Not a day goes by that I don’t have to report on someone getting hacked and getting its classified information stolen and/or destroyed.
Yet, an average of 35 per cent of all cyber-attacks still go undetected, new research shows. The research also suggests that organisations need to shift from reactive to proactive strategies that seek to understand a threat before an attacker can cause damage.
The IDC research sponsored by SAS, named 'Big Data and Predictive Analytics: On the Cyber-security Frontline', says this means constant monitoring of network behaviour is essential so that unusual activity can be distinguished from normal behaviour.
To do this, organisations require a new set of security solutions to match the increasing number and sophistication of attacks. Applying predictive and behavioural analytics to all available enterprise and external data can help organisations evaluate threat potential, detect likely attacks and gather further intelligence.
These analytics need to execute in real time so threats can be proactively mitigated before significant loss occurs.
“After more detailed evaluation of the challenges and gaps in the market, organisations need a more strategic approach to threats by augmenting existing security systems with more advanced behavioural analytics,” said Alan Webber of IDC. “Software vendors who have integrated a big data analytics platform at the core are well positioned to provide an additional layer of security protection and deterrence in the market.”
IDC interviewed information security executives, practitioners and industry experts across three industries: US federal government, financial services and energy. The goal was to understand the evolving cyber-security threat landscape and how big data and predictive analytics should be deployed to better address threats and risks they face every day.
The research explains that effective big data solutions must differ from existing, reactive “collect and analyse” methods since we now have technology to use information in timeframes and manners not possible in the past. To derive value from big data, organisations need behavioural analytics and frameworks like Hadoop to improve security at a much faster rate.
This is not an insignificant issue: The US Computer Emergency Readiness Team (US-CERT) reported more than 46,000 incidents at US federal government agencies in 2013. IDC estimates US federal government agencies alone will spend over $14.5 billion (£9.49 billion) in IT security to thwart attackers and address incidents.
The IDC research also predicted the financial services industry would spend over $40 billion (£26.1 billion) in 2015 on managing operational risks, including cyber-threats.
It’s time we started detecting threats as they happen, not once they’ve happened.