In order for security intelligence to meet the needs of these new threats and challenges, businesses need to harness big data and big data analytics, because the vast majority of security intelligence solutions these days are dependent on a set of structured and semi-structured data sources. These include network traffic, logs and similar, to give the security team a consistent, detailed and real-time view of the business's security standing.
Gary Allemann, MD of Master Data Management, will be presenting on ‘Big data for threat detection and risk management' at the ITWeb Security Summit 2016, to be held from 17 to 19 May at Vodaworld in Midrand.
Allemann says: ‘The symptoms of IT security threats typically show up in a host of unrelated, unstructured data sources, such as web logs, RSS feeds and geospatial data. These sources display the classic traits of big data – they are rapidly changing, they may get quite large and they have varying and complex (in some cases) structures. Big data technologies allow security analysts to bring these disparate data sets together to gain new insights about potential threats that may have previously been difficult, or even impossible, to identify.
He adds that big data can be used to relatively quickly consolidate and analyse disparate sources of machine data, social media and other indicators of threats. "For example, organisations can track the geographic migration of a new virus, to prioritise upgrades and limit the impact. Or analyse TCP/IP dumps for indications of network intrusion attacks that can be used to optimise the firewall."
During his presentation, Allemann will discuss how SA's businesses can harness the power of big data to improve their security postures, and better detect and manage the risks faced by South African businesses today.
Our comments policy does not allow anonymous postings. Read the policy here