I hold a series of C’level roundtable discussions every quarter for a select group of customers and prospects of EMC. At all of these lunches the talking starts as we sit down and no-one seems to take a breath until the venue throws us out. While discussing security last quarter, I spoke about the role of ‘Big Data’ which was met by a collective sigh around the table… and a comment about “Clive’s hobby horse!”
Last week I was vindicated with a press release titled, “Security Leaders Urge Organizations to Prepare for Big Data Revolution in Information Security” (google search). I keep telling people that security is a big data problem because it it’s the ‘classical’ big data classification of VVV and maybe another V:
– Volume:- Lots of data coming from the fire hose, logs, events, etc..
– Velocity:- – just consider the EMC RSA product Netwitness that captures every network packet in and out of an organisation
– Variety:- Every place you take information from will provide it in a different shape, size and flavour.
Then the ‘Big Data’ techniques of matching, linking and modelling allow us to bring the data together, look for known patterns, apply heuristics to look for suspicious behaviours… and wallah – Security is a Big Data Problem.
The brief is worth reading, (here), as it outlines an approach to preparing to include a ‘Big Data’ approach to your ‘intelligence-driven’ security program:-
- Set a holistic cyber-security strategy
- Establish a shared data architecture for security information
- Migrate from point products to a unified security architecture
- Look for open and scalable Big Data security tools
- Strengthen the SOC’s data science skills
- Leverage external threat intelligence
Big Data is changing the way we live, work and play!