Hackers... Big Data is watching you
Criminals are rapidly evolving their hacking techniques, and are attacking quickly, making timely security and fraud analytics more critical than ever.
Big data analytics give enterprises faster access to their own and relevant external information.
Avivah Litan, vice president and distinguished analyst at Gartner, believes enterprises can achieve significant savings in time and money when using big data analytics to stop crime and security infractions, by stopping losses and increasing productivity.
Gartner predicts that by 2016, 25 percent of large global companies will have adopted big data analytics for at least one security or fraud detection use case, up from 8 percent today, and will achieve a positive return on investment within the first six months of implementation.
"Big data analytics gives enterprises faster access to their own data than ever before," Litan says. "Big data analytics enables enterprises to combine and correlate external and internal information to see a bigger picture of threats against their enterprises.
"It is applicable in many security and fraud use cases such as detection of advanced threats, insider threats and account takeover."
Information needed to uncover security events loses value over time, and timely intelligent data analysis is critical as criminals and bad actors move much more quickly to commit their crimes.
For example, a year or two ago, hackers would look around, conduct extensive cyberespionage on their targets, and then go in for the theft — whether it was for money or information.
Now, hackers — aware of more-effective security and fraud prevention measures erected by their target victim enterprises — simply go directly to the theft without a drawn-out reconnaissance phase.
To address these issues in the past, enterprises relied on various siloed monitoring or detection systems that were optimized for various use cases, such as data loss, financial fraud, or privileged user monitoring.
Now, with big data analytics, enterprises can:
* Cut down on the noise and false alerts in existing monitoring systems by enriching them with contextual data and applying smarter analytics. This is especially important as the number of security events increase substantially year over year.
* Correlate the resulting high-priority alerts across monitoring systems to detect patterns of abuse and fraud, and to get the big picture on the security state of the enterprise.
* Pool their internal data and relevant external data into one logical place, and look for known patterns of security violations or fraud.
* Profile accounts, users or other entities, and look for anomalous transactions against those profiles.
* Remain agile, and stay ahead of malicious actors and activities, via faster tuning of rules and models tested against data streaming in near real time.
Big data analytics is ahead of most organisations' abilities to successfully adopt them, and most vendors have barely begun to prove their software's effectiveness, so it's still early days for this market.
Enterprise are recommended to start small, but think big, and develop a road map that encompasses multiple use cases and applications across the organisation. The return on investment (ROI) on big data analytics is typically too big to ignore.