Along with hundreds of CISOs, CSOs, CIOs and IT and risk management professionals keeping a pulse on enterprise security, I just returned from Gartner’s Risk and Security Summit. Beginning with Avivah Litan’s conference opening keynote — and from one packed session to the next — it was clear that big data discovery and big data analytics in enterprise security were hot topics this year.
Experts at the summit agreed that the explosion of big data and the advent of IoT means that businesses face more vulnerabilities and complexities to data security than ever before. Existing security solutions are being pushed to their limits as new innovations come into play. The big issue: most security solutions are limited to the amount of data they can discover and analyze – usually 30 days or less. Gartner analysts and attendees alike highlighted the importance of big data analytics to identify weaknesses and connect the dots in these risky situations.
Below are three Gartner conference sessions that explored aspects of big data security analytics, and summary of each:
- From ‘Prevention Only’ to ‘Detect and Respond’
- Gartner clearly set the theme for the conference with their keynote and providing the 6 key principles for handling the fork in the road that all CISOs will find themselves staring at shortly. One of the principles that will be broadly adopted is Detection and Respond. It’s time we all acknowledge that prevention while table stakes will ultimately be defeated but we can prevent damage to the business by detecting cybercriminals in our environment before they exfiltrate any data. Risk-based thinking, understanding the flow of data and impact to business are the other key pillars for the essential security monitoring programs.
- Siloed No More: Big Data Analytics Lets Security Products Share Knowledge
- Symantec, one of the kings of traditional security solutions, delivered one of the vendor keynotes and said it’s placing bigger bets on the emerging analytics space because it is how the security software industry must expand. VP Nico Popp confirmed the difficulty with siloed data security operations, which has meant difficulty prioritizing alerts and wasted time chasing down false positives.
- More Data Processes = More Complexity
- Gartner analysts Avivah Litan and Neil MacDonald burst the bubble on the idea of absolute data protection. Continued Anton Chuvakin, “you can have a SIEM tool, but you cannot buy a security monitoring capability. You have to buy the tools, grow the people and mature the processes.”
Gartner predicts a bright future for the adoption and opportunities of big data analytics for security, and the firm is positioning it as an essential in any enterprise security toolkit. Big data analytics, especially security analytics is no longer just heating up—it’s hot.