It seems like nearly every week a new organization is in the news after falling victim to a data breach or other security incident. What’s less newsworthy, however, is the herculean effort companies put in to contain this threat and mitigate the ramifications of a breach, if and when one does occur.
As cybersecurity has become a key area of investment for companies, it follows that organizations are grappling with an ever-increasing amount of security data. According to a recent opinion piece in CSO, nearly 30 percent of organizations are collecting, processing, and analyzing significantly more security data than they did two years ago.
To quote the author, “What type of data? You name it. Network metadata, endpoint activity data, threat intelligence, DNS/DHCP, business application data, etc.” With this explosion in security data comes new demands, expectations, and opportunities for the data analytics industry, including:
- Better security data modeling and management: With new data from a variety of sources coming in on a continuous basis, companies are spending a significant amount of time on data management, determining first what data to collect and in what format, where, and how to route that information, and then how to encrypt, integrate, and store the data.
- High-performance requirements: The CSO piece states, “Large organizations are monitoring tens of thousands of systems, generating upwards of 20,000 events per second, and collecting terabytes of data each day.” This means companies need a real-time data pipeline and the right network, server, and storage infrastructure to move, process, and analyze this information.
- Artificial Intelligence (AI) adoption: The vast amount of security data gives data scientists an unprecedented opportunity to build and test data models, develop machine learning algorithms, and tune them for high accuracy. However, true AI-driven security analytics is still a number of years away. The more immediate opportunity lies in using AI and machine learning technologies as an intelligent layer of defense that augments more traditional security initiatives.
It’s unlikely that today’s security threats will abate any time soon, so we can expect that companies will continue to grapple with security data collection, modeling, and management. With the right business intelligence and data analytics strategy in place, organizations can harness security data to mitigate risk, detect and respond to threats, and automate security operations.
With data breaches widely accepted as a matter of doing business, do companies really have any other alternative?