Showing posts with label Big Data. Show all posts
Showing posts with label Big Data. Show all posts

Big Data Security Analytics Meets Endpoint Visibility

Ale Espinosa

Gone are the days of one-size-fits-all. Today, everything is about tailor-made and customization. This includes cybersecurity threats.

In the last few years, security has become increasingly more challenging. According to recent Enterprise Strategy Group (ESG) research, “62% of IT security professionals say that security management is somewhat more difficult or significantly more difficult than it was two years ago. ” This is because threats have become more sophisticated and more targeted.

But we don’t know what we don’t know, so how can we locate and expose these needles of unknown threats in the haystack of massive enterprise data? Through the use of Big Data security analytics.

In the recent ESG Brief EnCase Analytics: Big Data Security Analytics Meets Endpoint Visibility, Jon Oltsik, Senior Principal Analyst for ESG, talks about the new reality of security information, which is that guarding enterprise data has become increasingly challenging due to the sophistication of the threats, security staffing shortage, and incident-detection challenges.

Jon then applied his expertise in Big Data and experiences in security to lay out the Big Data security analytics continuum, in which corporations tend to land on the spectrum based on two extremes: real-time vs. asymmetric Big Data security analytics. He also discusses the four pointers in getting Big Data security analytics right, and described how EnCase Analytics —a turn-key solution— is a happy medium in the Big Data security analytics continuum.

To find out how to derive security intelligence through the use of Big Data security analytics, download Enterprise Strategy Group Brief: EnCase Analytics: Big Data Security Analytics Meets Endpoint Visibility from our publication library.

Beyond Reactive: Your Security Game Plan

Sandy Lii The well-known military general and strategist Sun Tzu said it best in The Art of War, “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” In today’s war against cybersecurity threats, two types of enemy have been classified: known threats and unknown threats.

The known threats, true to their name, are tracked by their known and readily available signatures and are typically stopped by perimeter security solutions such as antivirus software, firewalls, or SIEM (security information and event management) systems. While these tools are necessary and can be effective at stopping known threats, the unknown threats--the ones with no defined modi operandi or signatures--remain at large within organizations, lurking undetected, waiting for the right moment to strike. Sometimes, these threats can even be a careless or disgruntled employee.

How Many Data Scientists Does It Take to Find the Bug?

Guidance Software

Ideally, zero.
When thinking about corporate security teams, we often conjure up the image of a large group of people with state-of-the-art technology, monitoring end-users’ every action, 24x7 around the clock. The reality is, corporate security teams are often under-staffed and can barely keep up with just reacting to the threats that have already surfaced, let alone looking at all the endpoints in Big Data scale.
And as much as I live and dream Big Data, I cannot deny that without analytics, Big Data is just noise. Regardless of the sources and richness of the data, Big Data in itself does not provide big insights. That said, you would think almost every organization would embark on the journey to Big Data analytics to improve operations and enterprise security. The reality is, the desire to do Big Data analytics is often extinguished by these challenges:

Security: It’s All About Philosophy

Sandy Lii Perimeter security solutions are like the walls of a fort: companies have been trying to strengthen these proverbial walls, building them as tall and as thick as possible. But realistically, how tall and thick can these walls be without impacting daily functions? And are these walls really stopping all the intrusions?

Sadly, the answer is no.

Just like bad guys don’t usually knock on your front door, identify themselves truthfully, and wait to be invited in, many of the security threats disguise themselves well and aren’t immediately known to us.

So how do we get rid of these threats without building the walls so high that we no longer see the sun? It’s all about philosophy.