Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Applying Big Data for Intelligent Decision Making

A New Landscape in Security Technology: Applying Big Data for Intelligent Decision Making

Over the past few years we’ve seen a dramatic shift in the threat environment. Whether the threats come from hackers, script kiddies, client-side attacks, advanced persistent threats, or state-sponsored actors, the attacks are targeted, unexpected and deadly. The perpetrators are organized, well-financed and relentlessly innovative. They are motivated by money and will use any means possible to cash in.

A New Landscape in Security Technology: Applying Big Data for Intelligent Decision Making

Over the past few years we’ve seen a dramatic shift in the threat environment. Whether the threats come from hackers, script kiddies, client-side attacks, advanced persistent threats, or state-sponsored actors, the attacks are targeted, unexpected and deadly. The perpetrators are organized, well-financed and relentlessly innovative. They are motivated by money and will use any means possible to cash in.

IT Threat DetectionWith new threats targeting IT infrastructure at an unprecedented pace—tens of thousands per day versus a handful just a few years ago—traditional means of protection are no longer adequate. The days of manually analyzing threats, creating signatures and deploying these signatures are gone. In our research, nearly 75 percent of threats are seen only once with lifetimes measured in hours and days. The continuous metamorphosis into variations of the same core threat makes timely response incredibly difficult. Organizations simply can’t hire enough staff to keep up with the barrage.

In the face of today’s dynamic and fast-paced environment the IT security industry needs to take a page from other IT sector playbooks and tap into the power of “Big Data.” Emerging with the explosive growth of data, storage and processing power over the past couple of years, big data involves the use of tools, processes and procedures to create, manipulate and manage massively large data sets ranging in terabytes or petabytes. Search and social media have been using big data tools such as data mining and unstructured data processing to understand more about users and better tailor results and services to meet their needs. But big data can also be applied for insightful, up-to-the-minute protection and helping security managers make smart decisions while fighting against today’s continuous threats.

One of the powerful IT security applications of big data is predicting new malware by analyzing malware data from extremely large user communities. IT security solutions with built-in big data capabilities continuously gather and scan data from millions of users simultaneously. Data mining algorithms leverage their understanding of existing malware to automatically predict threats that are mutations of existing threats and have never been seen before. These big data tools can use malware data collected from a single source to protect the entire community. Security analysts can therefore use the results of this predictive analysis to make informed decisions about protecting the environment.

The applications for big data in IT security are many. For example, the ability to marry intelligence from multiple sources – intelligence on the endpoint (i.e., this person’s device has been infected) with intelligence into the network layer (i.e., this traffic looks malicious) – is on the horizon, as is the ability to perform anomaly detection on this data to look for patterns indicating malicious activity.

When evaluating new security solutions for your organization, ask your vendors the following:

1. How do they know their solutions are working in real environments with real data?

2. Do the solutions have built-in, automated analysis capabilities to understand if threats are real or benign and to make intelligent decisions about remediation?

Advertisement. Scroll to continue reading.

3. Do their solutions provide you with in-depth, actionable forensic data about the actual threats your organization is facing on a daily basis?

In today’s environment, organizations need security solutions that work in the real world – that can continuously draw from volumes of data to identify suspicious activity, leverage automation to keep up with the volume of threats, correlate that data to home in on real threats and provide up-to-date and timely protection.

The bad guys are constantly looking at new ways to penetrate our IT infrastructure with damaging results. Organizations need a new way to evaluate and protect their environments with intelligent decision making. Look for big data to play a more integral role.

Written By

Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem