Growing reliance on big data analytics for IT security

Over the past few years, attacks against corporate networks have been multiplying by leaps and bounds. SafeNet’s Breach Level Index, for example, shows that more than 575 million data records were lost in 2013. At the same time, the technology research and advisory company Gartner now forecasts that by 2016 one-fourth of all major global corporations will be using big data analytics for IT security or fraud detection. As we ponder these trends, we need to ask “can any standard software perform the kind of cyber hunting today’s companies need?”

Obviously enough, companies need to protect themselves against cyberattacks, and the race between virus-scanner developers and malware developers never ends. Now, something new is happening: companies are beginning to combat the threats with the help of big data analytics. Currently, only about eight percent of major global corporations are now using big data for their analytical needs.

Gardner forecasts that that figure will increase to 25 percent by 2016, however.
We providers have also been seeing enormous increases in hacker attacks. Deutsche Telekom alone now registers up to 800,000 per day, and this figure is growing. Attackers’ aims are always the same: to penetrate a corporate network in order to plant malware and/or access personal data.

The nature of the threat has been changing

Until about one or two years ago, cyber criminals tended to be very selective in the data they were looking for, and thus they tended to prepare their attacks very carefully. Now, they simply (try to) breach firewalls and vacuum up all the data they can get, for later high-volume sales.
Companies today normally monitor their networks, try to detect attacks and then initiate countermeasures against the attacks they find. As time goes by, it will become more and more important to be able to operate preventively. Many companies are realizing this, and are seeing real-time big data analysis as a key to prevention. Prevention in this case begins by being able to detect cyberattacks as they are developing.

Analysis software pays for itself in six months

Many companies shy away from using analysis software because of its supposedly prohibitive costs. At a recent security summit, Gartner noted that state-of-the-art cybersecurity tools now have to be considered basic requirements for just about any company. What is more, so Gartner, investments in high-quality analysis software tend to pay for themselves within just six months. This accords with our own experience as providers. Needless to say, the software in question has to be properly tailored to the task at hand.

The more the better

The motto “the more the better” doesn’t always hold up. In this case, it does. The more relevant data one has, the better perspective one can have of the cyber threats out there. With big data techniques, companies can comprehensively analyze their external and internal data and identify critical interrelationships.

To date, many companies have relied on silo-based eavesdropping or detection systems that have been optimized for specific types of cases, such as data loss, financial transactions or access by individual users.
The new aspect with big data analysis is that it can look at data sets in their entirety – in real time. In the process, it links the data produced by eavesdropping systems with all available context data. The aim of this approach is early detection – and even defense – before attacks even occur.

Cyber defense begins in the mind

Off-the-shelf software is definitely not the answer. To succeed in this area, companies have to begin by carefully analyzing their own infrastructures and rethinking things from the ground up. It takes an open mind to close a security gap. And a company’s rethink has to extend to its corporate culture. Just by way of example: when users don’t change their passwords at regular intervals, and do start using passwords such as “password,” the doors are wide open for cyber criminals, and even the best defenses won’t be able to close them.

Let’s big communicate
Günther Niederreiter

Leave a Reply

Your email address will not be published. Required fields are marked *

By sending this comment you accept our comment policy.

a) Blog visitors are always invited to comment.

b) Comments are supposed to increase the value of this weblog.

c) Comments will be activated only after validation.

d) Comments which do not relate to the topic, obviously violate copyrights, have offensive content or contain personal attacks will be deleted.

e) Links can be inserted to the comment but should refer to the topic of the blog post. Links to other websites or blogs which do not refer to the posting will be considered as spam and will be deleted.



tsystemsCom @tsystemsCom
T-Systems  @tsystemsCom
Let's take a quiz: What do you remember about #WannaCry? @BackofenD about the need of a comprehensive immunization… 
T-Systems  @tsystemsCom
#Digitisation also holds great promise in Public #Healthcare but fundamental challenges be overcome to create the r… 
T-Systems  @tsystemsCom
#DigitalTransformation is front of mind for many senior executives, but too often #security is left behind, knows… 
T-Systems  @tsystemsCom
Making the most from your #cloud: 10 best practices recommended by cloud computing experts and IT managers who are… 
T-Systems  @tsystemsCom
The Internet of Things needs your #Mobile: #IoT can’t connect the next billion until we reinvent mobile @SAP:… 
T-Systems  @tsystemsCom
Seven techniques that will help create natural project checkpoints, stakeholder feedback loops, and system adjustme… 
T-Systems  @tsystemsCom
Big savings with the #cloud: Just being in the cloud costs about the same as for 500 workloads as it does for 2,000… 
T-Systems  @tsystemsCom
Digital twins are the next innovation in manufacturing and by 2020 at least 50% of big manufacturers will have a… 
T-Systems  @tsystemsCom
#Blockchain and your enterprise: There are four areas to consider when deciding if your business is ready for block…