Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

Big Data Will Transform IT Security, Says RSA

Big data will transform IT security as the industry shifts towards intelligence-driven security models, according to RSA, the security division of storage giant EMC.

Big data will transform IT security as the industry shifts towards intelligence-driven security models, according to RSA, the security division of storage giant EMC.

Organizations will shift to using big data analytics within the next few years to intelligently assess threats and risks and make better security decisions, RSA said in its security brief released Jan. 17. The intelligence gleaned from unstructured data will allow enterprises to drive major changes in conventional security controls such as anti-malware, data loss prevention, and firewalls, RSA said.

RSA Bets on Big DataWithin the next two years, big data analytics will disrupt the status quo in most information security product segments, including SIEM [security information and event management]; network monitoring; user authentication and authorization; identity management; fraud detection; and GRC [governance, risk, and compliance], the security firm predicted.

Considering that security professionals are currently struggling to wrangle any actionable insights out of large amounts of data being collected from logs and event management systems, the shift towards deeper analytics will improve how security intelligence is derived. Security teams will be able to use automated risk assessments and threat detection to predict and block an incident before it can cause any damage.

Within three years, data analytic tools will evolve to enable “a range of advanced predictive capabilities and automated real-time controls,” according to the brief.

Big Data Used in IT SecurityThese new controls and capabilities will help defend against fraud and stealth attacks. The collected data should include full packet capture, external threat intelligence feeds, website clickstreams, Microsoft outlook calendars, and social media activity. Organizations can used the information to build extensive profiles of both users and systems to spot abnormal activity or behaviors that may be a sign something is wrong.

To take advantage of this transformation, organizations need to invest in their security teams to ensure they have the analytic capabilities to understand the data. Security professionals with the necessary skill sets are scarce, and they will remain in high demand, the company said.

“Security teams need analysts who combine data science with a deep understanding of business risks and cyberattack techniques,” RSA said.

RSA has made substantial investments in big data and analytics, with its acquisition of NetWitness in 2011 and Silver Tail Systems, a Web analytics and behavioral analysis firm, for an undisclosed sum last year.

In the security brief, RSA listed guidelines on how organizations can plan their move to big data. One of the key points was to focus on a holistic cyber-security strategy and unified architecture. Organizations will need to collect vast amounts of information from multiple sources in multiple formats in real-time, and each new data structure needs to be integrated into the analytics platform.

Companies should be thinking about setting up a centralized warehouse where all security-related data is captured, indexed, normalized, analyzed, and shared.

Ongoing investments should favor technologies using agile analytics-based approaches, not static tools based on threat signature or network boundaries, RSA said.

RelatedExamining The Security Implications of Big Data

Related:  MetricStream Adds Big Data Analytics Support For Enhanced Risk Intelligence

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...