Silicon Valley, you reach a full complement of decision makers and buyers in ...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
LogRocket helps product teams develop better experiences for users by recording videos of user sessions with logs and network data. It identifies UX problems and reveals the root cause of every bug. LogRocket presents impactful errors on a website, and how to reproduce it. With LogRocket, users can replay problems.
Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secu...