Cybercriminals are getting more advanced and learning how to attack companies in new and innovative ways every day. Mark Seward, senior director of security and compliance at Splunk, wrote on The Guardian that with these attacks comes a responsibility from companies to protect against breaches. Many businesses have taken to using big data in an effort for better data protection across the board. This can be useful to have in place, as Seward said it is almost inevitable that a company will be attacked online at some point.
"Once an attacker or piece of malware is inside the network, it can often lurk unseen among the mass of data that enterprise systems generate and trying to locate it, even if you're aware that an attack has taken place is extremely difficult," he wrote. "That's why the new frontier of enterprise security is big data and statistical analysis specifically in machine data. Every interaction with a 'machine' – whether it's a website, mobile device, application server, corporate network, sensor or electronic tag, and whether it's automatically generated or a manual transaction – leaves a trail and a record."
The have been a few major issues that have come out to affect the Internet security landscape among enterprises in the past couple of years, Seward wrote, including the fact that organizations are now essentially under constant attack. While hackers were more sporadic years ago, there are now a greater number of cybercriminals online who are trying to steal money or data and perhaps just trying to cause a business to go down. These attacks understand how much pressure IT departments are under to keep up with trends and know many don't monitor as well as they should, so many of these hackers can become very difficult to stop once they have made their way into a network.
With this constant threat of attack, Seward wrote on The Guardian that IT departments have turned into a reactive and administrative role where many businesses end up purely responding instead of trying to stop these attacks before they start. This means most are not coming up with new and creative ways to stop these attackers, instead simply giving in to the fact that they will have to deal with these attacks eventually. Seward said these organizations should start using big data to help see these attacks before they infect the business and stop them at their root.
"The days of rules-based security engines looking for known threats are drawing to a close, as they're simply not built to handle the volume and sophistication of attacks today," he said. "To truly understand the nature of the threats they face, companies need to move beyond traditional approaches to security and delve deeper into the machine data being generated every second of every day."
Securing the big data itself
Patrick Gray wrote on TechRepublic that the big benefit of big data is that it can consolidate huge data sets from many source and use them to solve a business or data security problem. However, organizations cannot forget to secure the big data itself, as he said security is often an afterthought by companies in these sets. Especially for companies that have a lot of confidential sales, customer or employee information, security should be one of the first thoughts when using big data.
"Also, remember that a key element in any type of security is the human element," Gray wrote. "If you have neither the time nor inclination to implement extensive security, ensure that staff with access to the data can be trusted, and that they understand the nature of the data they're dealing with. Where consultants are involved, ask to see their data security policies, and ensure they're appropriate for the type of data the consultants will have access to."
Data Security News from SimplySecurity.com by Trend Micro.