data security

Big Data To Play Major Role In Network Security

data securityDepending upon your perspective, it’s been a really bad or a really good few weeks for security. However, while the outlook remains bleak — both for the existing and pending victims, and for the insurance industry — there is a ray of hope with a greater focus on security, and the role that Big Data can play in reducing — or at least more quickly resolving — these attacks and vulnerabilities.

One of the most recent victims is Michaels Companies Inc., the biggest US arts and crafts retailer, which announced at the end of January it is investigating a possible security breach on its payment card network. Back in 2011 hackers stole almost 100,000 payment card numbers from Michaels and a second such breach “would be devastating for them”, according to Gartner security analyst Avivah Litan. “The public and the credit card companies are going to slap their wrist twice as hard because they’ll say they haven’t learned their lesson and that they can’t be trusted.”

Just a week earlier the FBI warned retailers to expect more attacks, and said it has reviewed 20 incidents over the past year that were similar to the recent breaches. The warning was apparently prompted by the November Target breach where hackers stole 40 million credit and debit card records from the US retailer, as well as approximately 70 million records containing information such as addresses and mobile numbers.

Around the same time as the Michael’s announcement, Yahoo was advising users to reset passwords following a security attack on its mail services. Even Coca-Cola Co., which knows a thing or two about keeping secrets, has been hit, reporting that sensitive personal information — including Social Security and driver’s license numbers — of roughly 70,000 current and former North American employees was compromised because the data hadn’t been encrypted, as company policy required, on company laptops it says were stolen by a former worker.

“What happened at Coca-Cola is a bad thing but not an uncommon thing,” said Larry Ponemon, chairman of the Ponemon Institute, which researches data protection. He estimated more than half of Fortune 1,000 firms experience a breach each year of 1,000 to 100,000 confidential records, including those of employees.

Considered one of the most reliable annual reviews of the security industry, the latest edition, the Verizon 2013 Data Breach Investigations Report, raised a number of danger signals, stating that “no organization is immune to a data breach in this day and age.” The sixth DBIR included 621 confirmed data breaches as well as more than 47,000 reported security incidents.

External attacks account for the majority (92%), and the compromise-to-discovery timeline continues to be measured in months and even years, as opposed to hours and days.

Just throwing money at security doesn’t seem to be a good answer, although it can be considered a good start. According to a recent report, the IT security market will grow at a CAGR of 9.29% over the 2012-2016 period, more than double the 4% increase that overall IT budgets will see in 2014. In addition to Cisco, the key networking vendors upping their security game include HP, Juniper Networks, and Palo Alto Networks.

That’s critical because network security remains a big area of concern, according to a recent survey by Enterprise Strategy Group. “Network security risks are always top of mind with enterprise security folks”, noted ESG Senior Principal Analyst Jon Oltsik.

Almost half (44%) of organizations believe that their current level of security data collection and analysis could be classified as “big data,” while another 44% believe that their security data collection and analysis will be classified as “big data” within the next two years, blogged Oltsik back in October. “Over time, big data security analytics will blend threat detection/forensics with continuous monitoring to calculate risk scores associated with cyber-attacks.”

Automation may take a while, but it will be critical because security staff can no longer keep up, he noted. “Cisco will use its network infrastructure, SDN, and cloud-based big data security intelligence for network security automation. Other network security specialists like Check Point and Palo Alto Networks will also pursue this course.”

The network forensics market is also due to explode, warned Oltsik in another October blog, with ESG research indicating that 49% of organizations plan to collect and analyze more security data over the next 24 months. “Much of this data will be network-based and likely come from network forensic tools.”

Big Data and analysis will see increased application in the cyber security field, according to a recent interview with J.R. Reagan, Principal at Deloitte & Touche LLP. As data collection, storage (via cloud), and analytics improve, so should the ability to predict and counteract threats. Government IT managers will need the knowledge and skills to use cloud services to apply these tools, and data scientists, analyzing the information, may outnumber IT professionals at many sites.

The bottom line is that as threats continue to escalate, networks will increasingly be the on the front lines of security, and Big Data will be an essential tool to combating these threats.

Image credit: