So much has been spoken, written, and, frankly, overhyped about Big Data in recent years that the most important considerations with regard to Big Data might seem to be: what to believe, and where to start. Actually, IT and data science teams deploying data management solutions are expressing three primary concerns to Stratecast with regard to Big Data: 1. Ensuring that they are accessing all relevant data from all sources to meet the needs of the organization—driven by the fear, or at least healthy skepticism, that they are not. 2. Managing the “firehose” of data that results from comprehensive data access, such that rather than drowning in data, a company can dive in and focus on what is most important. 3. Empowering users with focused, actionable information by making it simple for organization users to query the data to quickly obtain the information they need. If an organization can step up to these challenges, it can achieve what data management is supposed to be all about: achieving a high degree of accuracy in assessing current conditions, studying past events and outcomes to spot relevant trends, and using insights from current and past occurrences to predict future behaviors. An important question remains: where might data management be best applied?
Can, for example, data management solve network and information security challenges? The answer is a resounding yes! The security discipline feeds on a staggering amount of data originating from a myriad of internal and external sources. Internal sources such as routers, switches, network probes, and gateways churn out streams of data describing what is occurring across an organization’s network of endpoints and compute and storage systems hosted in private data centers and in public clouds. Externally, there are multiple streams of threat intelligence. Yet, the data management continuum does not end there—that is, in merely collecting wide swaths of internal and external data feeds. All of this data has potential relevancy to the organization. Filtering potential relevancy to genuine relevancy so that legitimate threats can be identified and thwarted before they become damaging to the organization is the primary objective. If this sounds like the proverbial “finding the needle in a haystack” type of challenge, it is—but to an even more extreme case: a swirling field of haystacks.
Unfortunately, this data management challenge in security is even more complex than a swirling field of data haystacks. Organizations have made investments in a host of security point solutions. Although legitimately done to follow the best practice of a layered defense, and to respond to new penetration and evasion techniques developed by threat actors, the outcome is suboptimal for several reasons. First, the potency of security point solutions degrades over time as threat actors discover and exploit the individual shortcomings of each point solution. Second, security point solutions add to the data haystacks—that is, more data to filter through. And third, security point solutions are just that, point solutions designed to function for specific purposes. Bridging this purpose independence moves the organization to a better state of security readiness; one that is equipped with a coordinated and adaptive web of defense. Lacking this web of defense, threat actors have exploited this vulnerability in both clandestine and overt means.
This Stratecast report analyzes the challenges of today’s expanding threat landscape, and how Big Data-powered machine learning can help meet those challenges.
Table Of Contents
Security Today Demands New Approaches Built on Machine Learning and Big DataÂ Introduction Threats on the Rise Tax Existing Security Approaches Solutions Can Be Found in Big Data-driven Machine Learning A Big Data-driven Solution: Masergy Unified Enterprise Security (UES) Stratecast - The Last Word About Stratecast About Frost and Sullivan