A danger seen in time is a danger avoided
Nothing stays still, all is flux. The great Greek philosopher Heraclitus knew all this back in ancient times and today we cannot avoid the conclusion that nothing endures but change, and that we constantly need to adapt quickly to new circumstances. This is especially true of the methods used in cybercrime.
For criminologists, it is no longer possible to combat the criminals without the use of sophisticated data analysis. This is confirmed by a BITKOM survey. In 2012, 63 percent of companies surveyed recognized attacks on their computer and data networks by cybercriminals or foreign intelligence agencies as a real threat. By 2014 this figure had increased to 74 percent. And such attacks getting ever more sophisticated. That is why big data analysis is becoming indispensable for IT security and fraud detection, in tracing highly sophisticated threats, insider attacks and account takeovers. Real time analysis enjoys a special role in such efforts. Because criminals are modifying their attacks at an ever increasing speed. The goal is to recognize the tell-tale patterns that indicate attacks. Organizations and business can use such analyses to very quickly get a picture of the security situation in their environment and thus to respond to threats in time.
For example, server log data management systems accumulate enormous quantities of computer-generated data. The task is to collect these data, aggregate them at a central point, store them over long periods, analyze log data in real time, and to search through log data and generate standard behavior patterns. The real challenge facing security units is posed not just by the huge volumes of log data, but also by the number of different log formats that need to be analyzed.
The day of manual searching is over
These days it is no longer possible to conduct evaluations and analyses manually. This is especially so where log files need to be compared against each other in order to assess a state of affairs or to troubleshoot a problem situation. Is it possible, for example, that a debit card could be inserted into an ATM in Nuremberg 15 minutes after being used in Aschaffenburg? Probably not. But IT security experts’ need to identify such suspicious changes or operations as quickly as possible – ideally in real time – requires the use of the very latest technologies and solutions.
What all this means is that as well as the growing need to handle internal data with extreme care and to increase employee awareness of cyber-threats, businesses also need to protect themselves by using the latest technology and security software. Doing anything less will inevitably lead to enormous financial losses, even where such losses are generated by damage to a company’s image.
Let’s communicate big!