Big Data is No Universal Solution for Security Intelligence


Userlevel 7
Big Data is No Universal Solution for Security Intelligence
by infosecurity
 
Improved monitoring and analytics can improve the information available to IT security teams. But shifting patterns of work mean it only offers partial insights. Turning to "big data" analytics techniques can improve security intelligence. But it cannot provide a complete picture of the security threats facing the enterprise.
According to a panel of experts at Infosecurity Europe, turning to data analytics tools to improve threat detection and alerts has the potential to make businesses more secure – but only if the data can be combined with other sources of intelligence, including those from outside the business. IT security teams are able to access ever larger volumes of data, such as hardware systems, logs or alerts from tools such as data loss prevention systems. But often the volumes of data involved can make it hard to distinguish threats according to levels of severity. Big data security intelligence – drawn from data analytics tools developed for other business purposes – can help. In particular, big data analytics tools can process large volumes of data quickly, which should enable a quicker and more effective security response. 
But to do this, organisations need to overcome a number of barriers.
 
Full Article

3 replies

Userlevel 7
The following article is a update on Big Data For Security
 
(6 Tips for Using Big Data to Hunt Cyberthreats)
 
By: You need to be smart about harnessing big data to defend against today's security threats, data breaches, and attacks.
Ask 10 different people what big data is, and you may get 10 different answers. For the sake of this article, big data refers to the mining of usable information from the large amounts of data being created around the world every day. While companies look to take advantage of all this data to improve operations, increase sales, and lower costs, many are discovering that it can also be used for security by offering a broader view of risk and vulnerabilities.
Big data offers the ability to analyze massive numbers of potential security events and make connections between them to create a prioritized list of threats. With big data, disparate data can be connected, which allows cyber security professionals to take a proactive approach that prevents attacks
 
DarkReading/ Full Read Here/ http://www.darkreading.com/analytics/6-tips-for-using-big-data-to-hunt-cyberthreats/a/d-id/1278970?
Userlevel 7
The following article is a update on Big Data
(Big Data Overwhelms Security Teams )
 
By Jeff Goldman  |  Posted August 20, 2014
 
A major contributing factor in many recent data breaches has been the fact that many IT security teams are simply overwhelmed by the volume of data they're handling. During last fall's massive Target breach, for example, the company's intrusion detection software triggered several alerts, but Target's security team wasn't able to respond to them.
"Target's security team neither reacted to the alarms nor allowed the FireEye software to automatically delete the malware in question," the U.S. Senate Committee on Commerce, Science and Transportation noted in a March 2014 report [pdf] on the breach.
Jon Oltsik, senior principal analyst at research firm ESG, said Target's experience is consistent with what he's been seeing in the market, noting that "companies have invested in advanced malware detection but don't know what to prioritize or what actions to take when they receive an alert."

eSecurityPlanet/ full article here/ http://www.esecurityplanet.com/network-security/big-data-overwhelms-security-teams.html



Userlevel 7
The following article is a update:
************************************

Big Data, Big Mess: Sound Risk Intelligence Through Complete Context.

By SecurityWeek News on March 17, 2015
 
When it comes to cybersecurity, perhaps nothing has been as highly touted as the answer to every executive’s prayers as big data.
Years after “big data” became just another marketing buzzword, organizations are still grappling with the issue of how to use that data in a practical way.
http://www.securityweek.com/sites/default/files/features/Big_Data_Big_Mess.jpg
Data is useful, but only if it’s being properly interpreted and conveyed. The problem isn’t with data, but with the way in which people are using it. Simply put, data alone is missing context.
Data alone presents a few problems, but many of them emerge from a single misguided view – ?that big data is the answer, not part of the answer.
 
full article

Reply