The Ponemon Institute released the results of its first report focused on how big data analytics are being used by organizations to strengthen cybersecurity postures. Their findings are based on a survey with responses from 592 IT and IT security practitioners from US-based organizations across multiple industries.
- 72 percent said big data analytics played an important role in detecting advanced cyberthreats
- 72 percent said it is impossible to get ahead of advanced threats using big data analytics with traditional technologies
- 65 percent said big data analytics are essential to creating and ensuring strong cybersecurity postures.
“The data pouring into enterprise environments holds valuable information that can be used to identify and mitigate threats, but in many cases it is simply too overwhelming to extrapolate anything useful from,” said Dr. Larry Ponemon, Chairman, Ponemon Institute. “Not only does this first-of-its-kind report show that organizations know they have the information needed to stand up against advanced threats, it also reveals that when data is used in conjunction with the right analytic tools that it can be used to reduce risk across their organizations.”
APT, insider threat detection are top priorities
When it comes to the most promising enabling technology features that cybersecurity big data analytics unlocks, respondents rank machine learning and user behavior analytics (UBA) at the top.
Furthermore, early adopters of cybersecurity big data analytics have found that they have a higher confidence level in their ability to detect advanced malware/ransomware, compromised devices (e.g., credential theft), zero day attacks, and malicious insiders.
“Information is the most valuable business asset available today, this is why the industry must start to recognize that threats and attacks really are a data and analytics problem more than anything,” said Rocky DeStefano, Cloudera, cybersecurity SME. “When organizations have the power to visualize the enemy, they are able to act quickly to identify, contain and remove problems before they develop into full-blown incidents and mega breaches.”