Cyber-criminals unfortunately have been on top of the latest technologies and are upping-the-ante of their attacks, in some ways faster than the good guys are able to respond. Based on the increasingly brazen examples of cyber-crime we witnessed in 2014, the time for urgency around protecting your business is now more relevant than ever. Nothing is safe anymore and individuals and businesses need an “all hands on deck” approach to securing their assets.
In this era of alarming cyber-crime (seen in such major breeches against Target, Home Depot, or Sony Pictures) small businesses are especially vulverable against sophisticated cyber-crime attacks. Becoming extra vigilant, tracking the latest trends, and adopting cyber-security best practices will go a long ways toward protecting your small business from an epic attack. Towards this aim, one strategic area that should definitely be on your company’s radar is “security analytics.” In a nutshell, this is a field that deals with complete line-of-sight visibility and real-time monitoring – across all logs, networks, and endpoints – to detect and analyze advanced attacks in your infrastructure.
In the era of Big Data and Internet of Things, along with the increasing number of endpoints these technologies introduce, security analytics is really synonymous with what has become known more widely as “big data security analytics.” We all know that organizations today are bombarded with massive amounts of information. Big Data security analytics is really about filtering the massive number of events across a wide variety of data sources, whether that be traditional log and audit files or more emerging sources such as videos, images, social media, email, and sensors.
What can a small business do to get into a security analytics mindset? How can they adopt a big data perspective when it comes to security? The points below spell out some ways small businesses today can begin adopting a “security analytics” mindset, and protecting their big data assets from sophisticated attacks.
1. Small business are particularly vulnerable to sophisticated threats
The scale and level of malicious cyber-attacks is increasing against small businesses. According to one source, over 50% of small businesses with revenues under $10 million experienced a data breach in 2014, and most experienced multiple breaches. The era of Big Data has only aggravated the severity of cyber-crime, meaning there are many more sources of potential attacks than ever before. This requires organizations of all sizes to up-the-ante in terms of their ability to detect, analyze, and remediate advanced threats from a multitude of different sources.
2. Keep up with rapid changes in IT systems & technology
The IT landscape has changed so dramatically in recent years. The constant updates of new server/endpoint virtualization, cloud computing, mobile device & BYOD support, Internet of Things, and now the imminence of new approaches to device management like Unified Endpoint Management – means increasing challenges for organizations to scale up their cyber-security infrastructure. This continuous adoption of new technologies adds further uncertainty and complexity to the security infrastructure. But organizations need to be proactive and experiment with Big Data security analytics programs and initiatives to keep up with the latest advances. Stalling out now is sure to result in an increased risk of a major security breach.
3. Realize that traditional security monitoring systems are not enough
Many of today’s organizations are relying on approaches to Security Information and Event Management (SIEM) that are based upon off-the-shelf SQL databases or proprietary data stores that were not designed nor can be expected to keep up with the massive amount of data that organizations interact with today. Also, most existing systems require a high degree of human intelligence and customization to monitor and detect new threats, which in turn requires more hiring and training to keep up.
4. Shift from prevention to prediction & remediation
There’s a legend of the Dutch boy who discovered a leak in a dike and decided to plug it with his finger so a breach might not occur and flood his homeland of Holland. Now fortunately for him others realized the problem and came to his rescue and he was hailed as a hero. But IT organizations today aren’t so lucky. The problem is that putting in security patches and updates might stop the “leaking” temporarily, but they’re stuck if they move. The upshot here is that organizations cannot afford to be hamstrung by mere prevention of cyber threats and malware attacks. Business leaders and IT experts today need to be onboard with Big Data security analytics systems that leverage the latest advances in real-time and situational monitoring. These systems offer intelligent advising in the form of predictive heuristics, statistical and behavior models, correlation rules, and threat intelligence feeds to give organizations up to the minute optics on their security infrastructure.
5. Adopt real-time, sensor-based security monitoring intelligence
The kind of robust Big Data security requirements needed to protect today’s digitally savvy organization are nicely summarized below in an article provided courtesy of Innovation Insights:
* Sensors that enable the automatic discovery and security assessment of on-premises, mobile, virtual and cloud based devices and applications
* Active and passive vulnerability assessment of 100% of your assets, not just a sampling based on technologies or time
* Real time detection of malware, botnets, APTs, vulnerabilities and configuration issues that may imply intruders or compliance violations and that require rapid remediation
* Attack path analysis
* Collection, storage, analysis and correlation of logs from all devices and applications
* Proactive monitoring and reporting on your network’s compliance with a security policy
* Integration with your existing security ecosystem
2014 was a major wake-up call in the cyber-security industry. Nothing is safe anymore and individuals and businesses need to do everything possible to keep attentive and secure their assets. Now is the time to take deliberate and proactive measures to make your website and infrastructure cyber-strong. Adopting security analytics, and particularly the “big data” kind, will go a long ways toward helping your small business meet the security, technological, and management challenges posed by today’s increasingly brazen and sophisticated forms of cyber-crime.