|By Stephen Boyer||
|September 6, 2014 10:00 PM EDT||
Arriving at Actionable Insight: The Role of Big Data in Threat Detection
According to Gartner, Big Data refers to "high volume, high velocity, and/or high variety information assets" - and, this is the key - "that require new forms of processing to enable enhanced decision making, insight discovery and process optimization." While Big Data may seem like an invaluable tool that all security teams should try to leverage, it is not practical for everyone to attempt to harness it on their own. Finding insight from data is rarely as simple as it seems. We are still in the early stages of the Big Data revolution, with people only now beginning to understand what is possible, and what it takes to get there. Simply investing in tools and development is not enough. The fact is security teams are still struggling to identify and respond to incidents in an effective way. The Verizon Data Breach Investigations Report of 2013 noted that outside parties, whether it be a telecom provider, credit card issuer, third-party vendor or the FBI, were responsible for 70% of data breach notification, demonstrating that security teams are still missing the signs of detrimental threats that face organizations each and every day.
There is clearly promise in Big Data, but how do organizations get there? First, there is a need for human talent and expertise, as tools alone are not enough. Beyond creating a security operations center (SOC) to coordinate a cyber security strategy, it is critical for organizations to employ a data scientist or someone who is capable of consuming and analyzing the information to create effective models for identifying threats. Unfortunately, there is a vast talent gap in the field of data science, particularly at the intersection of data and security. There are also technical hurdles preventing development. Integrating high volumes and varieties of data sources and formats, both internal and external, into a security framework requires both technical expertise and resources. In many ways, these programs are for select organizations. Enterprises must facilitate financial resources, technical know-how, and data science expertise to execute a holistic and effective Big Data program.
The promise of Big Data lies not in the collection of millions of records, but in the ability to derive insight, reduce risk, and improve future security performance. So, if the barriers to an internal Big Data program are high, but the potential benefits are great, how do we arrive at the insight needed to reduce risk and improve future security performance? Fortunately, there are options available for organizations to gain these advantages without having to make the commitment to a full-scale Big Data program.
One emerging option is the possibility of Big Data as a Service (BDaaS). Through the perimeterless nature of the Internet, vendors can access, analyze, and provide actionable insight into potential - or even future - threats. For example, card issuers often turn to outside vendors for Common Point of Purchase (CPP) analysis to detect potential fraud associated with theft or breach. By outsourcing the collection and analysis, businesses can streamline their path to insight.
Organizations of all sizes face challenges of data collection and analysis on a daily basis. In order to gain insight from data, companies must invest in the tools, strategies, and staff needed to make sense of accessible information. Once the appropriate protocol is in place, insight from Big Data may function as a way of reducing risk, protecting enterprises from our hostile threat landscape.
Nov. 26, 2014 04:15 PM EST Reads: 721
Nov. 26, 2014 04:15 PM EST Reads: 360
Nov. 26, 2014 04:00 PM EST Reads: 694
Nov. 26, 2014 04:00 PM EST Reads: 774
Nov. 26, 2014 04:00 PM EST Reads: 833
Nov. 26, 2014 04:00 PM EST Reads: 859
Nov. 26, 2014 03:45 PM EST Reads: 849
Nov. 26, 2014 03:15 PM EST Reads: 623
Nov. 26, 2014 02:00 PM EST Reads: 1,411
Nov. 25, 2014 09:30 PM EST Reads: 1,165
Nov. 25, 2014 09:30 PM EST Reads: 1,213
Nov. 25, 2014 07:00 PM EST Reads: 1,264
Nov. 25, 2014 04:30 PM EST Reads: 1,287
Nov. 24, 2014 07:00 PM EST Reads: 1,604
Nov. 24, 2014 12:00 PM EST Reads: 1,489
Nov. 24, 2014 11:00 AM EST Reads: 1,622
Nov. 24, 2014 09:00 AM EST Reads: 1,637
Nov. 23, 2014 07:30 PM EST Reads: 1,821
Nov. 23, 2014 12:00 PM EST Reads: 1,761
Nov. 23, 2014 07:45 AM EST Reads: 1,786