EMC Corporation’s security division, RSA, has released a Security Brief which asserts that Big Data will be a driver for major change across the security industry and will fuel intelligence-driven security models.
While Big Data’s short-term changes are already underway, in the longer term it will change the nature of contenvtional security controls such as anti-malware, data loss prevention, and firewalls.
As such, the brief presents six guidelines to assist organisations in planning for the Big Data-driven transformation of their security operations:
- Organisations should set a holistic cyber-security strategic which aligns all capabilities in a program that is customised for the their specific risks, threats, and requirements.
- Big Data analytics requires information to be collected from various sources in multiple formats. As such, a single, shared data architecture for security information is necessary as it allows information to be captured, indexed, normalized, analysed, and shared.
- A forward looking approach should be taken to investing in a specific product as each will introduce its own data structure that must be integrated into a unified analytics framework.
- Ongoing investments in security products should favour technologies using agile analytics-based approaches, not static tools based on threat signature or network boundaries. A look at open and scalable tools is required.
- Emerging products will be Big Data-ready, but security teams may not be. Organisations must strengthen SOC’s data science skills.
- Organisations need to augment internal security analytics programs with external threat intelligence services, and evaluate threat data from trustworthy and relevant sources.
According to the Security Brief’s authors, integrating Big Data into security practices will lead to enhanced visibility into IT environments, the ability to distinguish suspicious activities, and assure trust in IT systems.
Follow Nermin Bajric on Twitter: @nermin_au