With new monitoring tools and automation capabilities emerging to help companies shore up security gaps, ZDNet columnist Ellyne Phneah recently urged IT teams not to forget that there is a human element at play as well. While big data and process automation can simplify operations and speed response time, relying too heavily on these innovations could allow some less conventional threats to slip through.
Gavin Reid, manager of Cisco Security Incidents and Response Team, told the ZDNet that automation tools can regulate web proxies, firewalls and antivirus programs that detect and protect against security incidents and cyber threats such as spam, drive-by downloads and more. Big data analysis can help these companies better understand where these attacks may come from and why they are happening.
"However, they have 'limited usage' and are ineffective against advanced cybercriminals who have proliferated across the world," Phneah wrote. "Automated security cannot detect human-led attacks by hacktivists and sophisticated cybercriminals … These attacks, such as advanced persistent threats (APTs) are often stealthy and good at hiding within a company's network."
Companies that have the biggest and best tools may still be at risk if they don't have expert professionals in place to help mitigate the amount of damage that can be done to a company. As Reid told the website, only humans can figure out what another human is going to do, but they need these tools to outline the big picture behind these attacks.
"Automated tools and big data can extend your reach and simplify your workload but they can never replace the way humans think," Reid told ZDnet. "They can only make your job easier."
Potential of big data in security
According to a report by the the Information Security Forum, based in the United Kingdom, less than 20 percent are using data analysis to predict what hardware will fail, which data has the best integrity and if business records are classified properly.
"This is despite big data’s 'huge potential' to improve IT security because it offers the ability to comprehensively analyse large volumes of disparate and complex data to help board level executives better understand and manage their risk-reward balance in cyberspace," the Big Data Insight Group wrote in response to the research. "Data volumes are growing at around 2.5 million terabytes a day and now the ISF urges organisations to use this data to gain holistic and real-time insight into security threats, both internal and external."
Data Security News from SimplySecurity.com by Trend Micro.