Big data is now an issue and a challenge for IT security teams - but an emerging opportunity, according to a senior RSA exec.
Hundreds of IT decision-makers attended the
If you're not already familiar with the concept of 'big data', you may be surprised to learn how valuable it is becoming. Storing immense amount of data, from all aspects of enterprise activity, has only become feasible in recent years.
Some data sets are so large and complex that on-hand database management tools are simply being tossed aside.
If you happen to be within the field of IT then you'll already be going loopy hearing the buzz phrase. The term itself has surprisingly existed since being coined in the '90s by a veteran data analyst at
One of RSA's products is called 'Security Analytics' and it allows for in-depth analysis around big data, looking at all of the individual logs and packets at breakneck speeds. One of the recent big developments in the field is fusing third-party threat intelligence data into an organisation's
"You're definitely seeing analytic capabilities transforming security," said
"If you consider all of the information and data that comes into an information security centre; the events, the logs, packets, data loss-prevention feeds and other contextual information, then the SOC is now itself a big data location and an area where CIOs can leverage great value," he tells AMEinfo.
If you're correlating all of that information and making decisions in real-time, then you have to be able to do high-end computing. This includes things like asset criticality intelligence. At a simple level, if there is an event or alert from a critical server, that event should be kicked up to being a top priority.
"You're starting see more automation tying in with big data, that's really allowing for intelligent decisions based on all the information being collection."
"You're definitely seeing 'M2M' (machine-to-machine communication) and higher-end forensics within data analytics, but even at a higher level the biggest trend is that now risk is being evaluated at a much deeper layer. CIOs are telling their teams to evaluate risk from an IT, operational and business perspective," adds Thurmond.
Back-end to the future
RSA are encouraging the trend of companies' GRC (governance, risk and compliance) tools being fed into SOCs in order to refine contextual data and establish a prioritisation of workflow, but the future is the increasingly predictive nature of security analytics.
"It's really getting to that level, where the future of security is predictive," says Thurmond. "One very fast-emerging technologies is behavioural analytics. We have an asset we acquired from a company called Silver Tail, where we're now able to go in and get more accurate data on behaviour and click-stream analysis on web sessions."
If you're an e-commerce company or a financial institution, for example, RSA can look at all of the web session traffic in real-time and we can determine patterns that differentiate between a customer and criminal.
"We can look at the entirety of a website's traffic and determine a natural and normal pattern for a customer. We can also look at the history of that individual as a repeat customer. There's either an historical pattern or a trend consensus of the website," he explained to AMEinfo, following his keynote speech.
Consider a hack attempt where a promotional code is clicked 5,000 times with one second, in order to download some kind of coupon. Obviously a human being cannot do that. The behaviour sticks out like a sore thumb (and the assailant would have a sore finger). But a fraud team large enough to spot individual attacks is just not tenable. That's where machine speed and machine learning comes into play.
"Safety and security remain the topmost priority in the
"Information technology remains central to
Most Popular Stories
- AIG to Create 230 Jobs in Charlotte
- Bipartisan Negotiators Reach Modest Budget Agreement
- Russia Says Nyet to Canada North Pole Claim
- Justin Bieber Visits Typhoon Victims, Plays Concert
- Senate Dems Move Forward With Obama Nominees
- Obama Nominee Confirmed for D.C. Appeals Court
- New Obama Aide to Focus on Climate Change
- MasterCard to Split Shares, Raise Dividend
- GOP, Dems Strain to Unearth a Modest Budget Pact
- 15 Myths That Could Ruin Your Hispanic Ad Campaign