Companies need to embrace Big Data analytics in order to tighten up their IT defences, an analytics security expert has warned.
Too many firms are still relying on traditional defence methods, which do not competently combat modern-day threats, according to Neil King, VP security analytics at Big Data analytics specialist, Guavus
"Traditional security approaches simply cannot deal with very large data sets and handle many sources, which prevents full visibility to the environment," King explained.
"Whereas Big Data allows security teams to correlate information from many sources, handle larger amount of data and produces a better visibility of the environment – from networks to applications. As the security landscape shifts and attackers become more sophisticated, this visibility and contextual information is going to become even more critical."
One of the main flaws with traditional security approaches is that they focus on defending against known threats. Many anti-virus technologies will work from a whitelist/blacklist of activities that they know to be nefarious, setting traps accordingly that would-be attackers trip over and as a result set off an alarm.
"Yet hackers are no longer sitting in their bedrooms just trying to find ways to cause mayhem and prove they can beat the system; they are organised, well-funded, and determined," said King. "Many are working with government agencies or organised crime, and the money involved would make bankers’ bonuses look like pocket change. As such, they know where the old booby traps are, and they know how to get past them."
Content from our partners
King noted that he has seen a rise in the number of ‘zero day’ polymorphic attacks – whereby attackers change the code of their attack each time, meaning each attack has a different DNA. Due to the fact that the make-up of these attacks is constantly changing, it is impossible to pre-programme security defences to prevent them because they have never been seen before, and therefore will not be on the pre-prescribed list of actions that they should stop.
King added: "Big Data analytics tools can help to detect the unknown, which is why they are becoming so critical to enterprise security. By analysing network traffic to detect anomalies, in real-time, Big Data analytics solutions can help to identify attacks as they happen and also identify unusual behaviours that result after a breach has occurred.
"Additionally, Big Data is not confined by the traditional IT silos, meaning threats are put into greater context. This contextualisation is incredibly important when determining the level of threat and appropriate response, as it gives IT a wider picture of why changes may be occurring and the potential impact of the threat."
