Quest for robust security to drive big data

by Sharon Lobo    Jan 16, 2013

Security big dataIn the last couple of years a lot has been spoken on big data along with benefits and challenges it would bring with it. A few months ago, Gartner had released a study stating big data is expected to drive $34 bn of IT spending in 2012. However, until recently big data has had the most significant impact in social network analysis and content analytics with 45 percent of new spending each year. However, if a latest security brief released by RSA is to be believed, big data is expected to dramatically alter almost every discipline within information security. And this trend would actually surpass the impact on Social network analysis, for security concerns and affects all.

The study further adds that big data will be a driver for major change across the security industry and will fuel intelligence-driven security models. It also promises to change the nature of conventional security controls such as anti-malware, data loss prevention and firewalls. And within three to five years data analytics tools will further evolve to enable a range of advanced predictive capabilities and automated real-time controls.

This forecast may lead in the increase in the adoption of big data, where it finally moves out of hype and in to reality, which analyst have long predicted. “Despite the hype, big data is not a distinct, stand-alone market, it but represents an industrywide market force which must be addressed in products, practices and solution delivery,” says Mark Beyer, research vice president at Gartner.

The RSA study further predicts big data analytics will likely have market-changing impact on most product categories in the information security sector by 2015, including SIEM, network monitoring, user authentication and authorization, identity management, fraud detection, and governance, risk and compliance systems.

Leveraging big data to device robust security tools is the need of the hour considering how prevailing security practices has been rendered obsolete by today’s hyper-extended, cloud-based, highly mobile business world. As a result, prevailing security practices reliant on perimeter defenses and on static security controls requiring predetermined knowledge of threats need to be changed.

“The game is changing. More and more data is going onto the Internet in automated forms, and that vector will continue. Therefore, a security analysis tool that worked great two or three years ago doesn’t work so well anymore. You now have to look through a whole lot more data, and you have to look for threats that are far more subtle. Commercial tools are changing to take advantage of these Big Data streams coming online,” says William H. Stewart, SVP, Booz Allen Hamilton.

What works for big data, is that it would provide an intelligence-driven security approach, which incorporates dynamic risk assessments, the analysis of vast volumes of security data, adaptive controls and information sharing about threats and attack techniques. And all this would eventually, result in organizations receiving greatly enhanced visibility into IT environments, the ability to distinguish suspicious from normal activities to help assure trust in IT systems and vastly improved capabilities for incident response.