Security Advisor

Turning to Big Data for Security

Is Big Data all hype or is it the future of enterprise security?

IBM announced this week that its new security tool, IBM Security Intelligence with Big Data, will weed through terabytes and years of internal data to detect patterns of fraud and other shady activities from employees.

The idea behind it is that while the majority of data leaks tend to come from inside, enterprise security protocols should include a healthy look inward to stop problems before they occur. So that's what the IBM service does.

Security Intelligence with Big Data will analyze e-mails, Web traffic and social network activity in a company (in 500 TB cluster sizes), and try to identify a pattern of activity that could lead to a data leak if gone ignored.

"By analyzing e-mail you can say this guy is a disgruntled employee and the chance that he would be leaking data would be greater," said Sandy Bird, chief technology officer of IBM's security systems division, to the Wall Street Journal.

IBM isn't the only company looking to Big Data for security help. Security firm RSA also announced this week the availability of RSA Security Analytics. In PR tongue, the new offering is "a transformational security monitoring and investigative solution designed to help organizations defend their digital assets against today's most sophisticated internal and external threats."

RSA's goal is to not only ID potential threats, but to help enterprises construct a comprehensive security strategy based on the needs and potential threats the analytic software discovers. "By combining high fidelity forensic visibility with big security data collection and management, and a complete revolution in advanced analytics, RSA is helping organizations take their security programs and advanced security operations centers to a new level," said Amit Yoran, Senior Vice President of RSA.

According to Gartner's Neil MacDonald, the marriage of Big Data and Security is nothing new. In a blog post from March of 2012, he made the argument that the majority of security firms already use advanced analytics. However, instead of focusing only on a specific enterprise, they operate by monitoring the entire online security landscape.

"While the labs of Symantec, Trend, McAfee, Sophos, Microsoft, Sourcefire, Check Point, etc., etc. will be performing big data analytics on our behalf on their back end, they don't necessarily have detailed monitoring of our own enterprise network and systems (packet data, flow data, sessions, transactions and so on), wrote MacDonald. "The need for internal monitoring and big data analytics against this will be a cornerstone of our strategies to detect advanced targeted attacks that have bypassed traditional protection mechanisms (e.g. anomaly detection)."

So while he does think the push for Big Data in technology is based on a quite a bit of hype, you shouldn't outright ignore how data analysis could be used to strengthen (and, in some cases, redefine) your enterprise security.

"Big data analytics will be absolutely foundational to solving the next-generation of tough information security problems," concludes MacDonald.

Are you looking into implementing any Big Data security solutions? Or are you dismissing the hype train? Let me know in the comments below or at cpaoli@1105media.com.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

comments powered by Disqus

Reader Comments:

Sat, Feb 2, 2013 ahanse

All this big data and security talk is old hat... A bit like me, you and many other hyping this up. ... With the current generation of users who are growing up Facebooking and twittering their lives all the way to the bedroom I suspect businesses will have to change somewhat to have staff available to rake in the profits.... Businesses could facebook all their secrets and rely on a revamped patent /copyright system..... Then again what’s new in that....

Thu, Jan 31, 2013

Any idea how much something like this would cost? Off the cuff I'm guessing the vendors will be quite proud of this service.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.