Big Security Data: A Real Asset To Your Organisation, If Managed Correctly…0
I’ve just finished a very hectic week with my management team at the McAfee Cork office for quarter end. There’s always a lot of energy and excitement in the closing days of a quarter – it’s a chance to reflect on our performance and feedback from customers. This quarter, I could not be any more proud of our first class international sales team, which is the engine of our business. Their achievements, together with our Security Connected platform, has generated some fantastic feedback from our valuable users.
During my travels around the region, I noticed that customers are increasingly acknowledging the urgency of having their security solutions seamlessly connected and easily controlled from a single management console. In today’s evolving threat landscape, rarely a day goes by without a new cyber threat, attack or data breach hitting the media headlines. A growing amount of complex, digital data also adds to the complexity of today’s threat environment. According to analyst house IDC, data growth is doubling every two years – the ‘Moore’s Law of Big Data’ so to speak!
In parallel to the global growth of unstructured data, we see another type of big data emerging within IT organisations: Big Security Data. But what is the difference between Big Data and Big Security Data? Big Security Data is actually a subset of Big Data. It’s about how organisations gather security context and manage the large volumes of critical security information being generated. Organisations are storing approximately 11-15 terabytes of security data a week, a figure that Gartner Group predicts will double annually through 2016. To put that in perspective, 10 terabytes is the equivalent of the printed collection of the largest library in the world, the Library of Congress.
The point of Big Security Data is to capture information, analyse it and then take action. According to a recent McAfee study conducted with research firm Vanson Bourne – “Needle in a Datastack, the rise of Big Security Data” – many businesses are failing to effectively store and analyse the Big Security Data at their disposal.
It’s crucial for organisations to harness the power of this Big Data for security purposes. Moreover, international and European risk and compliance regulations are adding additional constraints to organisations. The accelerated rise of APTs (Advanced Persistent Threats) makes the long term retention and analysis of security data vital in order to reveal patterns, trends and correlations symptomatic of this evolving malware. Stealing data only takes minutes or even seconds. By breaking down silos, holistic solutions not only connect the dots but also build bridges across organisations: IT, security, and the functional business units.
To achieve real-time threat intelligence in an age where the volume, velocity and variety of information have pushed legacy systems to their limit, businesses must embrace the analysis, storage and management of Big Security Data. Therefore, it’s essential for organisations to have in place a powerful and integrated SIEM (Security Information and Event Management) platform which is security-connected in order to analyse the data, put it into context in real-time to stop and prevent attacks. When our customers visit the McAfee Executive Briefing Center in Amsterdam, they can experience in real-time the anatomy of an attack, how to detect it, counter it and identify its source.
There are two questions organisations should be asking themselves in order to find out whether they are using adequate security measures in a big data world: “Are we alerted in real time when we are breached?” and “Can we detect the sources of the breach?”
If the answer to both of these questions is no, I can only encourage you to take action if you have not already done so.