We have said a fair amount here about the Big Data era and the challenges that it will pose for information security.
The good news is that Big Data, and Big Data analytics, can also be powerful weapons for protecting data and ensuring security. The same analytics capability that allows marketers to crunch and parse vast quantities of unstructured data to find nuggets of insight about customers can also be harnessed to provide insight into cyber threats and attackers.
For some time now firms and other organizations have been using monitoring software to generate detailed logs of security events. But conventional, limited analytics only permitted a coarse-grained survey of these logs. Integration with other security information was difficult to impossible.
Big Data analytics are starting to change all that, allowing a much deeper look into security logs and other security information. A report by RSA, the security division of EMC, outlines the emerging intelligence-driven approach to information security [PDF document].
Tim Wilson at Dark Reading provides a handy summary of the RSA report.
Within the next couple of years, according to the report, Big Data analytics "will disrupt the status quo in most information security product segments." The impact will be felt across security functions ranging from SIEM and network monitoring to user authentication, and on to governance and compliance.
In a somewhat longer term, three to five years, the RSA report suggests that "data analytics tools will further evolve to enable a range of advanced predictive capabilities and automated, real-time controls." Many security tasks that now require direct human oversight will be automated as Big Data analytics are put on the job.
All of which is very good news. The challenge will be in mastering the new sets of skills needed to effectively manage these automated processes. According to the report, the main bottleneck that could slow down full adoption of these new technologies isn't hardware or software, but a shortage of trained people.
And one thing will not change in the Big Data era: Technology solutions, by themselves, do not provide security. Our experience at GRT Corp. has taught us that these things are tools, and tools they will remain. Security comes from effective use of these tools, which in turn is based on developing and implementing a comprehensive, holistic security policy.
