Network Security

Debate: Big Data for security analytics is ready for prime time.

In this month's debate, experts discuss the importance of Big Data analytics in the industry today.

FOR

Jeff Debrosse, director, security research, Websense

Security analytics benefit from the application of Big Data technologies across almost all domains. This is evidenced by the decreasing time to respond to increasing volumes of network-based threats (both internal and external to organizations). This means that the half-life of data is getting shorter. Security analytics are able to handle both the sheer volume of traffic as well as deriving answers as close to real-time as possible. Without Big Data security analytics, successfully leveraging traditional security analytics in increasingly complex and heterogeneous environments becomes more difficult every day.

Solutions can comprise real-time or non-real-time technologies. An example of a real-time technology is stream processing – where massive volumes of data are analyzed and actionable intelligence and decisions are created with little to no latency. Non-real-time technologies, such as SIEM, can comprise of solutions where data is captured, stored and queried for analysis and processing. Regardless of the technology, Big Data security analytics is here to stay.

AGAINST

Mike Lloyd, CTO, RedSeal Networks 

Security looks like a great target market to vendors of disk arrays and business analytics platforms. The trouble is that the tools to detect trends focus on exactly the wrong thing – the trends. Security is about outliers. You can't look backwards through a telescope and hope it will work as a microscope.

 Some people say we should just pile up the data, presumably figuring it will analyze itself. Machine learning hasn't come up with the goods – data mountains still need data mountaineers. The filtering tools to pick out anomalies have to start by understanding “normal,” and we're just not good enough at that yet.

 A better focus, with today's resources, is prediction and prevention. Integrate the data you've already got and measure your readiness – because the attack is inevitable. It's better to close the barn door ahead of time – otherwise, your Big Data effort will just net you a nice recording of the horse thief waving as he rides out.



Related

Attacks against SAP apps on the rise

SecurityWeek reports that SAP systems have been subjected to a 400% increase in ransomware attacks during the last three years, while hacker forum conversations regarding SAP vulnerabilities and SAP-specific cloud and web services rose by 490% and 220%, respectively, over the same period.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.