big data makes your security smarter
TRANSCRIPT
Worcester polytechnic institute - School of Business MIS 500: INNOVATING WITH INFORMATION SYSTEMSAssignment 1 – Op-Ed writing. Week 5: Big data revolution
Title: Big data makes your security smarterBy Yousef Fadila
Big data has revolutionized many elements in business such as management, market research, customer behavioural study and more, but when it comes to network security, many believe that big data has added a huge challenge to this field. Apparently, valuable data could be enticing to others, which makes the business more inviting to attacks. While this is partially true, the good news is that big data revolution adds more opportunities to cyber defence than challenges. The same data that invites the attack could be helpful to combat it.
The hacking on the Democratic National Committee last year raises again the awareness of internet security, which becomes one of the major concerns to almost all industries and organizations. Especially that it comes after a continuous stream of hacks involving Home Depot, Sony, Target and many others that caused their customers to feel insecure and valuable data to become available to competitors. This causes many CEOs to scramble to address this potential threat to businesses. For them it is clear that current methodologies, which continue to fail and cause setbacks, must be altered. For their fortune, the big data revolution is here.
So what is new here? One could argue that data analytics already integrated into current cyber defense solutions but they still fail to prevent a significant portion of attacks, so we can’t really expect a lot from big data analytics! Thus the question now is: could big data analytics really provide a promising solution to cyber-attacks? Based on recent studies in this field, the answer is definitely yes. That is because current methods break down when they deal with large streams of unstructured data, so they traditionally analyze structured network data that fits a fixed schema. This inflexibility is exactly what make them vulnerable. Big data revolution removes these limits by providing tools and techniques that are able to handle scalable data in terms of time and space. This allows companies to take advantage of the huge volume of data in the business including the
unstructured ones. The key here is being able to analyze and to correlate data from multiple sources in real-time, for example, being able to analyze unstructured data such as servers' logs, user account activity and correlate that with continual network traffic data in real-time.
In addition, traditional security tools are mostly based on supervised learning models, which means they can only detect suspicious patterns they were previously trained for. This makes these tools ineffective in detecting novel or unconventional attacks. This is actually one of the reasons why the traditional tools keep falling short. Fortunately, big data revolution brought significant advances in persistent storage and unsupervised learning. This allows us to retain a huge amount of historical data and use it to build sophisticated unsupervised learning models that can effectively detect anomalies that they have never seen before.
A combination of the previously mentioned models with statistical learning methods gives us even more power because it allows us to predict the probability of an attack occurring in the future. This might seem like something from a science fiction movie, but this is actually happening now. Many enterprises who realized the potential of applying big data analytics to security fields started filling this gap. For example, AT&T has recently deployed AT&T managed security service solution, a product that revises the approach to security in a way that could be considered revolutionary. It does not only predict attacks in real time but also predicts these attacks before they actually happen! This product and other competitors could not be up and live without all the tools, analytical power and enhancements that big data revolution brought.
Simply said, If your organization still sticks to the traditional security information and event management (SIEM) solutions, it is time to take advantage of your data, combat attacks in real time and make your security smarter. Join the revolution now and be part of the security intelligence era.