Big Data’s BIG Role in Cyber Security

By Ami Gal

2.9.2014

It’s 3 PM on Monday, January 27th and Israel’s CyberTech 2014 Conference is in full swing. Men, women and students from all over the world are gathered inside the Israel Trade Fairs and Convention Center to learn about the latest and greatest cyber-tech innovations being offered by IBM, Oracle, Verint-Systems, Checkpoint, RSA and a slew of other security driven companies. Cybersecurity solutions are being presented in every corner but one – the startup pavilion.

Same, Same, But Different

Amongst the sea of database security providers and software protection vendors a Big Data startup is showcasing their high-performance Big Data analytics database. Many people who approach SQream Technologies’ booth are wondering how Big Data and cybersecurity are connected. Sure, Big Data has been creating a big buzz in the telecommunication, retail and healthcare sectors, but what does Big Data have to do with cybersecurity? Alot, actually.

Let Me Explain…

Maybe the idea hasn’t caught on just yet, but it certainly makes sense that vast amounts of data can be collected, analyzed and processed in order to identify and prevent security breaches. Just as Big Data can be used for traditional business intelligence, the ability to analyze security information in near real-time can lead to faster detection and response time to cyber threats, opening a whole new door to security analysts.

The Opportunities are Endless

Big Data being used in the cybersecurity sector offers a number of benefits. Take for example terrorists hacking into secure government networks. Big Data analysis can present security analysts with information regarding which IP addresses are associated with the individuals who have access to certain networks, allowing hackers to be caught before further damage is done.

Big Data analysis can also provide security officials with as much information about an IT environment as possible. Understanding the underlying IT infrastructure allows security officials to recognize irregular activities and abnormalities which indicate high-risk events. The unusual is what matters the most when it comes to security threats and Big Data delivers this information directly to security analysts.

Two Heads are Better Than One

And although logs and alerts are often set up after cyber-attacks occur, additional data is still needed to ensure the detection of emerging threats. Security analytics is all about uncovering threats which haven’t yet been detected, and Big Data is crucial in this process. Big Data’s role in the cybersecurity field should be considered as a form of assistance for security analysts – it doesn’t take the place of knowledge and experience, but it does provide additional information regarding new threats and attacks.

Expert Advice

When asked about Big Data in the cybersecurity field, Dan Lohrmann, Michigan’s Chief Security Officer (CSO), mentioned:

“I am a believer that big data security products are the way of the future and good progress is being made by multiple vendors. However, the promise of a “single pane of glass” to correlate cyber incidents, alarms, malware and more just has not materialized for large enterprises.

Most CISOs have become numb to Big Data promises that cannot be met, and multiple products requiring additional staff, complex integration, substantial manual efforts and more are the norm. We continue to see point products that don’t work across multiple vendors very well, and we will never find the one “silver bullet” to solve all big data problems or capture the infinite number of big data opportunities.

The best progress comes in areas where very specific applications are targeted for topics such as fraud across multiple government systems like Medicaid, unemployment and criminal records.

Still, I remain optimistic – you have to be in this business.”

The Glass is Half Full

At SQream Technologies we remain optimistic as well. Big Data is the future of cybersecurity, a new concept which will soon catch on and be utilized by the most successful security companies in the field.

As Israel’s CyberTech 2014 Conference came to an end, I attempted to catch the attention of a local reporter to feature SQream Technologies’ Big Data technology. He responded to my request with a confused look on his face, stating “We are doing a story on cybersecurity solutions, not Big Data.” Typical response – little did he know that Big Data actually does play a big role in the cybersecurity field. Just as Big Data has caught on for business intelligence within the last year, it will soon have a dominant place within the cybersecurity sector once companies start taking advantage of its unique benefits.

This blog post was also featured on Geektime.com 
Want to know more about Big Data? Follow SQream on twitter for daily Big Data tweets, like our Facebook page, join us on LinkedIn and find us on Google+.  Leave your comments below too – we can’t wait to hear what you have to say!