Security Leaders Urge Organizations to Prepare for Big Data Revolution in Information Security

  Security Leaders Urge Organizations to Prepare for Big Data Revolution in
                             Information Security

New RSA® Security Brief Outlines How Big Data will Transform Security
Approaches and Technologies by 2015

PR Newswire

BEDFORD, Mass., Jan. 15, 2013

BEDFORD, Mass., Jan.15, 2013 /PRNewswire/ --

News Summary:

  oSecurity experts from Booz Allen Hamilton, Northeastern University and RSA
    predict Big Data will likely transform nearly all core technology segments
    in information security within the next two years.
  oNewest RSA Security Brief, "Big Data Fuels Intelligence-Driven Security"
    offers guidelines to help organizations leverage security Big Data and
    intelligent analytics to better assess risk, prevent and even predict high
    stakes and unknown threats.

Full Story:

RSA, The Security Division of EMC^® Corporation (NYSE: EMC), today released a
Security Brief asserting that Big Data will be a driver for major change
across the security industry and will fuel intelligence-driven security
models. Big Data is expected to dramatically alter almost every discipline
within information security. The new Brief predicts Big Data analytics will
likely have market-changing impact on most product categories in the
information security sector by 2015, including SIEM, network monitoring, user
authentication and authorization, identity management, fraud detection,
governance, risk and compliance systems.

Authors of the Brief assert that changes driven by Big Data have already
begun. This year, leading security organizations will deploy commercial,
off-the-shelf Big Data solutions to support their security operations.
Previously, the advanced data analytics tools deployed within SOCs were
custom-built, but 2013 marks the beginning of the commercialization of Big
Data technologies in security, a trend that will reshape security approaches,
solutions, and spending over the coming years. 

Longer term, Big Data will also change the nature of conventional security
controls such as anti-malware, data loss prevention and firewalls. Within
three to five years, data analytics tools will further evolve to enable a
range of advanced predictive capabilities and automated real-time controls.

Today's hyper-extended, cloud-based, highly mobile business world has rendered
obsolete prevailing security practices reliant on perimeter defenses and on
static security controls requiring predetermined knowledge of threats. That's
why security leaders are shifting to an intelligence-driven security model—a
model that is risk-aware, contextual and agile and can help organizations
defend against unknown threats. An intelligence-driven security approach,
supported by Big Data-enabled tools, incorporates dynamic risk assessments,
the analysis of vast volumes of security data, adaptive controls and
information sharing about threats and attack techniques.

The Security Brief presents six guidelines to help organizations begin
planning for the Big Data-driven transformation of their security toolsets and
operations as part of an intelligence-driven security program.

1.Set a holistic cyber-security strategy – Organizations should align their
    security capabilities behind a holistic cyber security strategy and
    program that is customized for the organization's specific risks, threats
    and requirements.
2.Establish a shared data architecture for security information –  Because
    Big Data analytics require information to be collected from various
    sources in many different formats, a single architecture that allows all
    information to be captured, indexed, normalized, analyzed and shared is a
    logical goal.
3.Migrate from point products to a unified security architecture
    –Organizations need to think strategically about which security products
    they will continue to support and use over several years, because each
    product will introduce its own data structure that must be integrated into
    a unified analytics framework for security.
4.Look for open and scalable Big Data security tools –  Organizations should
    ensure that ongoing investments in security products favor technologies
    using agile analytics-based approaches, not static tools based on threat
    signatures or network boundaries. New, Big Data-ready tools should offer
    the architectural flexibility to change as the business, IT or threat
    landscape evolves.
5.Strengthen the SOC's data science skills – While emerging security
    solutions will be Big Data ready, security teams may not be. Data
    analytics is an area where on-staff talent is lacking. Data scientists
    with specialized knowledge in security are scarce, and they will remain in
    high demand. As a result, many organizations are likely turn to outside
    partners to supplement internal security analytics capabilities.
6.Leverage external threat intelligence – Augment internal security
    analytics programs with external threat intelligence services and evaluate
    threat data from trustworthy and relevant sources.

The result of integrating Big Data into security practices, according to the
Security Brief authors will be greatly enhanced visibility into IT
environments, the ability to distinguish suspicious from normal activities to
help assure trust in IT systems and vastly improved capabilities for incident

Executive Quotes:

William H. Stewart, Senior Vice President, Booz Allen Hamilton

"The game is changing. More and more data is going onto the Internet in
automated forms, and that vector will continue. Therefore, a security analysis
tool that worked great two or three years ago doesn't work so well anymore.
You now have to look through a whole lot more data, and you have to look for
threats that are far more subtle. Commercial tools are changing to take
advantage of these Big Data streams coming online."

Eddie Schwartz, Chief Information Security Officer, RSA, The Security Division
of EMC

"In the coming year, top-tier enterprises with progressive security
capabilities will adopt intelligence-driven security models based on Big Data
analytics. Over the next two to three years, this security model will become
a way of life."

Sam Curry, Chief Technology Officer, Identity and Data Protection, Chief
Technologist, RSA, The Security Division of EMC

"Big Data is changing the nature and addressing the limitations of
conventional security controls such as signature-based anti-malware and
firewalls as well as rules-based identity and access management tools. Big
Data is being applied in new ways to enable security controls that are
adaptive, risk-based and self-learning so that security is continuously
evaluated and the level of protection is automatically adjusted based on
changing environmental and risk conditions. The discovery of and response to
threats and fraud therefore can become more predictive as a richer view of
user identities and complex data flows comes together to give a data-driven
perspective of what normal versus aberrant behavior looks like."

About RSA Security Briefs

RSA Security Briefs provide strategic insight and technical guidance on
today's high-stakes digital information risks and opportunities. Each brief is
written by subject matter experts with deep technical knowledge and with broad
exposure to how leading-edge organizations manage information security risks.
Providing both big-picture context and practical technology advice, RSA
Security Briefs are vital reading for today's forward-thinking security

Additional Resources

  oDownload the RSA Security Brief, "Big Data Fuels Intelligence-Driven
  oConnect with RSA via Twitter, Facebook, YouTube, LinkedIn and the RSA
    Speaking of Security Blog and Podcast

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk,
and compliance- management solutions for business acceleration. RSA helps the
world's leading organizations succeed by solving their most complex and
sensitive security challenges. These challenges include managing
organizational risk, safeguarding mobile access and collaboration, proving
compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key
management, SIEM, Data Loss Prevention, and Fraud Protection with
industry-leading GRC capabilities and robust consulting services, RSA brings
visibility and trust to millions of user identities, the transactions that
they perform, and the data that is generated. For more information, please

RSA and EMC are either registered trademarks or trademarks of EMC Corporation
in the United States and/or other countries. All other products and/or
services referenced are trademarks of their respective companies.

SOURCE EMC Corporation

Contact: Lona Therrien, RSA, The Security Division of EMC, +1-781-515-5449,
Press spacebar to pause and continue. Press esc to stop.