Is big data security analytics still a thing? A handful of years ago security and big data were mentioned in the same breath as one might say peanut butter and jelly, and big data security analytics was the buzz phrase that was buzzing the most loudly in every corner of the security industry. Perhaps the security big data analytics hype machine hit its most fevered pitch in 2013.
Today, we don’t hear quite as much about “security big data.” But that doesn’t mean that it’s no longer relevant. To tweak a phrase familiar from Gartner, the hype is cycling down from the peak of inflated expectations and, hopefully, heading to the plateau of productivity.
Big data security analytics is about using security analytics to improve security and obtain value from cybersecurity efforts. It’s about helping security teams to focus on the threats, vulnerabilities, and security controls that matter. A good big data security analytics program should help organizations do just that.
In the CSO story "Analyze this, and that: CSOs latch on to better data tools ,"Peter Miller, CSO at Orange County, Florida, explained to CSO’s Michael Fitzgerald just how important security analytics has become to his job. “Security is all about the metrics, too, and analytics will give you that. You're logging it and can quantify it," said Miller. "I can't imagine doing my job without analytics," he said.
That could explain why, according to the research firm Markets and Markets, that the global security analytics market will be worth $3.22 billion by the year 2018. By some estimates, the security analytics market is growing just shy of 7.8% annually.
The federal government has been a big investor in security analytics capabilities. Following the National Security Agency contractor Edward Snowden classified information disclosure that hit the NSA a couple of years ago, the NSA quickly moved to improve its security and monitoring capabilities, according to an interview with NSA CIO Greg Smithberger. As a result, the NSA now relies more on behavior analytics to help protect a private cloud that provides storage, computing and operational analytics to intelligence agencies.
Many would expect big government agencies to have the budget and skillsets to benefit from big data security analytics. But can security analytics, and even machine learning, help regular enterprises to detect and respond to attacks more quickly? It already is, whether or not the enterprise is already aware of that fact, because many of the tools security professionals use are increasingly relying on analytics and machine intelligence. According to Mary Branscombe’s story, "How much security can you turn over to AI?," security vendors are trying to use deep learning to understand better how malware acts, so that attacks can be spotted in real time.
Still, many enterprises are relying on security analytics to detect attacks and breaches. “Most organizations lack visibility; if you can’t see it, you can’t protect it. We can detect outliers,” Splunk’s Matthias Maier told Branscombe. “We summarize similar users who have similar behavior and then we show that, and if there’s an outlier who has always behaved similarly but is now behaving differently? That’s an anomaly you want to look at.”
How are you planning to use security data analytics to find, collect, and analyze the right information and get it into the hands of analysts that can make a difference in your security efforts? Or, are you already doing so? In the stories collected below, you’ll see how enterprises, vendors, and others are putting data analytics to work to improve security.
The CIO of the National Security Agency says analytics protect the U.S. intelligence community’s private cloud system from internal and external threats.
No, this isn't about using Watson AI systems to identify fraudsters by gazing deep into their eyes: IBM has acquired a German machine learning software firm called Iris Analytics to bolster its antifraud software.
The majority of security organizations received more alerts than they can handle and don't have a way to spot stolen credentials, according to a survey released today.
Rapid 7 talks about alert fatigue, the benefits of UBAs, and the need for baseline security tools.
Machine learning and behavioral analytics could help you detect attacks faster – or stop them before they even start.
Cognitive Computing and Cybersecurity, IBM Watson Cybersecurity
Cybersecurity professionals are hungry for a strategic advantage to battle new denial-of-service attacks and unauthorized access to systems. The electricity industry has started to focus its efforts on combating the issue head-on through timely cyber threat intelligence. If you understand your adversaries’ tactics, intent, and capabilities, you can develop strategies to combat their attacks and better plan for future threats. Better, more proactive security can be achieved through information sharing agreements and partnerships with other utilities, regulatory agencies, and intelligence partners.
Business banking is a popular target for hacks and attacks. Craig Priess of Guardian Analytics offers practical defensive steps.
Strategic data analytics can reduce shrinkage for retailers, restaurants and manufacturing companies by helping loss prevention pros use early warning indicators to stop problems before they start.
Enterprises are dealing with a flood of security data from firewalls, networks, email systems, individual work stations, servers, and other devices -- Big Data analytics helps companies process all this information, prioritize the most significant threats, and weed out random noise and false alerts.
Experts warn that the temptation to let the computers do it all, without the human element, can lead to trouble.
If an event at RSA's Burlington, Mass., headquarters yesterday was any indication, attendees at RSA Conference 2013 can expect to hear a lot about Big Data as a security tool.
Predictive analytics plays a growing role.
Monitoring digital footprint across all of the web can mitigate attack risk, says a financial tech start-up.
While big data implementations have taken off, the work needed to secure these systems has not.
NSA surveillance technology is cutting edge, but for most of the government, Big Data analytics is a promise unfulfilled
Better analytics could help government workers improve security, but they are hindered by tight budgets and many say they're already overwhelmed by the data they have now.
Alex Hutton discusses Big Data and risk management.
With the emergence of more powerful tools, analytics are becoming more important than ever to security teams.
Attackers are swapping, selling, and associating increasing stores of linked PII and credentials to run deeper, broader, and more stealthy information invasions.