Big data is changing the way IT professionals approach enterprise security. Analysts continue to make big data security predictions that enterprise networks will become more intelligent and better able to proactively deal with security threats thanks to big data. Hadoop is inherently scalable and able to deal with massive quantities of data, but it lacks security tools, so one of the big data security predictions is that it will be up to third parties to bring security to big data. But first, security experts have to rethink enterprise security strategies.
According to Symantec, eight data breaches in 2013 exposed more than 552 million user identities, an increase of 62 percent over 2012. Cybercriminal activity is on the rise and every day the news has new reports of hackers stealing sensitive information. In addition to the known methods of attack, there also were new forms of attack in 2013 through baby monitors, smart televisions, security cameras, and other devices. And cybercriminals are using social media to launch more targeted attacks using profile data.
New Sources of Threats
Big data means that IT security has more to worry about. In addition to traditional network security, the IT team now needs to worry about cloud security, mobile security from BYOD, and even security from industry control systems (i.e. the Internet of Things).
Part of the security challenge with big data is that the data and processing power is spread across multiple devices that are both physically and virtually connected to the enterprise. Each data storage or end point presents another opportunity for attack. And big data requires massive amounts of incoming information, much of it from third parties or unsecured sources such as machine data. IT no longer has control over all the data in the enterprise and data volume is now beyond the ability of conventional data security tools.
To date, network security has relied on intrusion detection systems (IDS) that are designed to track specific activity. Security tools are not tuned to identify attacks from trusted users. Using information gathered online, data thieves introduce themselves as old acquaintances and use social media tricks to gain access to trusted hosts using false credentials. They look like trusted users, and can introduce malware that can change settings on group policy objects, or change the order of DLL commands so the malware boots on startup. If hackers target users with the right administration rights, the entire network can be compromised.
In light of these changes, here are some of the big data security predictions that the experts are making:
Intelligent Security Management
One of the big data security predictions is that more enterprises will harness big data analytics to fight big data security threats. Rather than looking for just known threats, big data analytics can identify anomalies in behavior to detect malicious activity and automate a response, such as quarantining systems, changing network device settings, locking down accounts, and issuing a fraud alert – the better the automation, the better the threat detection.
According to the RSA: "Big data analytics, when used within an intelligence-driven security program, automates many risk assessments and threat detection processes and puts the advantage of time back in an organization's hands. Big data analytics also helps enhance situational awareness and shorten reaction times to potential risks and problems."
Using security analytics to look for patterns, big data security can better identify anomalies that reveal unknown threats, proactively monitor for known threats, and provide better data for failure analysis and forensics.
Big Data Security Promises Proactive Response
As big data for security evolves, enterprise security will become increasingly proactive and less reactive. The scalability and real-time analysis of big data analytics will make it possible to identify threats before they occur. What this means for the future of network security is:
- Enterprise security will rely on a holistic view of potential threats and risk mitigation to maintain user confidentiality and promote data availability.
- Threat complexity will grow as big data embraces new data sources and network devices.
- Point tools for security detection will give way to statistical analysis that can create a baseline for security and identify outliers as a way to detect security threats.
- Security is being redefined to encompass more services and to protect not just confidential data but intellectual property, business reputation, and service delivery.
- Security specialists will use more data, not less, for analytics and there will be an increased focus on root cause analysis.
- Security investigations will move beyond network data to include data from every aspect of the business.
As big data adoption grows, new security strategies will embrace big data to proactively monitor for new types of attacks. This is going to mean rethinking traditional approaches to network security.
What are your big data security predictions for enterprise networks?