Security Analytics: The New Model

I love technology. I like thinking about it. I like talking about it. And I love leading the technology company, RSA, that works so hard to be a force for good in our technology world. In addition, I am lucky to have a parent company, EMC that is a force multiplier, and leading the way to the cloud and Big Data.

From time to time you have to pause and take stock of where we are, where we’ve been, where we’re going and why we do what we do.

It’s the thrill of the hunt. Solving a problem that’s never been solved, overcoming the obstacles and defying the odds. It also reflects what’s best about innovation and technology. Put simply, we do what we do to make a better world.

So where are we taking technology or, perhaps, where is technology taking us? After talking about it for decades, we are finally in the Information Age…enabled by the emergence of “Big Data.”

We now have the compute power, the bandwidth and the storage capacity to analyze vast and complex data sets to solve innumerable problems across a wide spectrum of industries and non-commercial and government organizations.

Big Data has the potential to transform our lives for the better: our health, environment, our livelihoods, and almost every facet of our daily lives.

How did we arrive here? How soon can we harvest this big data opportunity?

“Big Data” is more than just a whole lot of data. It’s the ability to extract meaning: to sort through the masses of data elements and find the hidden pattern, the unexpected correlation, the surprising connection. That ability is growing at astonishing speed.

Yes it’s scary because of the big brother connotation and potential for loss of privacy, but we’ve proven in the past that we can put in place the checks and balances to ensure privacy while delivering security. The security professionals I meet every day are far more interested in protecting the privacy of their fellow employees and their organzations, rather than invading it.

That understood, Big Data can help address the most important problem not considered in any security model today: uncertainty.

To reduce uncertainty we must think differently. The outdated model of security was reactive and lacked precision. It focused on a perimeter that no longer exists in our hyper-connected world. The controls were static and designed to solve a single problem. It could not address the “unknown-unknowns.” It could not address uncertainty.

The new model of security is intelligence-driven and proactive. It starts with a thorough understanding of risk from the inside out (what you need to protect) and from the outside in (who is likely to attack you and what are their likely methodologies). Controls must be more dynamic and agile — situationally aware. And they need to add value to one another. This is where Big Data has a big role to play.

New security management applications are being developed, I am proud to say by RSA. RSA’s Security Analytics can analyze log data, network packets and other contextual elements from your control environment as well as external intelligence sources. Big Data transforms incident response, giving it a predictive analytic capability — allowing you to spot the faint signals within the noise that is the start of a major cyber attack. We may not be able to prevent a successful intrusion, but we will be able to respond quickly enough to prevent any significant harm. In other words, we can shrink the window of vulnerability from all attacks, and reduce the uncertainty in our threat model. RSA’s Security Analytics is a great step in that direction.

About the Author: Art Coviello