Story image

Preparing for the Big Data revolution

18 Jan 13

RSA, The Security Division of EMC, have warned that Big Data will be a driver for major change across the security industry and will fuel intelligence-driven security models.

Expected to dramatically alter almost every discipline within information security, RSA predicts Big Data analytics will likely have market-changing impact on most product categories in the information security sector by 2015.

Impacts includes SIEM, network monitoring, user authentication and authorisation, identity management, fraud detection, governance, risk and compliance systems.

“Big Data is changing the nature and addressing the limitations of conventional security controls such as signature-based anti-malware and firewalls as well as rules-based identity and access management tools," says Sam Curry, chief technology officer, RSA.

"Big Data is being applied in new ways to enable security controls that are adaptive, risk-based and self-learning so that security is continuously evaluated and the level of protection is automatically adjusted based on changing environmental and risk conditions.

"The discovery of and response to threats and fraud therefore can become more predictive as a richer view of user identities and complex data flows comes together to give a data-driven perspective of what normal versus aberrant behavior looks like.”

RSA believes changes driven by Big Data have already begun, predicting leading security organisations will deploy commercial, off-the-shelf Big Data solutions to support their security operations during 2013.

Previously, the advanced data analytics tools deployed within SOCs were custom-built, but 2013 marks the beginning of the commercialisation of Big Data technologies in security, a trend that will reshape security approaches, solutions, and spending over the coming years.

Longer term, Big Data will also change the nature of conventional security controls such as anti-malware, data loss prevention and firewalls according to RSA, who predicts within three to five years, data analytics tools will further evolve to enable a range of advanced predictive capabilities and automated real-time controls.

“In the coming year, top-tier enterprises with progressive security capabilities will adopt intelligence-driven security models based on Big Data analytics," says Eddie Schwartz, chief information security officer, RSA.

"Over the next two to three years, this security model will become a way of life.”

Below are RSA's six guidelines to help organisations begin planning for the Big Data-driven transformation:

• Set a holistic cyber-security strategy – Organisations should align their security capabilities behind a holistic cyber security strategy and program that is customized for the organization’s specific risks, threats and requirements.

• Establish a shared data architecture for security information – Because Big Data analytics require information to be collected from various sources in many different formats, a single architecture that allows all information to be captured, indexed, normalized, analyzed and shared is a logical goal.

• Migrate from point products to a unified security architecture – Organisations need to think strategically about which security products they will continue to support and use over several years, because each product will introduce its own data structure that must be integrated into a unified analytics framework for security.

• Look for open and scalable Big Data security tools – Organisations should ensure that ongoing investments in security products favor technologies using agile analytics-based approaches, not static tools based on threat signatures or network boundaries.

New, Big Data-ready tools should offer the architectural flexibility to change as the business, IT or threat landscape evolves.

• Strengthen the SOC’s data science skills – While emerging security solutions will be Big Data ready, security teams may not be.

Data analytics is an area where on-staff talent is lacking. Data scientists with specialised knowledge in security are scarce, and they will remain in high demand. As a result, many organisations are likely turn to outside partners to supplement internal security analytics capabilities.

• Leverage external threat intelligence – Augment internal security analytics programs with external threat intelligence services and evaluate threat data from trustworthy and relevant sources.

Are you prepared for Big Data? Tell us your plans below

Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Hands-on review: The Logitech R500 laser presentation remote
With a clever ergonomic design, you’ll never have to glance at the device, unless you deliberately look to use the built-in laser pointer to emphasise your presentation.
Noel Leeming slapped with $200,000 fine for misrepresentation
“This prosecution related to multiple consumers in multiple locations. It was not isolated or ‘one off’ conduct.”
Review: Should you buy the Fitbit Charge 3?
If you are new the to the world of wearables you might be wondering if Fitbit’s new offering is a good first step. Maybe I can help with that.
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Dell dominates enterprise storage market, HPE declines
The enterprise storage system market continues to be a goldmine for most vendors with demand relentlessly rising year-on-year.
Lenovo DCG moves Knight into A/NZ general manager role
Knight will now relocate to Sydney where he will be tasked with managing and growing the company’s data centre business across A/NZ.
Avnet to boost AI/IoT solutions with acquisition
The acquisition of Softweb Solutions adds software and artificial intelligence to Avnet’s ecosystem and bolsters its IoT capabilities.