Enterprises implementing big data initiatives can strengthen security strategies by observing and adapting to analytic patterns.
According to Tech Central, Bob Savage, vice president and managing director of the EMC Centre of Excellence, is adamant that big data can transform enterprise security processes.
“Security leaders are shifting to an intelligence-driven security model, supported by big data-enabled tools, which incorporates dynamic risk assessments, the analysis of vast volumes of security data, adaptive controls and information sharing about threats and attack techniques,” said Savage.
A recent Enterprise Strategy Group (ESG) report outlined how the existing security infrastructure is insufficient, relying on independent tools and manual processes that cannot combat today’s growing threats. The new model of big data security depends on real-time analytics for heightened visibility and awareness surrounding all network layers within the enterprise. Security professionals equipped with this kind of analytics-based intelligence can adjust controls and prioritize initiatives accordingly, improving incident detection and response rates. This is especially imperative for advanced threats that require higher risk-based attention. By leveraging big data tools, organizations can strengthen network security while lowing operational costs.
Analytics fill the gap
This new model will be particularly advantageous as firms face a growing security-skills gap. ESG’s research determines that one-quarter of all enterprises have a shortage in database experts. While 39 percent of firms cited having inadequate response teams, 28 percent said that security analysis skills were not up to par, and another 28 percent said data collection and monitoring was a challenge. As a result, attitudes toward security are changing: 44 percent of firms already integrated security data collection analysis as part of big data initiatives, and 30 percent will likely consider doing so within the next year.
Big data security tools will use analytics to observe normal network behavior, point out abnormalities that pose a risk and advise organizations regarding how to eliminate any vulnerabilities. In order for this model to be effective, these analytics must work with existing IT assets to develop automated security intelligence that is hyper-aware in the continually shifting threat landscape. Analytics must also be fully integrated with security policy controls so that they can automatically adjust to any changing risks or demands. For example, if analytics detect unusual network traffic on mobile devices, analysts can respond by interfering with traffic flows to reduce risk of a breach or attack.
As a result of big data initiatives, professionals can take a more active role in defending the enterprise database, making continual changes to the security structure as new threats arise.