Big Data capabilities crucial for effective cyber defense, says study
A study from a top cybersecurity analyst firm confirms that big data analytics offer a powerful arsenal for cyber security, but adoption is alarmingly slow.
The report, released by Teradata Corporation and the Ponemon Institute at the RSA Conference 2013 in San Francisco, contains several key findings:
- Cyber-attacks are getting worse but only 20 percent say their organizations are more effective at stopping them. The greatest areas of cyber security risk are caused by mobility, lack of visibility and multiple global interconnected network systems.
- Fifty-six percent are aware of the technologies that provide big data analytics and 61 percent say they will solve pressing security issues, but only 35 percent have them. The 61 percent say big data analytics is in their future.
- Less than half of organizations are vigilant in preventing (42 percent) anomalous and potentially malicious traffic from entering networks or detecting such traffic (49 percent) in their networks.
- Today’s IT security practitioners consider network data to present both an opportunity (data integration 61%, data complexity 53%) and a challenge (data growth 50%, data integration 39%). While many organizations struggle with in-house technology and skill sets – only 35% say they have big data solutions in place today, and just over half (51%) say they have the in-house analytic personnel or expertise, the study showed.
Big data analytics with security technologies ensure a stronger cyber defense. Eighty-two percent would like big data analytics combined with anti-virus/anti-malware; 80 percent say anti-DoS/DDoS would make their organizations more secure.
Big data analytics can bridge the existing gap between technology and people in cyber defense through big data tools and techniques which capture, process and refine network activity data and apply algorithms for near-real-time review of every network node. A benefit of big data analytics in cyber defense is the ability to more easily recognize patterns of activity that represent network threats for faster response to anomalous activity.
“The Ponemon study is a wakeup call,” said Sam Harris , Director of Enterprise Risk Management, Teradata. “Enterprises must act immediately to add big data capabilities to their cyber defense programs to close the gap between intrusion, detection, compromise and containment. When multi-structured data from many sources is exploited, organizations gain a very effective weapon against cyber-crimes.”
Harris said that in the cyber security realm, effective defense means managing and analyzing unimaginable volumes of network transaction data in near real time. “Many security teams have realized that it is no small feat to quickly sift through all of their network data to identify the 0.1 percent of data indicating anomalous behavior and potential network threats. Cyber security and network visibility have become a big data problem. Organizations entrusted with personal, sensitive and consequential data need to effectively augment their security systems now or they are putting their companies, clients, customers and citizens at risk.”
The report can be downloaded here (registration required).