Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Security Industry Could Light Path for Data Analytics

A new survey and report shows strong faith but poor confidence in current data analytics. For example, 70% of respondents to the survey believe that analytics are integral to understanding how products are used; 71% to understanding business performance, and 70% to understanding fraud. But at the same time, only 43% are confident in the analytics insights for risk and security; 38% for customer insights; and just 38% for business operations.

A new survey and report shows strong faith but poor confidence in current data analytics. For example, 70% of respondents to the survey believe that analytics are integral to understanding how products are used; 71% to understanding business performance, and 70% to understanding fraud. But at the same time, only 43% are confident in the analytics insights for risk and security; 38% for customer insights; and just 38% for business operations.

The report, Building Trust in Analytics, follows a survey of 2,165 respondents in 10 different countries undertaken by Forrester Consulting on behalf of KPMG. The results show a clear distinction between understanding the need for and importance of analytics within decision making, and actually trusting the outcome of current analytics.

“Failing to master analytics will not only make it increasingly hard for organisations to compete,” comments Paul Tombleson, UK head of data & analytics at KPMG, “but will expose their brands to new and growing risks. Seventy percent of UK executives believe that by using data and analytics they expose their organisations to reputational risk.”

KPMG beleives that the low levels of trust might be filtering down from the top of the organization, since nearly half of the respondents do not believe their C-suite executives fully support their organization’s data analytics strategy. It goes further to suggest that this may be caused by data analytics’ inherent complexity further impacted by a ‘human instinct for emotional decision making’.

Missing from the report is any indication of the effect of a shortage in skilled data scientists. Data scientists differ from statisticians by requiring experience in machine learning and algorithms; and without them the essential step towards automated data analytics cannot be made. As long ago as 2012, Gartner predicted a shortage of more than 100,000 data scientists by 2020.

While the KPMG report shows a lack of faith in current business data analytics, data analytics lie behind the latest generation of anti-malware products that often boast 100% detection for both known and unknown malware. The difference between busihness analytics and security analytics is the use of machine learning algorithms to analyse the data — security has already made the leap from human data analysts to machine learning analytics.

“Just as moving to cloud-based IT represented a huge gain in capability for businesses,” said Anup Ghosh, founder and CEO at Invincea, “I expect moving to data analytics-based businesses will represent another quantum leap in how businesses approach the market and run their companies.” But, he warned, “Those who don’t adopt will likely go the way of brick and mortar bookshops and video rental companies.”

The problem is the sheer mass of data that needs to be analyzed. “Machine learning is a way of finding intelligence in the vast amounts of data that is out there. In security, there is far too much data (alerts and raw threat indicators) to be human scalable. In customer analytics, the same applies.”

Advertisement. Scroll to continue reading.

For now, the difference is that ‘security’ is a defined and bounded subset of business data; but its principles will be applied throughout business. “Data science will develop custom-fitted machine learning algorithms to the needs of the company to answer the questions it is asking,” predicts Ghosh. “This will require a new skillset not current in most companies — data scientists, machine learning specialists, and big data architectects, as well as company leaders who will drive this forward or be left behind.”

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...