SlideShare ist ein Scribd-Unternehmen logo

Big Data Dectives

- Mark - Fullbright
- Mark - Fullbright

All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.

BildungTechnologie
1 von 14
Downloaden Sie, um offline zu lesen
Next >> R Previous Next darkreading.com Previous Next Previous Next OCTOBER 2013 Previous Next Download Subscribe Could big data be the key to identifying sophisticated threats? Security experts are on the case. >> By Robert Lemos PLUS Secure the perimeter, but analyze the data >>
Register Previous Next October 2013 Issue 13 CONTENTS Previous Next Previous Next Previous Download Subscribe Next COVER STORY Big Data Detectives Companies are using data analytics to improve security but they’re challenged by immature technology and a scarcity of expertise. p5 DARK DOMINION Bolster Perimeter Protection Security analytics is the next generation of defense. p4 CONTACTS Editorial and Business Contacts p14 More From Dark Reading Detect Business Threats Dark Reading’s Security Monitoring Tech Center is a single community dedicated to the tools and techniques used to analyze security activity and detect potential threats to the business. darkreading.com/monitoring How Do You Handle Big Data? The Big Data Conference provides three days of comprehensive content for business and technology pros seeking to capitalize on the boom in data volume. In Chicago, Oct. 21-23. darkreading.com/2013bigdataconf Navigate The Cloud Cloud Connect’s summits, panels and boot camps draw fellow IT pros wrestling with cloud challenges. In Chicago, Oct. 21-23. darkreading.com/2013cc PREVIOUS ISSUE FOLLOW US ON TWITTER AND FACEBOOK @DarkReading darkreading.com darkreading.com/facebook The Changing Face Of APTs Advanced persistent threats are evolving in motivation, malice and sophistication. Are you ready to stop the madness? darkreading.com/issue/aptaugust2013 October 2013 2
Previous Next Not all SSL certificates are the same. We have the Internet’s most trusted mark. Symantec™ Website Security Solutions include industry-leading SSL, certificate management, vulnerability assessment and malware scanning, Express Renewal, and 24x7 support. The Norton™ Secured Seal and Symantec Seal-in-Search assure your customers that they are safe to search, to browse, to buy. With 100 percent uptime since 2004, military-grade data centers, and industry-leading SSL, Symantec is the leading provider of website security for your business. Please call (866) 893-6565 or visit us at www.symantec.com/ssl-certificates to learn more about Symantec Website Security Solutions. Copyright © 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, and Norton are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other trademarks may be trademarks of their respective owners.
Previous Previous Register Previous Next DARK DOMINION Table of Contents Previous Next Previous Next Previous Download Subscribe Cloud Expertise Cloud Connect, Oct. 21-23 in Chicago, offers in-depth boot camps, panel discussions and peer networking to help you weigh your cloud options. Register Next Secure The Perimeter, Then Add Big Data A few years ago, my pest control company started a service called “perimeter defense.” Instead of bringing a technician inside and spraying each room, my exterminators said they would treat the house from the outside, effectively creating a safe “wall” that vermin couldn’t penetrate. Sorry, I had to stop typing for a moment and wipe another bug off my screen. I wonder why the spider in the corner doesn’t ever catch those things? Like most IT security professionals, I no longer believe that perimeter defense will stop all the intruders. Yes, it helps a lot. But I’ve accepted the fact that no matter how good my outside defense is, the most sophisticated pests will find their way in. As a result, I keep flyswatters and bug spray handy. I have my own strategies for finding and killing what evades my external defenses. In the enterprise, this process for detecting and eliminating the attacks that bypass the perimeter — sometimes called incident response — is becoming an increasingly im- portant part of enterprise defense. Assume you will be hacked, the logic goes, and be ready with your backup plan. It’s the virtual equivalent of my flyswatter and bug spray. Unlike pesky bugs, though, a sophisticated enterprise compromise can result in very big problems — loss of customer data, loss of service and even loss of business. One fierce attack could cost your company millions of dollars and, if it’s properly hidden, could suck the data out of your systems for months, or even years. To help reduce this risk, many big companies are relying on forensic tools and experts to detect these sophisticated threats and root them out before they can damage the business. “Incident response” has become “data forensics,” in which the goal is to identify evasive attacks through detailed analysis of digital evidence found in system log files and security event management systems that track security-related data and flag anomalous activity. The problem is that there’s so much secu- TIM WILSON @darkreadingtim rity-related information that finding and correlating the few bits of data needed to identify an attack can be nearly impossible for a single human. To quote one expert, “it’s like trying to find a needle in a stack of needles.” The forensics problem has given rise to a new class of tools and best practices being called “security analytics.” The detailed study of security data increasingly embraces big data analysis tools and techniques used by other parts of the business, and it’s becoming the next generation of defense. This special digital issue of Dark Reading offers a look at this new trend. Like me and my exterminators, enterprises haven’t given up on perimeter defense, but they acknowledge it can’t stop everything. For today’s business, security doesn’t just mean developing an effective screen against attack, it means an effective strategy for wiping out the bugs that get through the holes. Tim Wilson is editor of DarkReading.com. Write to him at timothy.wilson@ubm.com. Next darkreading.com Next October 2013 4
Register Previous COVER STORY Next Table of Contents Previous Next Previous Next Previous By Robert Lemos Next F Download Subscribe Big Data Detectives Could big data be the key to identifying sophisticated threats? Security experts are on the case. darkreading.com @roblemos or Vigilant, it started in 2009. And as with most companies, it started small. The security services startup, now part of audit and consulting firm Deloitte, wanted a way to bring information about external threats to clients that were using SIEM (security information and event management) systems to monitor their own environments. The Vigilant team knew that the combination of external threat data with internal security event data could be a powerful way to improve enterprise defenses, but crunching all that data would be a monumental task. Vigilant began combining threat intelligence feeds, filtering the data to pull out the most important information for each client, and then transmitting the data to their clients’ SIEM systems. The company started with two threat lists: domains servOctober 2013 5
Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe Get Smart Our Threat Intelligence Tech Center provides in-depth information on collecting and analyzing data on emerging cybersecurity threats. Click Here darkreading.com Next ing malware, and domains compromised by the Trojans SpyEye and Zeus. To reduce false alarms and aid in analysis, the company began adding more data feeds. Vigilant’s analysts quickly became addicted to the analysis. Each new source of data gave them the ability to tease out additional information on threats. By 2011, the company was processing about 50 to 100 GBs per day. But the company’s systems couldn’t keep up with the flow of data, and it started missing performance deadlines, says Joe Magee, co-founder and former CTO of Vigilant, who is now a director at Deloitte. “We were not able to catch up,” Magee says. “We were not able to process the information and push it out fast enough, and that’s when it became a big data issue for us. We needed to be able to rip through this data in Googlelike fashion.” The volume of data and rate of change caused the problem, because most of the data came in the form of feeds updated daily with gigabytes of data. It overwhelmed the company’s initial database built on top of Postgres. In 2011, Vigilant moved to Hadoop and became one of many companies — both vendors and enterprises — that are advocating the use of big data analytics to improve the response to security threats. Big Data Still Just A Promise For security teams, the use of analytics on massive quantities of security data — from device and application logs to collections of captured network packets and operational business data — promises better visibility into the security threats that elude current defenses. Big data analytics can be more complex than the log collection and analysis conducted by most SIEM systems, so automating the number crunching is often needed to let security pros more easily use statistical correlations to discover trends and anomalies. Tracking days or weeks of business activity allows the system to find outliers — a user who accesses far more data on a daily basis than the average employee, or a system that has a sudden spike “A company can have so much data and try to do so much with it, and there are no SIEM solutions that can handle it.” —Lucas Zaichkowsky, AccessData in resource consumption. Analysts then can dig deeper into the large data sets of security information for any flagged events. “Big data is not just about gaining insights, it’s about helping remediate issues faster,” says Jason Corbin, director of security intelligence strategy for IBM Security Systems. “The big problem is that [security teams] are overwhelmed with information they have. All October 2013 6
Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe Next that information goes to some guy who has to sift through tons of incidents or vulnerability reports and decide what they need to patch or virtually patch or fix. Security teams fall behind, and that’s how companies suffer breaches based on known but unpatched vulnerabilities.” But for many companies, the promise of big data in security is just that — a promise. While security teams hope to gain more awareness of what is going on in their networks by collecting and analyzing more of their data, the technology is still in its adolescence. “Hadoop has been around for a while, but it is still figuring out what it is and what is wants to be,” says Adrian Lane, CTO for security consultancy Securosis. Still, the potential is huge, Lane adds. Companies that kick off a big data project for security can collect an immense volume of data and have a security analyst poke through the information, ask queries of the data and make important discoveries. How Big Is Big? Big data itself isn’t a technology or a method of analysis. It’s a concept that involves collecting, managing and making sense of more and new data sources. It’s about analyzing the darkreading.com “dark data” (data that is collected but rarely used) created by business devices and systems. For companies, that means collecting orders of magnitude more data. Business projects aimed at using big data to support security typically follow two paths. In the first, security teams gain access to a company’s operational data and Which types of data should be analyzed? Opinions vary. Many SIEM vendors argue that the proliferation of device log data creates a big data problem. Other companies, such as RSA, use a more strict definition. For them, big data means monitoring all of the information that crosses the enterprise network — perhaps an unsurprising opinion for a company When Will You Use Big Data Analytics For Cyber Defense? 23% No plans Using now 39% 17% 12% Within 9 months Within 3 months 9% Within 6 months Data: Ponemon Institute’s “Big Data Analytics In Cyber Defense” report, surveying 706 IT security practitioners, February 2013 run an analysis against that data to highlight events that may indicate a security threat. Alternatively, the team can store data from security devices and other related systems and analyze the secu­ ity-specific data for r correlations that flag a potential attack. owned by storage system maker EMC. “People think that any time you collect security information, that is big data,” says Eddie Schwartz, chief information security officer for RSA. “No, it ‘s a new way of looking at information. Big data means that we’re looking October 2013 7
Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe darkreading.com Next at transactional information, we’re looking at the full context and content of network traffic.” For large companies, the creation of a big data store of security information may result as the byproduct of normal business, or it may be a goal. But some big data advocates urge companies to search for more data sources under a “more is better” mantra. “One of the tenets of big data is that if I have a larger data set, I may see correlations that I might not have seen before,” says Samuel Harris, director of enterprise risk management for Teradata. Yet deriving security intelligence from a large collection of business data requires hard work. Many enterprises have tried to merge additional analytics capabilities into SIEM systems, but that has caused more headaches than hits, says Lucas Zaichkowsky, enterprise defense architect for AccessData, a computer forensics and security consulting firm. “A company can have so much data and try to do so much with it, and there are no SIEM solutions that can handle it,” he says. “There are a lot of failed SIEM projects.” In fact, growth in the types and volume of data produced by networking hardware creates the greatest challenge for companies trying to mine network data. In a study of companies’ attitudes toward using big data analytics for security, half of 706 respondents had trouble handling the growth of network data, the Ponemon Institute found. Only 5% of IT
Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Next security respondents believed the growth in data is an opportunity. From Big Data To Bad Guys Nevertheless, there are success stories in combining big data and security. In 2009, IT security firm BeyondTrust embarked on its own big data project. To help security managers focus on the most pressing vulnerabilities, the company pulled together frequently updated internal information — such as the configuration of every machine in a 100,000-client network — with information on the latest vulnerabilities, exploit kits and attacks. Combining external and internal sets of data can help companies focus on the few vulnerabilities that really make a difference — situations where the company has systems using vulnerable software, and attack- Protecting Big Data Subscribe darkreading.com U sing big data could be a boon to security, but enterprises should not forget about protecting the big data itself. Because big data can be a complete record of a business’s operations, it’s important to lock it down, says Erik Jarlstrom, VP of technology solutions at Dataguise. Companies need to secure big data stores early to avoid delaying the project. Big data resides in highly distributed clusters of computers, so securing the entire systems is a challenge, according to Adrian Lane, CTO of security consultancy Securosis, which recently released a research paper on big data security. Because data is distributed among the nodes and distributed in multiple copies, it’s difficult to know where your data resides. In most cases, there is no generally available encryption for repositories, and no role-based administrative controls. Lane advises that companies should use the Kerberos protocol to authenticate big data nodes and add file encryption. “We hear [from security architects] the most popular security model is to just hide the entire cluster within their infrastructure,” Lane writes. “But those repositories are now Web accessible and very attractive targets.” —Robert Lemos ers know about the software flaws and are actively exploiting them. “As a customer, it lets me determine what do I have to do this week and what do I have to do next week to prevent my company from being hacked,” says Marc Maiffret, CTO for BeyondTrust. Another benefit is that BeyondTrust customers can see where they are vulnerable and also query the data for more specific information. “We know there is no way that we have thought of every scenario of how people will use this data, so we give them the tools and let them work with the data,” Maiffret says. Another success story: At the RSA Conference in 2012, Preston Wood, chief security officer at Salt Lake City-based Zions Bancorporation, outlined the bank’s use of analytics to mine security events. Zions used open source Hadoop coupled with Google’s MapReduce and business intelligence tools to correlate logs from antivirus, databases, firewalls, intrusion-detection systems and financial-industry-specific sources of information, such as credit applications and data. Using these methods, Zions has been able to collect and take action on security information in minutes when it used to take hours, Wood said. In most cases, big data techniques are used October 2013 9
Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe darkreading.com Next to detect compromises that have already occurred, rather than to prevent them. Because companies are living in a state of compromise, they need to gather as much information as possible on what is happening in their network, says AccessData’s Zaichkowsky. “They are accepting that there always will be a Victim Zero, and instead focus on spotting the activity.” Using statistical techniques such as linear regression, general linear models and machine learning, a security analyst looking at data can find odd behavior, suspicious events and other anomalies indicative of a compromise. While some events — such as an internal system accessed from Russia at night — are easy to identify as suspicious, more subtle transactions are missed because an analyst hasn’t created a rule to watch for the activity. Mapping access attempts from each system, for example, could help security teams pinpoint when a compromised computer is trying every system on a network. “If I ask a business person what ‘bad’ looks like, it’s not an easy question,” says RSA’s RSA, for example, regularly explores different data sets within its own business to find new sources of data that can be mined for security information, Schwartz says. Is Your Security Data Considered Big Data? Don’t know No 2% 11% No, but it will be in 24 months 14% 44% No, but it will be in 12 months Yes 30% Data: Enterprise Strategy Group’s “The Big Data Security Analytics Era Is Here” report, surveying 257 security professionals, January 2013 Schwartz. “But mathematically, these types of anomalous transactions are much more obvious when you do statistical analysis.” Unlike log data, which resembles the summary information on a phone bill, big data systems collect detailed records, network October 2013 10
Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe darkreading.com Next packet data, and other data and metadata that are important to enterprise security. For instance, a SIEM system may note that an EXE file had been downloaded to a desktop, and that the domain it came from was not on any blacklist. However, using other data, a different picture can emerge: The program was packed and obfuscated, downloaded from a nonstandard port and sent from a domain that was only 3 days old. “Using full-packet capture solutions and big data analytics, we see everything,” says John Vecchi, VP of product strategy for65 Solera 60 Networks, a security analytics firm acquired 55 by Blue Coat in May. “We are going to be able 50 to see things and derive information that you 45 would never be able to know from looking at 40 log data.” 35 In addition to allowing security analysts 30 a deeper look, scrutinizing big data gives 25 them more flexibility to find indicators of 20 compromise that may not be immediately 15 evident. One problem with current SIEM 10 systems is that they typically define their 5 searches and analyses performed on the 0 log files, giving the user less flexibility, says Mark Seward, a senior director at Splunk, which offers tools for searching and analyzing security data. “If I let my vendor determine in advance what data I am going to see, then I am already essentially compromised,” Seward says. Waiting For Maturity While big data analysis holds promise for security, a number of factors have slowed its adoption. First, most enterprises don’t have a line item in the budget for big data security are also concerned that big data projects might introduce risk by forcing changes to the way security systems collect and report data, he notes. Another major obstacle is the shortage of experts with the skills to mine large security databases for information. In addition to having the abilities of a data scientist, any big data security project leader also needs secu- Which Of These Big Data Tools Are In Use At Your Company? Microsoft Excel 65% Microsoft SQL PDW 38% Enterprise search system (any brand) Oracle Exadata 26% 21% IBM DB2 Smart Analytics System 16% Hadoop/MapReduce 14% Data: InformationWeek 2013 Big Data Survey of 257 business technology professionals at organizations with 50 or more employees, September 2012 projects. “Big data is about solving business problems, and security is generally, in the beginning, not one of those business problems,” says Hadi Nahari, chief security architect for graphics chipmaker Nvidia. Some companies rity expertise and a focus on usability, says Teradata’s Harris. The lack of skilled personnel was the third most significant barrier to a strong security posture among enterprises, according to the October 2013 11
Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe Next Ponemon Institute’s “Big Data Analytics In Cyber Defense” report, commissioned by Teradata. The top two barriers, according to the report, were a lack of effective security technology and an insufficient view into business processes — chosen by 43% and 42% of respondents, respectively. During its RSA 2012 presentation, Zions Bancorporation introduced “Big data is about solving business problems, and security is generally not one of those business problems.” —Hadi Nahari, chief security architect, Nvidia a team of three employees, including a data scientist, who created and run the company’s big data project. But most companies can’t afford to hire so many people for a big data security project. Another hurdle to using big data in security is the relative immaturity of the market. While a number of security products now tout some tie-in with big data analytics, they require a great deal of expertise to use and maintain. “Big data has been around for a while, but it’s only in its second generation,” Securosis’s Lane says. “It’s not ready for prime time for many companies.” The easiest way for a company to get started in darkreading.com
Register Previous Next BIG DATA COVER STORY SPECI Table of Contents Previous Next Previous Next Previous Download Subscribe Next analyzing its security data is to buy a large server and start collecting information, says Vigilant’s Magee. Many Vigilant clients are considering buying a large 32- or 64-CPU server and a fast data store, and some of them work with business teams that are already familiar with Hadoop. “We can leverage Moore’s Law to get out in front of this problem. We can start putting data into it and analyze it,” Magee says. “While that may seem like a very simple or mundane version of SIEM, companies want that ability. They want to ask questions of their data.” For small and midsize businesses that don’t have the resources to start up their own big data project, the only likely solution is to settle for services that incorporate external feeds and security analytics, says Jon Oltsik, senior principal analyst with the Enterprise Strategy Group. While big data analytics can be more effective than SIEM, it isn’t easy to incorporate into a business. “Easy is the key word,” Oltsik says. “Big data is too complex and too costly for most midsize businesses, so the question is who can deliver the intelligence of big data at a lower cost than doing it themselves. For most smaller companies, that will be a service provider.” Robert Lemos is a veteran technology journalist and former research engineer. Write to us at editors@darkreading.com. darkreading.com AL OFF www.b 200 with code ER: ig-data P -confe AIWEEK rence. com SAVE $ Make a Big Impact with Big Data. Join an exclusive group of 100 big data decision makers at The Big Data Conference Oct. 21-23, 2013 and define your big data strategy. Topics will include: Large enterprise case studies The big picture: A lifecycle for big data management Structuring the organization to take advantage of big data Setting a big data strategy Data visualization interfaces Domain-specific data types centered on people, money, time, and location Hadoop and other big data platforms architectures Learn more at www.big-data-conference.com n ew! APR 23 rd A new event from UBM Tech Co-Located with IL
Register Previous Next Online, Newsletters, Events, Research Table of Contents Next Previous Next Previous Previous Download Next Tim Wilson Dark Reading Site Editor timothy.wilson@ubm.com 703-262-0680 Kelly Jackson-Higgins Dark Reading Senior Editor kelly.jackson.higgins@ubm.com 434-960-9899 Rob Preston VP and Editor In Chief rob.preston@ubm.com 516-562-5692 Chris Murphy Editor chris.murphy@ubm.com 414-906-5331 Lorna Garey Content Director, Reports lorna.garey@ubm.com 978-694-1681 Jim Donahue Managing Editor james.donahue@ubm.com 516-562-7980 Shane O’Neill Managing Editor shane.oneill@ubm.com 617-202-3710 Mary Ellen Forte Senior Art Director maryellen.forte@ubm.com SALES CONTACTS—WEST STRATEGIC ACCOUNTS UBM TECH District Manager, Mary Hyland (516) 562-5120, mary.hyland@ubm.com Paul Miller CEO Western Regional Sales Director, Sandra Kupiec (415) 947-6922, sandra.kupiec@ubm.com Strategic Account Manager, Amanda Oliveri (212) 600-3106, amanda.oliveri@ubm.com Scott Mozarsky President, Media and Partner Solutions Account Manager, Ashley Cohen (415) 947-6349, ashley.i.cohen@ubm.com Account Manager, Vesna Beso (415) 947-6104, vesna.beso@ubm.com SALES CONTACTS—EAST Midwest, South, Northeast U.S. and Eastern Canada (Saskatchewan, Ontario, Quebec, New Brunswick) Eastern Regional Sales Director, Michael Greenhut (516) 562-5044, michael.greenhut@ubm.com Events Get the latest on our live events and Net events at informationweek.com/events How to Contact Us darkreading.com/aboutus/editorial Western U.S. (Pacific and Mountain states) and Western Canada (British Columbia, Alberta) Subscribe Electronic Newsletters Subscribe to Dark R ­ eading’s daily newsletter and other newsletters at darkreading.com/newsletters/subscribe Reports reports.informationweek.com for original research and strategic advice Business Contacts District Sales Manager, Vanessa Tormey (805) 284-6023, vanessa.tormey@ubm.com READER SERVICES DarkReading.com The destination for the latest news on IT security threats, technology, and best practices SALES CONTACTS—MARKETING AS A SERVICE Director of Client Marketing Strategy, Jonathan Vlock (212) 600-3019, jonathan.vlock@ubm.com SALES CONTACTS—EVENTS Marco Pardi President, Events Kelley Damore Chief Community Officer David Michael CIO Simon Carless Exec. VP, Game App Development and Black Hat Lenny Heymann Exec. VP, New Markets Angela Scalpello Sr. VP, People Culture Senior Director, InformationWeek Events, Robyn Duda (212) 600-3046, robyn.duda@ubm.com MARKETING District Manager, Jenny Hanna (516) 562-5116, jenny.hanna@ubm.com VP, Marketing, Winnie Ng-Schuchman (631) 406-6507, winnie.ng@ubm.com District Manager, Cori Gordon (516) 562-5181, cori.gordon@ubm.com Editorial Calendar informationweek.com/edcal Back Issues E-mail: customerservice@informationweek.com Phone: 888-664-3332 (U.S.) 847-763-9588 (Outside U.S.) Reprints Wright’s Media, 1-877-652-5295 Web: wrightsmedia.com/reprints/?magid=2196 E-mail: ubmreprints@wrightsmedia.com List Rentals Specialists Marketing Services Inc. E-mail: PeterCan@SMS-Inc.com Phone: (631) 787-3008 x30203 Media Kits and Advertising Contacts createyournextcustomer.com/contact-us Letters to the Editor E-mail editors@darkreading.com. Include name, title, c ­ ompany, city, and daytime phone number. Copyright 2013 UBM LLC. All rights reserved. Subscriptions E-mail: customerservice@informationweek.com Phone: 888-664-3332 (U.S.) 847-763-9588 (Outside U.S.) Director of Marketing, Monique Luttrell (415) 947-6958, monique.luttrell@ubm.com Marketing Assistant, Hilary Jansen (415) 947-6205, hilary.jansen@ubm.com darkreading.com October 2013 14

Empfohlen

Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdSusan Darby
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromiseCMR WORLD TECH
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecuritySvetlana Belyaeva
 
Big security for_big_data
Big security for_big_dataBig security for_big_data
Big security for_big_dataShyam Sarkar
 
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudITDogadjaji.com
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - WebFahd Khan
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019Ulf Mattsson
 
Quick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesQuick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesCompTIA
 

Empfohlen

Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdSusan Darby
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromiseCMR WORLD TECH
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecuritySvetlana Belyaeva
 
Big security for_big_data
Big security for_big_dataBig security for_big_data
Big security for_big_dataShyam Sarkar
 
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudITDogadjaji.com
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - WebFahd Khan
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019Ulf Mattsson
 
Quick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesQuick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesCompTIA
 
Fy17 sec shadow_it-e_book_final_032417
Fy17 sec shadow_it-e_book_final_032417Fy17 sec shadow_it-e_book_final_032417
Fy17 sec shadow_it-e_book_final_032417Основна школа "Миливоје Боровић" Мачкат
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Ulf Mattsson
 
Top 3 security concerns for enterprises
Top 3 security concerns for enterprisesTop 3 security concerns for enterprises
Top 3 security concerns for enterprisesTaranggg11
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
csxnewsletter
csxnewslettercsxnewsletter
csxnewsletterDominic Vogel
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperMartin Ruubel
 
Cybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future AttacksCybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future AttacksStrategy&, a member of the PwC network
 
Is your infrastructure holding you back?
Is your infrastructure holding you back?Is your infrastructure holding you back?
Is your infrastructure holding you back?Gabe Akisanmi
 
Cyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 cCyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 cAanchal579958
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
 
Cashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidenceCashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidenceCloudMask inc.
 
Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...Insights success media and technology pvt ltd
 
Big Data for Security
Big Data for SecurityBig Data for Security
Big Data for SecurityJoey Jablonski
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityArunvignesh Venkatesh
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss GremlinsIntronis MSP Solutions by Barracuda
 
Ten Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityTen Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityDean Bonehill ♠Technology for Business♠
 
The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.Merry D'souza
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemBernard Marr
 
Big security for big data
Big security for big dataBig security for big data
Big security for big dataGiuliano Tavaroli
 

Weitere ähnliche Inhalte

Was ist angesagt?

Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Ulf Mattsson
 
Top 3 security concerns for enterprises
Top 3 security concerns for enterprisesTop 3 security concerns for enterprises
Top 3 security concerns for enterprisesTaranggg11
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperMartin Ruubel
 
Is your infrastructure holding you back?
Is your infrastructure holding you back?Is your infrastructure holding you back?
Is your infrastructure holding you back?Gabe Akisanmi
 
Cyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 cCyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 cAanchal579958
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
 
Cashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidenceCashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidenceCloudMask inc.
 
The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.Merry D'souza
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 

Was ist angesagt? (20)

Fy17 sec shadow_it-e_book_final_032417
Fy17 sec shadow_it-e_book_final_032417Fy17 sec shadow_it-e_book_final_032417
Fy17 sec shadow_it-e_book_final_032417
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0
 
Top 3 security concerns for enterprises
Top 3 security concerns for enterprisesTop 3 security concerns for enterprises
Top 3 security concerns for enterprises
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trends
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
 
csxnewsletter
csxnewslettercsxnewsletter
csxnewsletter
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime Whitepaper
 
Cybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future AttacksCybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future Attacks
 
Is your infrastructure holding you back?
Is your infrastructure holding you back?Is your infrastructure holding you back?
Is your infrastructure holding you back?
 
Cyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 cCyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 c
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...
 
Cashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidenceCashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidence
 
Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...
 
Big Data for Security
Big Data for SecurityBig Data for Security
Big Data for Security
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins
 
Ten Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityTen Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things Security
 
The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 

Ähnlich wie Big Data Dectives

Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemBernard Marr
 
10.1.1.436.3364.pdf
10.1.1.436.3364.pdf10.1.1.436.3364.pdf
10.1.1.436.3364.pdfmistryritesh
 
Drivelock modern approach of it security & amp; encryption solution -whitep...
Drivelock modern approach of it security & amp; encryption solution -whitep...Drivelock modern approach of it security & amp; encryption solution -whitep...
Drivelock modern approach of it security & amp; encryption solution -whitep...Arbp Worldwide
 
Akamai 2018 Spring state of the Internet security report
Akamai 2018 Spring state of the Internet security reportAkamai 2018 Spring state of the Internet security report
Akamai 2018 Spring state of the Internet security reportYuriy Yuzifovich
 
Major Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeMajor Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeSysfore Technologies
 
Contractor Exposed Manufacturer's Sensitive Data
Contractor Exposed Manufacturer's Sensitive DataContractor Exposed Manufacturer's Sensitive Data
Contractor Exposed Manufacturer's Sensitive DataDigital Shadows
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutionsharman041
 
The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?Cognizant
 
What Is Cyber Threat Intelligence | How It Work? | SOCVault
What Is Cyber Threat Intelligence | How It Work? | SOCVaultWhat Is Cyber Threat Intelligence | How It Work? | SOCVault
What Is Cyber Threat Intelligence | How It Work? | SOCVaultSOCVault
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
Microsoft DATA Protection To Put secure.
Microsoft DATA Protection To Put secure.Microsoft DATA Protection To Put secure.
Microsoft DATA Protection To Put secure.jayceewong1
 
Tech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapTech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapDominic Vogel
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfYounesChafi1
 
Data Security.pptx
Data Security.pptxData Security.pptx
Data Security.pptxFujifilmFbsg
 
rovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxrovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxacarolyn
 

Ähnlich wie Big Data Dectives (20)

Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data Problem
 
Big security for big data
Big security for big dataBig security for big data
Big security for big data
 
10.1.1.436.3364.pdf
10.1.1.436.3364.pdf10.1.1.436.3364.pdf
10.1.1.436.3364.pdf
 
Drivelock modern approach of it security & amp; encryption solution -whitep...
Drivelock modern approach of it security & amp; encryption solution -whitep...Drivelock modern approach of it security & amp; encryption solution -whitep...
Drivelock modern approach of it security & amp; encryption solution -whitep...
 
Akamai 2018 Spring state of the Internet security report
Akamai 2018 Spring state of the Internet security reportAkamai 2018 Spring state of the Internet security report
Akamai 2018 Spring state of the Internet security report
 
Major Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeMajor Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | Sysfore
 
Contractor Exposed Manufacturer's Sensitive Data
Contractor Exposed Manufacturer's Sensitive DataContractor Exposed Manufacturer's Sensitive Data
Contractor Exposed Manufacturer's Sensitive Data
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
 
Cloud & Sécurité
Cloud & SécuritéCloud & Sécurité
Cloud & Sécurité
 
The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?
 
What Is Cyber Threat Intelligence | How It Work? | SOCVault
What Is Cyber Threat Intelligence | How It Work? | SOCVaultWhat Is Cyber Threat Intelligence | How It Work? | SOCVault
What Is Cyber Threat Intelligence | How It Work? | SOCVault
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
 
Microsoft DATA Protection To Put secure.
Microsoft DATA Protection To Put secure.Microsoft DATA Protection To Put secure.
Microsoft DATA Protection To Put secure.
 
Tech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapTech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event Recap
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMask
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
 
Data Security.pptx
Data Security.pptxData Security.pptx
Data Security.pptx
 
The Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemThe Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent Them
 
rovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxrovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docx
 

Mehr von - Mark - Fullbright

ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019- Mark - Fullbright
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019- Mark - Fullbright
 
CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019- Mark - Fullbright
 
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...- Mark - Fullbright
 
2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report- Mark - Fullbright
 
Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 - Mark - Fullbright
 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft- Mark - Fullbright
 
Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017- Mark - Fullbright
 
Protecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for BusinessProtecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for Business- Mark - Fullbright
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business- Mark - Fullbright
 
2017 Data Breach Investigations Report
2017 Data Breach Investigations Report2017 Data Breach Investigations Report
2017 Data Breach Investigations Report- Mark - Fullbright
 
Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016- Mark - Fullbright
 
Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015- Mark - Fullbright
 

Mehr von - Mark - Fullbright (20)

ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report
 
Police, Protesters, Press, 2020
Police, Protesters, Press, 2020Police, Protesters, Press, 2020
Police, Protesters, Press, 2020
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)
 
FCPA Guidance 2020
FCPA Guidance 2020FCPA Guidance 2020
FCPA Guidance 2020
 
Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019
 
CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019
 
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
 
2018 IC3 Report
2018 IC3 Report2018 IC3 Report
2018 IC3 Report
 
2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report
 
Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018
 
Credit Score Explainer
Credit Score ExplainerCredit Score Explainer
Credit Score Explainer
 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft
 
Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017
 
Protecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for BusinessProtecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for Business
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business
 
2017 Data Breach Investigations Report
2017 Data Breach Investigations Report2017 Data Breach Investigations Report
2017 Data Breach Investigations Report
 
Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016
 
Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015
 

Kürzlich hochgeladen

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesShubhangi Sonawane
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701bronxfugly43
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIShubhangi Sonawane
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxVishalSingh1417
 

Kürzlich hochgeladen (20)

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 

Big Data Dectives

  • 1. Next >> R Previous Next darkreading.com Previous Next Previous Next OCTOBER 2013 Previous Next Download Subscribe Could big data be the key to identifying sophisticated threats? Security experts are on the case. >> By Robert Lemos PLUS Secure the perimeter, but analyze the data >>
  • 2. Register Previous Next October 2013 Issue 13 CONTENTS Previous Next Previous Next Previous Download Subscribe Next COVER STORY Big Data Detectives Companies are using data analytics to improve security but they’re challenged by immature technology and a scarcity of expertise. p5 DARK DOMINION Bolster Perimeter Protection Security analytics is the next generation of defense. p4 CONTACTS Editorial and Business Contacts p14 More From Dark Reading Detect Business Threats Dark Reading’s Security Monitoring Tech Center is a single community dedicated to the tools and techniques used to analyze security activity and detect potential threats to the business. darkreading.com/monitoring How Do You Handle Big Data? The Big Data Conference provides three days of comprehensive content for business and technology pros seeking to capitalize on the boom in data volume. In Chicago, Oct. 21-23. darkreading.com/2013bigdataconf Navigate The Cloud Cloud Connect’s summits, panels and boot camps draw fellow IT pros wrestling with cloud challenges. In Chicago, Oct. 21-23. darkreading.com/2013cc PREVIOUS ISSUE FOLLOW US ON TWITTER AND FACEBOOK @DarkReading darkreading.com darkreading.com/facebook The Changing Face Of APTs Advanced persistent threats are evolving in motivation, malice and sophistication. Are you ready to stop the madness? darkreading.com/issue/aptaugust2013 October 2013 2
  • 3. Previous Next Not all SSL certificates are the same. We have the Internet’s most trusted mark. Symantec™ Website Security Solutions include industry-leading SSL, certificate management, vulnerability assessment and malware scanning, Express Renewal, and 24x7 support. The Norton™ Secured Seal and Symantec Seal-in-Search assure your customers that they are safe to search, to browse, to buy. With 100 percent uptime since 2004, military-grade data centers, and industry-leading SSL, Symantec is the leading provider of website security for your business. Please call (866) 893-6565 or visit us at www.symantec.com/ssl-certificates to learn more about Symantec Website Security Solutions. Copyright © 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, and Norton are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other trademarks may be trademarks of their respective owners.
  • 4. Previous Previous Register Previous Next DARK DOMINION Table of Contents Previous Next Previous Next Previous Download Subscribe Cloud Expertise Cloud Connect, Oct. 21-23 in Chicago, offers in-depth boot camps, panel discussions and peer networking to help you weigh your cloud options. Register Next Secure The Perimeter, Then Add Big Data A few years ago, my pest control company started a service called “perimeter defense.” Instead of bringing a technician inside and spraying each room, my exterminators said they would treat the house from the outside, effectively creating a safe “wall” that vermin couldn’t penetrate. Sorry, I had to stop typing for a moment and wipe another bug off my screen. I wonder why the spider in the corner doesn’t ever catch those things? Like most IT security professionals, I no longer believe that perimeter defense will stop all the intruders. Yes, it helps a lot. But I’ve accepted the fact that no matter how good my outside defense is, the most sophisticated pests will find their way in. As a result, I keep flyswatters and bug spray handy. I have my own strategies for finding and killing what evades my external defenses. In the enterprise, this process for detecting and eliminating the attacks that bypass the perimeter — sometimes called incident response — is becoming an increasingly im- portant part of enterprise defense. Assume you will be hacked, the logic goes, and be ready with your backup plan. It’s the virtual equivalent of my flyswatter and bug spray. Unlike pesky bugs, though, a sophisticated enterprise compromise can result in very big problems — loss of customer data, loss of service and even loss of business. One fierce attack could cost your company millions of dollars and, if it’s properly hidden, could suck the data out of your systems for months, or even years. To help reduce this risk, many big companies are relying on forensic tools and experts to detect these sophisticated threats and root them out before they can damage the business. “Incident response” has become “data forensics,” in which the goal is to identify evasive attacks through detailed analysis of digital evidence found in system log files and security event management systems that track security-related data and flag anomalous activity. The problem is that there’s so much secu- TIM WILSON @darkreadingtim rity-related information that finding and correlating the few bits of data needed to identify an attack can be nearly impossible for a single human. To quote one expert, “it’s like trying to find a needle in a stack of needles.” The forensics problem has given rise to a new class of tools and best practices being called “security analytics.” The detailed study of security data increasingly embraces big data analysis tools and techniques used by other parts of the business, and it’s becoming the next generation of defense. This special digital issue of Dark Reading offers a look at this new trend. Like me and my exterminators, enterprises haven’t given up on perimeter defense, but they acknowledge it can’t stop everything. For today’s business, security doesn’t just mean developing an effective screen against attack, it means an effective strategy for wiping out the bugs that get through the holes. Tim Wilson is editor of DarkReading.com. Write to him at timothy.wilson@ubm.com. Next darkreading.com Next October 2013 4
  • 5. Register Previous COVER STORY Next Table of Contents Previous Next Previous Next Previous By Robert Lemos Next F Download Subscribe Big Data Detectives Could big data be the key to identifying sophisticated threats? Security experts are on the case. darkreading.com @roblemos or Vigilant, it started in 2009. And as with most companies, it started small. The security services startup, now part of audit and consulting firm Deloitte, wanted a way to bring information about external threats to clients that were using SIEM (security information and event management) systems to monitor their own environments. The Vigilant team knew that the combination of external threat data with internal security event data could be a powerful way to improve enterprise defenses, but crunching all that data would be a monumental task. Vigilant began combining threat intelligence feeds, filtering the data to pull out the most important information for each client, and then transmitting the data to their clients’ SIEM systems. The company started with two threat lists: domains servOctober 2013 5
  • 6. Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe Get Smart Our Threat Intelligence Tech Center provides in-depth information on collecting and analyzing data on emerging cybersecurity threats. Click Here darkreading.com Next ing malware, and domains compromised by the Trojans SpyEye and Zeus. To reduce false alarms and aid in analysis, the company began adding more data feeds. Vigilant’s analysts quickly became addicted to the analysis. Each new source of data gave them the ability to tease out additional information on threats. By 2011, the company was processing about 50 to 100 GBs per day. But the company’s systems couldn’t keep up with the flow of data, and it started missing performance deadlines, says Joe Magee, co-founder and former CTO of Vigilant, who is now a director at Deloitte. “We were not able to catch up,” Magee says. “We were not able to process the information and push it out fast enough, and that’s when it became a big data issue for us. We needed to be able to rip through this data in Googlelike fashion.” The volume of data and rate of change caused the problem, because most of the data came in the form of feeds updated daily with gigabytes of data. It overwhelmed the company’s initial database built on top of Postgres. In 2011, Vigilant moved to Hadoop and became one of many companies — both vendors and enterprises — that are advocating the use of big data analytics to improve the response to security threats. Big Data Still Just A Promise For security teams, the use of analytics on massive quantities of security data — from device and application logs to collections of captured network packets and operational business data — promises better visibility into the security threats that elude current defenses. Big data analytics can be more complex than the log collection and analysis conducted by most SIEM systems, so automating the number crunching is often needed to let security pros more easily use statistical correlations to discover trends and anomalies. Tracking days or weeks of business activity allows the system to find outliers — a user who accesses far more data on a daily basis than the average employee, or a system that has a sudden spike “A company can have so much data and try to do so much with it, and there are no SIEM solutions that can handle it.” —Lucas Zaichkowsky, AccessData in resource consumption. Analysts then can dig deeper into the large data sets of security information for any flagged events. “Big data is not just about gaining insights, it’s about helping remediate issues faster,” says Jason Corbin, director of security intelligence strategy for IBM Security Systems. “The big problem is that [security teams] are overwhelmed with information they have. All October 2013 6
  • 7. Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe Next that information goes to some guy who has to sift through tons of incidents or vulnerability reports and decide what they need to patch or virtually patch or fix. Security teams fall behind, and that’s how companies suffer breaches based on known but unpatched vulnerabilities.” But for many companies, the promise of big data in security is just that — a promise. While security teams hope to gain more awareness of what is going on in their networks by collecting and analyzing more of their data, the technology is still in its adolescence. “Hadoop has been around for a while, but it is still figuring out what it is and what is wants to be,” says Adrian Lane, CTO for security consultancy Securosis. Still, the potential is huge, Lane adds. Companies that kick off a big data project for security can collect an immense volume of data and have a security analyst poke through the information, ask queries of the data and make important discoveries. How Big Is Big? Big data itself isn’t a technology or a method of analysis. It’s a concept that involves collecting, managing and making sense of more and new data sources. It’s about analyzing the darkreading.com “dark data” (data that is collected but rarely used) created by business devices and systems. For companies, that means collecting orders of magnitude more data. Business projects aimed at using big data to support security typically follow two paths. In the first, security teams gain access to a company’s operational data and Which types of data should be analyzed? Opinions vary. Many SIEM vendors argue that the proliferation of device log data creates a big data problem. Other companies, such as RSA, use a more strict definition. For them, big data means monitoring all of the information that crosses the enterprise network — perhaps an unsurprising opinion for a company When Will You Use Big Data Analytics For Cyber Defense? 23% No plans Using now 39% 17% 12% Within 9 months Within 3 months 9% Within 6 months Data: Ponemon Institute’s “Big Data Analytics In Cyber Defense” report, surveying 706 IT security practitioners, February 2013 run an analysis against that data to highlight events that may indicate a security threat. Alternatively, the team can store data from security devices and other related systems and analyze the secu­ ity-specific data for r correlations that flag a potential attack. owned by storage system maker EMC. “People think that any time you collect security information, that is big data,” says Eddie Schwartz, chief information security officer for RSA. “No, it ‘s a new way of looking at information. Big data means that we’re looking October 2013 7
  • 8. Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe darkreading.com Next at transactional information, we’re looking at the full context and content of network traffic.” For large companies, the creation of a big data store of security information may result as the byproduct of normal business, or it may be a goal. But some big data advocates urge companies to search for more data sources under a “more is better” mantra. “One of the tenets of big data is that if I have a larger data set, I may see correlations that I might not have seen before,” says Samuel Harris, director of enterprise risk management for Teradata. Yet deriving security intelligence from a large collection of business data requires hard work. Many enterprises have tried to merge additional analytics capabilities into SIEM systems, but that has caused more headaches than hits, says Lucas Zaichkowsky, enterprise defense architect for AccessData, a computer forensics and security consulting firm. “A company can have so much data and try to do so much with it, and there are no SIEM solutions that can handle it,” he says. “There are a lot of failed SIEM projects.” In fact, growth in the types and volume of data produced by networking hardware creates the greatest challenge for companies trying to mine network data. In a study of companies’ attitudes toward using big data analytics for security, half of 706 respondents had trouble handling the growth of network data, the Ponemon Institute found. Only 5% of IT
  • 9. Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Next security respondents believed the growth in data is an opportunity. From Big Data To Bad Guys Nevertheless, there are success stories in combining big data and security. In 2009, IT security firm BeyondTrust embarked on its own big data project. To help security managers focus on the most pressing vulnerabilities, the company pulled together frequently updated internal information — such as the configuration of every machine in a 100,000-client network — with information on the latest vulnerabilities, exploit kits and attacks. Combining external and internal sets of data can help companies focus on the few vulnerabilities that really make a difference — situations where the company has systems using vulnerable software, and attack- Protecting Big Data Subscribe darkreading.com U sing big data could be a boon to security, but enterprises should not forget about protecting the big data itself. Because big data can be a complete record of a business’s operations, it’s important to lock it down, says Erik Jarlstrom, VP of technology solutions at Dataguise. Companies need to secure big data stores early to avoid delaying the project. Big data resides in highly distributed clusters of computers, so securing the entire systems is a challenge, according to Adrian Lane, CTO of security consultancy Securosis, which recently released a research paper on big data security. Because data is distributed among the nodes and distributed in multiple copies, it’s difficult to know where your data resides. In most cases, there is no generally available encryption for repositories, and no role-based administrative controls. Lane advises that companies should use the Kerberos protocol to authenticate big data nodes and add file encryption. “We hear [from security architects] the most popular security model is to just hide the entire cluster within their infrastructure,” Lane writes. “But those repositories are now Web accessible and very attractive targets.” —Robert Lemos ers know about the software flaws and are actively exploiting them. “As a customer, it lets me determine what do I have to do this week and what do I have to do next week to prevent my company from being hacked,” says Marc Maiffret, CTO for BeyondTrust. Another benefit is that BeyondTrust customers can see where they are vulnerable and also query the data for more specific information. “We know there is no way that we have thought of every scenario of how people will use this data, so we give them the tools and let them work with the data,” Maiffret says. Another success story: At the RSA Conference in 2012, Preston Wood, chief security officer at Salt Lake City-based Zions Bancorporation, outlined the bank’s use of analytics to mine security events. Zions used open source Hadoop coupled with Google’s MapReduce and business intelligence tools to correlate logs from antivirus, databases, firewalls, intrusion-detection systems and financial-industry-specific sources of information, such as credit applications and data. Using these methods, Zions has been able to collect and take action on security information in minutes when it used to take hours, Wood said. In most cases, big data techniques are used October 2013 9
  • 10. Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe darkreading.com Next to detect compromises that have already occurred, rather than to prevent them. Because companies are living in a state of compromise, they need to gather as much information as possible on what is happening in their network, says AccessData’s Zaichkowsky. “They are accepting that there always will be a Victim Zero, and instead focus on spotting the activity.” Using statistical techniques such as linear regression, general linear models and machine learning, a security analyst looking at data can find odd behavior, suspicious events and other anomalies indicative of a compromise. While some events — such as an internal system accessed from Russia at night — are easy to identify as suspicious, more subtle transactions are missed because an analyst hasn’t created a rule to watch for the activity. Mapping access attempts from each system, for example, could help security teams pinpoint when a compromised computer is trying every system on a network. “If I ask a business person what ‘bad’ looks like, it’s not an easy question,” says RSA’s RSA, for example, regularly explores different data sets within its own business to find new sources of data that can be mined for security information, Schwartz says. Is Your Security Data Considered Big Data? Don’t know No 2% 11% No, but it will be in 24 months 14% 44% No, but it will be in 12 months Yes 30% Data: Enterprise Strategy Group’s “The Big Data Security Analytics Era Is Here” report, surveying 257 security professionals, January 2013 Schwartz. “But mathematically, these types of anomalous transactions are much more obvious when you do statistical analysis.” Unlike log data, which resembles the summary information on a phone bill, big data systems collect detailed records, network October 2013 10
  • 11. Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe darkreading.com Next packet data, and other data and metadata that are important to enterprise security. For instance, a SIEM system may note that an EXE file had been downloaded to a desktop, and that the domain it came from was not on any blacklist. However, using other data, a different picture can emerge: The program was packed and obfuscated, downloaded from a nonstandard port and sent from a domain that was only 3 days old. “Using full-packet capture solutions and big data analytics, we see everything,” says John Vecchi, VP of product strategy for65 Solera 60 Networks, a security analytics firm acquired 55 by Blue Coat in May. “We are going to be able 50 to see things and derive information that you 45 would never be able to know from looking at 40 log data.” 35 In addition to allowing security analysts 30 a deeper look, scrutinizing big data gives 25 them more flexibility to find indicators of 20 compromise that may not be immediately 15 evident. One problem with current SIEM 10 systems is that they typically define their 5 searches and analyses performed on the 0 log files, giving the user less flexibility, says Mark Seward, a senior director at Splunk, which offers tools for searching and analyzing security data. “If I let my vendor determine in advance what data I am going to see, then I am already essentially compromised,” Seward says. Waiting For Maturity While big data analysis holds promise for security, a number of factors have slowed its adoption. First, most enterprises don’t have a line item in the budget for big data security are also concerned that big data projects might introduce risk by forcing changes to the way security systems collect and report data, he notes. Another major obstacle is the shortage of experts with the skills to mine large security databases for information. In addition to having the abilities of a data scientist, any big data security project leader also needs secu- Which Of These Big Data Tools Are In Use At Your Company? Microsoft Excel 65% Microsoft SQL PDW 38% Enterprise search system (any brand) Oracle Exadata 26% 21% IBM DB2 Smart Analytics System 16% Hadoop/MapReduce 14% Data: InformationWeek 2013 Big Data Survey of 257 business technology professionals at organizations with 50 or more employees, September 2012 projects. “Big data is about solving business problems, and security is generally, in the beginning, not one of those business problems,” says Hadi Nahari, chief security architect for graphics chipmaker Nvidia. Some companies rity expertise and a focus on usability, says Teradata’s Harris. The lack of skilled personnel was the third most significant barrier to a strong security posture among enterprises, according to the October 2013 11
  • 12. Register Previous Next BIG DATA COVER STORY Table of Contents Previous Next Previous Next Previous Download Subscribe Next Ponemon Institute’s “Big Data Analytics In Cyber Defense” report, commissioned by Teradata. The top two barriers, according to the report, were a lack of effective security technology and an insufficient view into business processes — chosen by 43% and 42% of respondents, respectively. During its RSA 2012 presentation, Zions Bancorporation introduced “Big data is about solving business problems, and security is generally not one of those business problems.” —Hadi Nahari, chief security architect, Nvidia a team of three employees, including a data scientist, who created and run the company’s big data project. But most companies can’t afford to hire so many people for a big data security project. Another hurdle to using big data in security is the relative immaturity of the market. While a number of security products now tout some tie-in with big data analytics, they require a great deal of expertise to use and maintain. “Big data has been around for a while, but it’s only in its second generation,” Securosis’s Lane says. “It’s not ready for prime time for many companies.” The easiest way for a company to get started in darkreading.com
  • 13. Register Previous Next BIG DATA COVER STORY SPECI Table of Contents Previous Next Previous Next Previous Download Subscribe Next analyzing its security data is to buy a large server and start collecting information, says Vigilant’s Magee. Many Vigilant clients are considering buying a large 32- or 64-CPU server and a fast data store, and some of them work with business teams that are already familiar with Hadoop. “We can leverage Moore’s Law to get out in front of this problem. We can start putting data into it and analyze it,” Magee says. “While that may seem like a very simple or mundane version of SIEM, companies want that ability. They want to ask questions of their data.” For small and midsize businesses that don’t have the resources to start up their own big data project, the only likely solution is to settle for services that incorporate external feeds and security analytics, says Jon Oltsik, senior principal analyst with the Enterprise Strategy Group. While big data analytics can be more effective than SIEM, it isn’t easy to incorporate into a business. “Easy is the key word,” Oltsik says. “Big data is too complex and too costly for most midsize businesses, so the question is who can deliver the intelligence of big data at a lower cost than doing it themselves. For most smaller companies, that will be a service provider.” Robert Lemos is a veteran technology journalist and former research engineer. Write to us at editors@darkreading.com. darkreading.com AL OFF www.b 200 with code ER: ig-data P -confe AIWEEK rence. com SAVE $ Make a Big Impact with Big Data. Join an exclusive group of 100 big data decision makers at The Big Data Conference Oct. 21-23, 2013 and define your big data strategy. Topics will include: Large enterprise case studies The big picture: A lifecycle for big data management Structuring the organization to take advantage of big data Setting a big data strategy Data visualization interfaces Domain-specific data types centered on people, money, time, and location Hadoop and other big data platforms architectures Learn more at www.big-data-conference.com n ew! APR 23 rd A new event from UBM Tech Co-Located with IL
  • 14. Register Previous Next Online, Newsletters, Events, Research Table of Contents Next Previous Next Previous Previous Download Next Tim Wilson Dark Reading Site Editor timothy.wilson@ubm.com 703-262-0680 Kelly Jackson-Higgins Dark Reading Senior Editor kelly.jackson.higgins@ubm.com 434-960-9899 Rob Preston VP and Editor In Chief rob.preston@ubm.com 516-562-5692 Chris Murphy Editor chris.murphy@ubm.com 414-906-5331 Lorna Garey Content Director, Reports lorna.garey@ubm.com 978-694-1681 Jim Donahue Managing Editor james.donahue@ubm.com 516-562-7980 Shane O’Neill Managing Editor shane.oneill@ubm.com 617-202-3710 Mary Ellen Forte Senior Art Director maryellen.forte@ubm.com SALES CONTACTS—WEST STRATEGIC ACCOUNTS UBM TECH District Manager, Mary Hyland (516) 562-5120, mary.hyland@ubm.com Paul Miller CEO Western Regional Sales Director, Sandra Kupiec (415) 947-6922, sandra.kupiec@ubm.com Strategic Account Manager, Amanda Oliveri (212) 600-3106, amanda.oliveri@ubm.com Scott Mozarsky President, Media and Partner Solutions Account Manager, Ashley Cohen (415) 947-6349, ashley.i.cohen@ubm.com Account Manager, Vesna Beso (415) 947-6104, vesna.beso@ubm.com SALES CONTACTS—EAST Midwest, South, Northeast U.S. and Eastern Canada (Saskatchewan, Ontario, Quebec, New Brunswick) Eastern Regional Sales Director, Michael Greenhut (516) 562-5044, michael.greenhut@ubm.com Events Get the latest on our live events and Net events at informationweek.com/events How to Contact Us darkreading.com/aboutus/editorial Western U.S. (Pacific and Mountain states) and Western Canada (British Columbia, Alberta) Subscribe Electronic Newsletters Subscribe to Dark R ­ eading’s daily newsletter and other newsletters at darkreading.com/newsletters/subscribe Reports reports.informationweek.com for original research and strategic advice Business Contacts District Sales Manager, Vanessa Tormey (805) 284-6023, vanessa.tormey@ubm.com READER SERVICES DarkReading.com The destination for the latest news on IT security threats, technology, and best practices SALES CONTACTS—MARKETING AS A SERVICE Director of Client Marketing Strategy, Jonathan Vlock (212) 600-3019, jonathan.vlock@ubm.com SALES CONTACTS—EVENTS Marco Pardi President, Events Kelley Damore Chief Community Officer David Michael CIO Simon Carless Exec. VP, Game App Development and Black Hat Lenny Heymann Exec. VP, New Markets Angela Scalpello Sr. VP, People Culture Senior Director, InformationWeek Events, Robyn Duda (212) 600-3046, robyn.duda@ubm.com MARKETING District Manager, Jenny Hanna (516) 562-5116, jenny.hanna@ubm.com VP, Marketing, Winnie Ng-Schuchman (631) 406-6507, winnie.ng@ubm.com District Manager, Cori Gordon (516) 562-5181, cori.gordon@ubm.com Editorial Calendar informationweek.com/edcal Back Issues E-mail: customerservice@informationweek.com Phone: 888-664-3332 (U.S.) 847-763-9588 (Outside U.S.) Reprints Wright’s Media, 1-877-652-5295 Web: wrightsmedia.com/reprints/?magid=2196 E-mail: ubmreprints@wrightsmedia.com List Rentals Specialists Marketing Services Inc. E-mail: PeterCan@SMS-Inc.com Phone: (631) 787-3008 x30203 Media Kits and Advertising Contacts createyournextcustomer.com/contact-us Letters to the Editor E-mail editors@darkreading.com. Include name, title, c ­ ompany, city, and daytime phone number. Copyright 2013 UBM LLC. All rights reserved. Subscriptions E-mail: customerservice@informationweek.com Phone: 888-664-3332 (U.S.) 847-763-9588 (Outside U.S.) Director of Marketing, Monique Luttrell (415) 947-6958, monique.luttrell@ubm.com Marketing Assistant, Hilary Jansen (415) 947-6205, hilary.jansen@ubm.com darkreading.com October 2013 14