RSA Keynote: Big Data Will Become Big Analytics
Big Data is more than just a buzzword, and it's going to transform the security industry as it morphs into "big intelligence." That was the message RSA's executive chairman Art Coviello delivered this morning during his opening keynote at the 22nd annual RSA Conference. In fact, the convergence of big data, mobility, and the cloud mark is "the next phase in the evolution of the information age in our social-media-driven society," he said.
Coviello spoke in a packed auditorium, pacing the stage like a tent-revival preacher, admonishing his audience to wake up to the dangers of an evolving threat landscape in which it is clear that we must "disenthrall ourselves from the reactive and perimeter-based security dogmas of the past and speed adoption of intelligence-driven security."
Coviello introduced the concept of intelligence-driven security at last year's keynote, and argued today that it has become a kind of conventional wisdom. This year he expanded the concept to embrace the sheer velocity of data streams generated today and advances in predictive analytics applied to that stream that he believes will drive his industry to create security models that can learn from continuously changing threats. The industry must refine its ability to analyze fast streams of data, he said, to produce actionable information. The ultimate goal, he said, is to create resilient systems that are "anti-fragile" and employ "adaptive capability, machine learning, and internal intelligence to become smarter in response to attacks."
During his keynote, Coviello cited his company's recently published security brief, "Big Data Fuels Intelligence Driven Security," which sets out the components of a big data-oriented security management system. These include:
- Automated tools that collect diverse data types and normalizes them.
- Data stored in a centralized warehouse, where all the data are available for security analysts to query.
- Analytics engines capable of analyzing vast amounts of fast-changing data in real time.
- A standardized taxonomy in machine-readable form.
- Infrastructures that can scale out across multiple vectors and process large and complex searches and queries.
- A high degree of integration with GRE systems and task-specific security tool, so that attacks get detected early and automatic defense measures can be triggered.
The entire report can be downloaded here.
A high degree of integration is critical to the success of this system, he said; no more "non-systems of individual, isolated, siloed, static controls." Big Data controls will be agile and predictive, and scalable enough that all data, no matter how fast-changing, can be analyzed, he said. Organizations will be able to use it to build "a mosaic of specific information" about digital assets, users and infrastructure that will allow the system to spot and correlate abnormal behavior from people and in the flow and use of data.
In January, RSA launched a Big Data analytics platform. The company describes RSA Security Analytics as a tool for real-time analysis of large amounts of data with the aim of detecting attacks and stealthy threats, especially those focused on stealing sensitive information.
That RSA product launch followed closely the launch of IBM's Security Intelligence with Big Data. The product bundle was built on IBM's InfoSphere BigInsights analytics tools, its enterprise version of the open source Hadoop database framework, and its QRadar security event and information management product.
RSA also just announced version 8.0 of its Authentication Manager platform, a two-factor authentication system. The latest version comes with an analytics engine that has "gained experience" from nearly 50 billion transactions.
"That's what you call big data," Coviello said.
RSA is the security division of EMC. The sold-out conference is being held at San Francisco's Moscone Center and runs through Friday.