BIG DATA AND SECURITY ANALYTICS
The fast paced digitalization of businesses around the world are constantly straining the cyber security landscape. Companies are under risk of attacks more than ever before. And the attacks show no sign of decline. Big data analysis has the ability to create a barrier against cyber attacks. And it has the potential to redefine cyber security practices.
RISKS, THREATS AND MORE
One survey conducted several years ago, involving over 6000 businesses based in US and Europe, revealed that the number of companies targeted by cyber criminals rose to 43 percent as opposed to the previous year’s 38. The targeted companies experienced five or more attacks that year.
The financial impact varied from small to huge. Smaller companies, lacking resilience, were the worst hit. Some of the companies were hit so badly that their future was threatened and the danger of running out of business loomed in front of them. As many as five percent of the companies admitted to bearing costs of over $300,000 as a consequence of
cyber attack.
With the introduction and wide usage of cloud and mobile technology, the idea of corporate security perimeter has nearly disappeared in recent years. With this transition, the concept of security has also shifted from traditional perimeter protection tools to monitoring and detecting malicious activities within corporate networks.
With the passage of time, cyber criminals have evolved in great measure and adopted advanced technology to make inroads. For large scale operations, they have also learnt to enlist the support of insiders which makes their task easier and the victims fall smoothly into their trap. In this scenario, traditional methods of information security cannot catch up with the sophistication of modern day criminals. There is need, therefore, to rethink about the strategy for counter measures.
RETHINK, REDEFINE
For a long time, analysts have been contemplating about new strategies and new infrastructure that are impervious to attacks. They estimate 5 to 15 years of time before these alternative infrastructures with quantum computers could be implemented.
To have a secure system in place, appropriate strategy is required to address the imminent threats. Two key areas have been identified where swift action is needed.
1. A quantum cyber security ecosystem complemented
2. by a quantum literacy program for decision-makers.
3. Mature quantum-safe technologies together with
4. consolidated technical standards. A concerted effort is
5. required to avoid systemic risks to the digital ecosystem.
Analytics plays a key role in leveraging cyber resilience. Lately, cyber criminals have become fairly advanced and persistent in launching attacks and they employ newer and novel methods to achieve their purpose. The fact is organisations have to protect themselves from all sorts of attacks whereas the attacker only has to make a single successful attempt. This calls for rethinking and devising better and more efficient systems that can combat the ruthless and ever changing strategy of the hackers. Analysts have to think beyond the age old posture of Prevent-Detect-Respond. A greater dynamism and a sharper vigilance is needed for the future.
THE APPEAL OF BIG DATA ANALYTICS
Big data analytics has unique ability to keep threats at a distance in a system where the users are numerous and the activities countless. Big data can efficiently monitor the large set of activities and can, at the same time,prevent data breaches. Automating these processes can further minimize the data breaches and can speed up the recovery process in case of an attack.
The key feature of big data analytics is improved detection.This feature identifies continuously changing patterns, rapidly executes complex analysis,performs complex correlations across various sources ranging from server and application logs to network events and user activities. Such complex and intensive analyses can only be done by big data analytics.
When analysts will combine the current state of analytics with security, organizations will drastically improve their cyber resilience.
BIG DATA. A NEW CONCEPT
A new generation of security analytics has evolved in response to the challenges of security industry. These systems can collect, store and analyze huge amounts of data in real time and across the whole enterprise. With some additional enhancements and external threat intelligence, the new system analyzes the data using a set of algorithms. This complex but rapid activity enables the system to detect anomalies in the data which leads to identifying possible surreptitious activities of criminal intent.
Big data analytics also generates security alerts and tags them according to their severity. These alerts are then seen in conjunction with forensic details which greatly eases the job of threat detection and prompt mitigation of cyber attacks.
INFINITE POSSIBILITIES
Big data analytics so far is a great technological breakthrough in the realm of cyber security. Until recently, business intelligence algorithms for large amounts of data was only affordable to large companies. But now, it is a commodity even small companies who do not heavily rely on technology can easily procure and take advantage of. Frameworks like Apache Hadoop together with inexpensive hardware are now readily available. Companies of any size, even individuals, can utilize these for building big data solutions for collecting, storing and analyzing data in real time.
KEEPING AN EYE
A combination of real-time and historical analyses is of immense help in identifying new incidents that could be linked to others in the past. When this activity is merged with external security intelligence, analysts have an easy time identifying possible ongoing cyber attacks on the system.
The presence of a large amount of historical data is helpful in initial calibration of normal patterns of activity. Existing data gathered real time, is already capable of automated calibration. These two types of data, when examined together, help in identifying anomalies of data patterns. These anomalies eventually lead the analysts to possible suspicious activity which may translate intocyber attacks. Once identified, mitigating remains a matter of routine practice.
IDENTIFYING RELEVANT INCIDENTS
The algorithms of big data analytics can identify outliers and anomalies in security data which often point to the presence of malicious or suspicious activity.
Big data security analytics can further sift through the data and simplify data flow eventsinto manageable bits of concise and clear alerts. The exercise of analytics reduces large amounts of raw security data into manageable, concise and categorized alerts. This enables even an experienced person to make quick decisions on them. The system also retains historical data for analysis at later stage in case it is required. Forensic experts can examine the secured information in much more detail and can establish a link with the incident and other historical anomalies.
KEY FINDINGS
The study also provides a deeper understanding of the level of awareness and new approaches to information security. It also focuses on fraud detection in organizations all over the globe.
The study also focuses on the importance, contemporary advancements and future prospects related to initiatives of big data security analytics across different areas of businesses. It also brings to fore an overview of challenges and opportunities these initiatives have to offer. Furthermore, the study also summarizes about the range of technological facilities that can be utilized to address those challenges.
BELOW STATISTICS ARE BASED ON A SURVEY OF OVER 300 COMPANIES FROM MORE THAN
50 COUNTRIES ACROSS VARIOUS INDUSTRIES.
10% say they are not at risk of cyber threats
60% say cyber security threats have increased over the past year
15% companies think of themselves as best in Big Data Security Analytics
As of now only 20% of companies is using Big Data Security Analytics
THE BIGGEST CHALLENGES:
Data Privacy and Security – 50%
Costs – 45%
Relevant Data not collected – 35%
Inadequate analytical knowledge – 30%
Lack of resources and investment – 30%
Lack of awareness and management support – 30%
COMPANIES USING BIG DATA SECURITY ANALYTICS
5%
have low benefits
40%
have medium benefits
55%
have high benefits