Big Data and analytics are changing the cybersecurity landscape

Stealing media headlines with a new breach almost every week, cybersecurity has skyrocketed to the top of boardroom discussion agendas. Yet an average of 35 percent of all cyberattacks still go undetected.

Recent IDC research crystalizes the issue: Organizations need to shift from reactive to proactive strategies that seek to understand a threat before an attacker can cause damage. This requires constant monitoring of network behavior so that unusual activity can be distinguished from normal behavior.

To do this, organizations require a new set of security solutions to match the increasing number and sophistication of attacks. Applying predictive and behavioral analytics to all available enterprise and external data can help organizations evaluate threat potential, detect likely attacks and gather further intelligence. These analytics need to execute in real time so threats can be proactively mitigated before significant loss occurs.

In an earlier study from the Ponemon Institute2 86 percent of respondents said detecting cyberattacks takes too long, and 85 percent weren’t prioritizing incidents. Meanwhile, 40 percent said their security products did not import threat intelligence from other sources.

“After more detailed evaluation of the challenges and gaps in the market, organizations need a more strategic approach to threats by augmenting existing security systems with more advanced behavioral analytics,” said Alan Webber of IDC. “Software vendors who have integrated a big data analytics platform at the core are well positioned to provide an additional layer of security protection and deterrence in the market.”

IDC interviewed information security executives, practitioners and industry experts across three industries: federal government, financial services and energy. The goal was to understand the evolving cybersecurity threat landscape and how big data and predictive analytics should be deployed to better address threats and risks they face every day.

The research explains that effective big data solutions must differ from existing, reactive “collect and analyze” methods since we now have technology to use information in timeframes and manners not possible in the past. To derive value from big data, organizations need behavioral analytics and frameworks like Hadoop to improve security at a much faster rate.

For government, IT security is neither a small nor inexpensive problem. US-CERT reported more than 46,000 incidents at US federal government agencies in 2013. IDC estimates US federal government agencies alone will spend over $14.5 billion in IT security to thwart attackers and address incidents. In addition to multilayered security defenses, government agencies have highly complex infrastructures composed of a range of technologies from older mainframe systems to cloud-based and mobile apps. By turning to predictive behavioral cyberanalytics, these agencies are able to shift toward a more proactive defense posture.

In the utility and energy industry, the IDC research found advanced and predictive analytics critical for advancing a wide array of cyber mandates, including regulatory compliance. Utilities are just beginning to appreciate the opportunities for threat identification and remediation that big data analytics deliver.

For financial services, cybersecurity strategies remain atop the agenda. The IDC research predicted the financial services industry would spend over $40 billion in 2015 on managing operational risks, including cyberthreats. They noted that $27.4 billion would be earmarked for IT spend on information security and fraud. With shrinking response windows and the complexity of threats to digital channels, advanced, predictive threat intelligence solutions and services have become top items for chief risk officers, data officers, executives and regulators.