Big data can help draw insights for better security. Photo: iStock |
Big
data is proving a powerful tool in companies’ never-ending
struggle to keep data and networks secure.
Big data, or more specifically data
analytics, allows vast amounts of information from disparate sources and often
in different formats to be analysed for
patterns and anomalies.
Gartner predicts that, by 2016, 25
per cent of large global companies will have adopted big data analytics for
cyber security or fraud detection, up from 8 per cent today.
Avivah Litan, vice-president and
distinguished analyst at Gartner, said enterprises could achieve significant
savings in time and money by using big data analytics to stop crime and
security infractions. They should achieve a positive return on investment
within the first six months of implementation, which she said was too big to
ignore.
From helping pinpoint phishing
attempts to screening out scam calls to financial institutions, big data is
proving its worth.
Mathew Benwell, senior information
security specialist, IT risk management, at the University of Adelaide, said
the university turned to general data analytics tool Splunk when an external
security audit revealed problems in dealing with phishing attacks.
‘‘Like many organisations, the
threat of phishing attacks pose a growing problem,’’ he said. ‘‘These attacks
could result in compromised accounts, which at times can have a big impact.’’
Mr Benwell said the university had
tried a number of traditional security and event management products but had
adopted Splunk for its do-it-yourself simplicity.
He said further security
applications had emerged since. ‘‘Our use cases are expanding across more IT
teams. It is very much about using the electronic log data to try and build
useful security analytic.
A quite different example of how
data analytics tools can aid in security comes from Verint.
Mark Lazar, Verint’s global vice
president for identity and fraud solutions, said the company's Impact 360
product uses passive voice biometrics to help call centre operators combat
persistent attacks from fraudsters who talk their way past caller verification
checks to gain access to bank accounts. From a recording of a caller’s voice
the system is able to identify that person on subsequent calls.
Data analytics make this
information even more powerful.
“We can take a fraudster’s voice
and track it across time and across accounts and see what they are doing to
attack a call centre and from that we can develop patterns of how they do their
calling: what is the frequency of the calls, what is the order in which they do
certain kind of transactions. Those patterns are very different from the
patterns that genuine customers use when they're calling.”
Gartner's Litan said the real
security benefits of big data are yet to emerge. “Big data analytics is ahead
of most organisations' abilities to successfully adopt them, and most vendors
have barely begun to prove their software's effectiveness, so it's still early
days for this market,” she said.
She urged organisations to start
small, but think big and develop a road map that encompasses multiple
applications.
“The return on investment on big
data analytics is typically too big to ignore.”
Additional Reading: