The amount of hype around big data in the business community is astounding , but few companies truly understand what the technology can offer. Ashwin Pal wrote on CSO Online that most are still struggling to define the concept, much less its data security implications.
As far as the definition of big data, he said volume, variety and velocity are the three factors that define it. Those three areas are where security professionals should start looking for clues as to how the information can be used for their purposes. There is a bigger threat landscape than there ever has been, which means companies going in blind to protecting their network can be a dangerous proposition. Pal wrote that with these three descriptors, businesses can get contextual information about the business itself and their assets in order to better protect themselves.
:By incorporating this big data into security programs, organizations gain richer context for assessing risk and learning what's 'normal' for a particular user, group, business process to computing environment," he said on CSO Online. "As organizations develop fuller, more nuanced profiles of both systems and users, security teams can enhance their ability to spot aberrant activity or behaviors which often indicate issues. This big data analysis promises to give companies a full picture of who's coming into their network, who's talking to whom, and spot anomalies or atypical user behavior while it is still actionable."
A few areas where big data will have a sizable effect on security squads, Pal wrote, include:
- Achieving a more detailed perspective on governance, risk and compliance to be help categorize, track and defend assets
- Identifying anomalous trends to prevent fraud
- Managing security in a better and more effective way via real-time data collection and analysis of threats
- Using next-generation tools to better control identity and access management
Big data security has been a discussion of the RSA Conference in San Francisco, with panelists saying there are many intriguing features the technology can bring. Stephen Moloney, manager of enterprise information security at Humana, said he is still waiting for more to come from big data with a tool that he said should give him more of a big picture. Rick Holland, a senior analyst at Forrester, who was moderating the big data panel, asked the crowd how many have implemented SIEM and done it successfully; while Network Wold said about 60 percent raised their hands for implementation, only a few said it was successful. Companies may need to get the smaller data side of things correct before moving into big data.
Data Security News from SimplySecurity.com by Trend Micro.