Advertise on ITWeb         Tue, 21 Nov, 13:41:03 PM

Harnessing big data to identify and mitigate risk

Gary Allemann, MD of Master Data Management: \

Gary Allemann, MD of Master Data Management: "Big data technologies allow security analysts to bring disparate data sets together to gain new insights about potential threats."

Adoption of cloud and mobile technologies, social networking, consumer engagement and suchlike, are seeing the organisational perimeter shifting and blurring. At the same time, the growth in both the number and sophistication of today's threats, means that companies cannot focus on defence alone, they need to be proactive in identifying threats, and mitigating the associated risks.

In order for security intelligence to meet the needs of these new threats and challenges, businesses need to harness big data and big data analytics, because the vast majority of security intelligence solutions these days are dependent on a set of structured and semi-structured data sources. These include network traffic, logs and similar, to give the security team a consistent, detailed and real-time view of the business's security standing.

Gary Allemann, MD of Master Data Management, will be presenting on ‘Big data for threat detection and risk management' at the ITWeb Security Summit 2016, to be held from 17 to 19 May at Vodaworld in Midrand.

Allemann says: ‘The symptoms of IT security threats typically show up in a host of unrelated, unstructured data sources, such as web logs, RSS feeds and geospatial data. These sources display the classic traits of big data – they are rapidly changing, they may get quite large and they have varying and complex (in some cases) structures.  Big data technologies allow security analysts to bring these disparate data sets together to gain new insights about potential threats that may have previously been difficult, or even impossible, to identify.

He adds that big data can be used to relatively quickly consolidate and analyse disparate sources of machine data, social media and other indicators of threats. "For example, organisations can track the geographic migration of a new virus, to prioritise upgrades and limit the impact. Or analyse TCP/IP dumps for indications of network intrusion attacks that can be used to optimise the firewall."

During his presentation, Allemann will discuss how SA's businesses can harness the power of big data to improve their security postures, and better detect and manage the risks faced by South African businesses today.

Related stories:

Our comments policy does not allow anonymous postings. Read the policy here




Sponsors Message