Looking at Big Data through the Information Security LensAugust 13, 2012 1 Comment
By David A. Kelly, Upside Research
Continuing on the theme of Big Data, there has been a lot of talk recently about how Big Data can be used by Security experts within an organization for a number of positive outcomes. Just as Big Data promises to provide marketers and sales leaders with troves of valuable information about potential and existing customers, their buying behaviors and preferences, so too, the theory goes, can Big Data provide IT Security Mangers troves of useful information about security events that end users experience. The obvious goal from this line of thinking is to utilize Big Data to weed out the most egregious of security vulnerabilities or problems within an organization. In theory, this is a grand plan. In reality, today, however, it’s not even half-baked.
It is true, theoretically, that if a business is capturing all of the data around security events today, one day that information can be used proactively to analyze and make changes to security policy and operations in a positive light. And, the Holy Grail would be for this to occur in real time. The challenge today is that the polished tools do not exist for this to happen in any manner even close to real-time, which seriously detracts from the dream. As one security expert quipped, if you’re expecting Hadoop to provide a polished report on compliance for you, it’s not gonna happen – yet.
And that is the inherent challenge when the IT industry discovers a darling new technology and tries to saddle it with all of the problems of the enterprise. Big Data has a tremendous amount of promise for use with information security problems – but really only when you can use analytics on that data. The analytics component is what has the power to sift through a massive store of seemingly unrelated data points and achieve a moment of serendipity that reveals an unexpected underlying cause of a certain pattern or series of events. When the tools for analytics of security Big Data emerge in this nascent market, then it will really heat up. But, it’s not there yet.
So, what is a company to do today? Should you even try to get into the Big Data game from a security perspective? The answer is, yes. While the technology is still emerging in terms of analytic tools around Big Data and information security, if your IT organization has some analytics expertise in-house, try to apply it to a discrete question or problem you are currently facing around security. Perhaps it is a specific error your end users are repeatedly reporting occurs when they perform a specific function. Use your analytics power to comb through all of that Big Data and you may find the key to the problem. And then, when the tools become available, you’ll already be in practice applying it to your security challenges.Analyst Blog