Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

RSA betting the future of security on big data

The acquisition of web analytics firm Silvertail Systems is part of RSA's big data security push

Article comments

"This is what makes security interesting going forward," says RSA Chief Technologist Sam Curry in discussing the outfit's new position paper ("Big Data Fuels Intelligence-Driven Security"), which lays the groundwork for integrating big-data analytics into security operations.

Pressed to say exactly how RSA will pursue such a strategy, Curry would only acknowledge more on products and services will be forthcoming soon. He emphasizes: "We're making a bet as a company on this."

RSA late last year acquired Silvertail Systems, a Web analytics and behavioural analysis firm, and this will be figuring into what RSA plans for its big data security push.

The RSA position published paper today suggests any security company that doesn't find a way to make use of big data might want to fold up its tent right now.

"Within the next two years, we predict big data analytics will disrupt the status quo in most information security product segments, including SIEM [security information and event management]; network monitoring; user authentication and authorisation; identity management; fraud detection; and governance, risk & compliance," the paper states.

It goes on to say that within three years, data analytic tools will have evolved to enable a range of "advanced predictive capabilities and automated real-time controls." These, in theory, will form the basis of protecting against fraud and stealthy cyberattacks aimed at stealing critical information.

Today, there are a handful of security firms, including Red Lambda and Palantir, that have created tools and services that involve large-scale data analytics used to serve the purposes of security. Also, CrowdStrike is a startup that is expected to introduce a "big-data analytics platform" later this year.

According to RSA's perspective, big data harnessed for security purposes entails collecting vast amounts of information in real-time to build profiles of both users and systems to "spot aberrant activity or behaviours" that "often indicate deeper problems."

And big data is envisioned as big indeed. "Now, with recent advancements in computing power, storage systems, database management and analytics frameworks, no data set is too big or too fast. Information such as full packet capture, external threat intelligence feeds, website clickstreams, Microsoft outlook calendars and social-media activity can be used for security-related analysis."

RSA suggests companies should be anticipating the big data push into security by considering what would be involved to set up a centralized warehouse "where all security-related data is made available for security analysts to query, either as a unified repository or, more likely, as a cross-indexed series of data stores."

Big data is going to be about "events in your environment" and there's a need for more than the type of security data, such as what firewalls or other types of security gear provide, says Curry. "It goes beyond security data to travel systems or Salesforce.com or CRM [customer-relationship management] and other application data," he says. Curry notes that the HR systems may be able to supply information about an employee that would help determine if someone is trying to exploit a person's identity.

According to Curry, the intent in all this is to evolve beyond what is now known as SIEM, where products are designed to aggregate and analyse large amounts of security feeds.

"SIEM is just repositories, mass repositories that are often architected for compliance," Curry says. Big data for security can potentially do better in detecting stealthy attackers and their "dwell time" inside enterprise networks as they find their way to the most critical data sources and plan how to extricate it, he says. The "hunt time" for this type of attack is generally failing today but "we think it takes advanced data techniques to wins this," Curry says.



Share:

More from Techworld

More relevant IT news

Comments

Laxmi Patel said: nice article There is huge demand for Big Data jobs and Datascientists



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *