Leading cyber security brand, Sourcefire advocates the leverage of ‘Big Data’ tools such as data mining and data warehousing for companies to gain insights for better decision making in IT security matters.
By SOURCEFIRE Malaysia
Over the past few years we’ve seen a dramatic shift in the threat environment. Whether it comes from hackers, script kiddies or client-side attacks, the threats to our networks are becoming faster, smarter, more prevalent, more targeted, and more elusive than ever before.
The perpetrators are organized, well-financed and relentlessly innovative in finding the security loopholes in business networks.
With new threats targeting IT infrastructure at an unprecedented pace, traditional defensive types of protection are no longer sufficient to protect the business. The days of manually analyzing threats, creating and deploying the solving solutions are long gone. We are now required to take more proactive security approaches to protect our data confidentiality with no interruption on usual business activities.
However, today’s threats had to become more sophisticated and increasingly difficult to identify. According to a Sourcefire’s recent research, nearly 75 percent of threats are seen only once with lifetimes measured in hours and days. The continuous metamorphosis into variations of the same core threat makes timely response become incredibly difficult whereas the organizations also can’t simply hire numbers of IT executives to just keep up with the barrage.
In the face of today’s dynamic and fast-paced environment the IT security industry needs to take a page from other IT sector playbooks and tap into the power of “Big Data.”
What’s Big Data?
Big Data analytics involves the use of technology tools to manage and manipulate the massively large data sets to provide meaningful insights that could help organizations to make better business decisions. Big data tools such as data mining and data warehousing have been widely applied on unstructured social media data to facilitate businesses with better understanding about customer thus tailor the products and services to meet their needs.
In short, ‘Big Data’ is applied to generate insightful, up-to-the-minute protection over enterprises’ networks and systems.
One of the powerful IT security applications of big data is predicting new malware by analyzing malware data from extremely large user communities. IT security solutions with built-in big data capabilities continuously gather and scan data from millions of users simultaneously. Thus, the data mining algorithms leverage their understanding of existing malware to automatically predict threats that are mutations of existing threats and have never been seen before. With the insights collected via the big data predictive analysis, security analysts are allowed to make informed decisions to protect the entire business environment and community.
Applying Big Data in Practical Business
The big data are applied on IT security in many ways. For example, the ability to marry intelligence from multiple sources – intelligence on the endpoint (i.e. identify the personal device infection) with intelligence into the network layer (i.e. identify malicious traffic lane). The analysis is performed on a crossed prospect of data to detect the anomaly on data transactions, or to look for patterns that indicating malicious activity.
Briefly, there are few aspects that enterprises should be discussing with the IT services provider while evaluating a new security solutions for the organization
- Does the security solution practically working in the in real environments with real data?
- Is there a built-in and automated analysis capability to understand the nature threats and thus provide decision making insights about remediation?
- Does the solution provide in-depth, actionable forensic data about the actual threats that your organization is facing on a daily basis?
In today’s environment, organizations need security solutions that work in the real world – that can continuously draw from volumes of data to identify suspicious activity, leverage automation to keep up with the volume of threats, correlate that data to home in on real threats and provide up-to-date and timely protection.
The black hackers are constantly looking at new ways to penetrate our IT infrastructure with damaging results. Organizations need a new way to evaluate and protect their environments with intelligent decision making. Look for big data to play a more integral role.
