Johannesburg, 24 Mar 2014
Fraud is costing organisations across all industries millions of rands. As the amount and sophistication of schemes to defraud businesses increases, many companies are turning to big data analytics to comb through vast volumes of data to reveal hidden patterns, trends and suspicious activity that can be a sign that something is amiss.
In many cases, detecting fraud means analysing the various attributes of transactions and making a judgment call on whether a particular transaction should be flagged for closer examination. However, as the volume of data grows exponentially, the thresholds for intervention increase, resulting in the possibility that more fraudulent transactions will slip through the net.
Gerald Naidoo, CEO of Logikal Consulting, says for some time, credit card companies have been analysing anomalous behaviour and flagging cards where unusual behaviour is noted. "An example of this would be a single card being used to fill up multiple vehicles with petrol, or a card traditionally used for day-to-day expenses, suddenly being used for a high-end fashion shopping spree. It works because this sort of spending pattern is unusual."
Thanks to big data analytics, any anomalous behaviour is quickly picked up, which is why most financial institutions are using big data as a means of fraud prevention. "Another way in which big data analytics is combating crime is through fraud detection. Insurance companies, for example, are finding these tools highly useful, as they can develop predictive models based on historical and real-time data, on previous claims, demographics, call centre recordings and so on, to put them in a better position to quickly identify and act upon claims that may be fraudulent."
Over and above credit card and insurance fraud prevention, adds Naidoo, big data analytics are being used to detect anomalous network behaviour, which could indicate an organisation has fallen victim to a data breach. "The only real way to get the full picture about what is happening on the company's network is to look at all the relevant data, which can translate into enormous amounts."
Naidoo says the sheer volume of data stored - logs from firewalls and other devices, mail traffic in and out, and similar, could amount to near-unmanageable amounts. "However, while certain anomalous behaviours can be identified by analysing a couple of weeks' worth of data, others would require months of data to be analysed. In this way, businesses should be encouraged to log as much data as they can afford to pay the storage for."
He cites the maxim that there are two kinds of companies - those who have been breached, and those who have been breached but don't know it. "It is highly possible that threat actors are already lurking around inside the network, so context and visibility are needed to find and destroy them."
Naidoo says today's world is one of post-prevention, where even the most bullet-proof and fortified organisations are not safe. "Thus it is vital to be prepared, hence the shift towards intelligent security, that needs network visibility and analytics to handle today's ever more sophisticated threats. Big data security intelligence and analytics can effectively identify threats and attacks while providing packet and flow visibility of data exfiltration and malware infection on the network."
With this approach, Naidoo says companies not only have insight and visibility into threats and possible breaches, but also offers a solid post-breach security system to limit any potential fallout.
However, he says big data analytics should not be viewed as a silver bullet, or as an alternative to traditional security measures such as DLP, IPS and firewalls, as companies must bear in mind that the data needs to be generated and collected before analysis can take place. "Its real value lies in its ability to sniff out breaches that might otherwise have flown under the radar, and in a world where data breaches are inevitable, this can be a very valuable tool."
Share