Growing reliance on big data analytics for IT security
Over the past few years, attacks against corporate networks have been multiplying by leaps and bounds. SafeNet’s Breach Level Index, for example, shows that more than 575 million data records were lost in 2013. At the same time, the technology research and advisory company Gartner now forecasts that by 2016 one-fourth of all major global corporations will be using big data analytics for IT security or fraud detection. As we ponder these trends, we need to ask “can any standard software perform the kind of cyber hunting today’s companies need?”
Obviously enough, companies need to protect themselves against cyberattacks, and the race between virus-scanner developers and malware developers never ends. Now, something new is happening: companies are beginning to combat the threats with the help of big data analytics. Currently, only about eight percent of major global corporations are now using big data for their analytical needs.
Gardner forecasts that that figure will increase to 25 percent by 2016, however.
We providers have also been seeing enormous increases in hacker attacks. Deutsche Telekom alone now registers up to 800,000 per day, and this figure is growing. Attackers’ aims are always the same: to penetrate a corporate network in order to plant malware and/or access personal data.
The nature of the threat has been changing
Until about one or two years ago, cyber criminals tended to be very selective in the data they were looking for, and thus they tended to prepare their attacks very carefully. Now, they simply (try to) breach firewalls and vacuum up all the data they can get, for later high-volume sales.
Companies today normally monitor their networks, try to detect attacks and then initiate countermeasures against the attacks they find. As time goes by, it will become more and more important to be able to operate preventively. Many companies are realizing this, and are seeing real-time big data analysis as a key to prevention. Prevention in this case begins by being able to detect cyberattacks as they are developing.
Analysis software pays for itself in six months
Many companies shy away from using analysis software because of its supposedly prohibitive costs. At a recent security summit, Gartner noted that state-of-the-art cybersecurity tools now have to be considered basic requirements for just about any company. What is more, so Gartner, investments in high-quality analysis software tend to pay for themselves within just six months. This accords with our own experience as providers. Needless to say, the software in question has to be properly tailored to the task at hand.
The more the better
The motto “the more the better” doesn’t always hold up. In this case, it does. The more relevant data one has, the better perspective one can have of the cyber threats out there. With big data techniques, companies can comprehensively analyze their external and internal data and identify critical interrelationships.
To date, many companies have relied on silo-based eavesdropping or detection systems that have been optimized for specific types of cases, such as data loss, financial transactions or access by individual users.
The new aspect with big data analysis is that it can look at data sets in their entirety – in real time. In the process, it links the data produced by eavesdropping systems with all available context data. The aim of this approach is early detection – and even defense – before attacks even occur.
Cyber defense begins in the mind
Off-the-shelf software is definitely not the answer. To succeed in this area, companies have to begin by carefully analyzing their own infrastructures and rethinking things from the ground up. It takes an open mind to close a security gap. And a company’s rethink has to extend to its corporate culture. Just by way of example: when users don’t change their passwords at regular intervals, and do start using passwords such as “password,” the doors are wide open for cyber criminals, and even the best defenses won’t be able to close them.
Let’s big communicate