Research: Thwarting sophisticated cyberattacks demands better grasp of big data with more proactive analytics
Federal government, financial services to spend $42 billion on technology to combat evolving cybersecurity threats
SAS GLOBAL FORUM - Stealing media headlines with a new breach almost every week, cybersecurity has skyrocketed to the top of boardroom discussion agendas. Yet an average of 35 percent of all cyberattacks still go undetected.1Recent IDC research, sponsored by SAS, Big Data and Predictive Analytics: On the Cybersecurity Frontline, crystalizes the issue: Organizations need to shift from reactive to proactive strategies that seek to understand a threat before an attacker can cause damage. This requires constant monitoring of network behavior so that unusual activity can be distinguished from normal behavior.
To do this, organizations require a new set of security solutions to match the increasing number and sophistication of attacks. Applying predictive and behavioral analytics to all available enterprise and external data can help organizations evaluate threat potential, detect likely attacks and gather further intelligence. These analytics need to execute in real time so threats can be proactively mitigated before significant loss occurs.
In an earlier study from the Ponemon Institute286 percent of respondents said detecting cyberattacks takes too long, and 85 percent weren’t prioritizing incidents. Meanwhile, 40 percent said their security products did not import threat intelligence from other sources.
“After more detailed evaluation of the challenges and gaps in the market, organizations need a more strategic approach to threats by augmenting existing security systems with more advanced behavioral analytics,” said Alan Webber of IDC. “Software vendors who have integrated a big data analytics platform at the core are well positioned to provide an additional layer of security protection and deterrence in the market.”
IDC interviewed information security executives, practitioners and industry experts across three industries: federal government, financial services and energy. The goal was to understand the evolving cybersecurity threat landscape and how big data and predictive analytics should be deployed to better address threats and risks they face every day.
The research explains that effective big data solutions must differ from existing, reactive “collect and analyze” methods since we now have technology to use information in timeframes and manners not possible in the past. To derive value from big data, organizations need behavioral analytics and frameworks like Hadoop to improve security at a much faster rate.
Industry implications and opportunities
For government, IT security is neither a small nor inexpensive problem. The US Computer Emergency Readiness Team (US-CERT) reported more than 46,000 incidents at US federal government agencies in 2013. IDC estimates US federal government agencies alone will spend over $14.5 billion in IT security to thwart attackers and address incidents. In addition to multilayered security defenses, government agencies have highly complex infrastructures composed of a range of technologies from older mainframe systems to cloud-based and mobile apps. By turning to predictive behavioral cyberanalytics, these agencies are able to shift toward a more proactive defense posture.
In the utility and energy industry, the IDC research found advanced and predictive analytics critical for advancing a wide array of cyber mandates, including regulatory compliance. Utilities are just beginning to appreciate the opportunities for threat identification and remediation that big data analytics deliver.
For financial services, cybersecurity strategies remain atop the agenda. The IDC research predicted the financial services industry would spend over $40 billion in 2015 on managing operational risks, including cyberthreats. They noted that $27.4 billion would be earmarked for IT spend on information security and fraud. With shrinking response windows and the complexity of threats to digital channels, advanced, predictive threat intelligence solutions and services have become top items for chief risk officers, data officers, executives and regulators.
Advanced analytics leader unveils SAS® Cybersecurity
“Cybersecurity may be the most critical area where big data can be a barrier to understanding the true threat landscape,” said Stu Bradley, Senior Director of Security Intelligence at SAS. “Yet, if optimized, big data presents a significant opportunity to add context for more accurate and faster threat detection.”
Last week, SAS unveiled SAS Cybersecurity, which harnesses high-performance analytics to process and evaluate billions of daily network transactions in real-time, shrinking the time to detect security events and improving the efficiency of security operations.
SAS applies their experience solving complex business analytics challenges to the detection of suspicious network activity with SAS Cybersecurity. The solution, which is in limited release now and generally available in fourth quarter 2015, uses advanced analytics to understand the normal business behavior of each system by analyzing daily network transactions correlated with business contextual information. It optimizes, then analyzes, data in real time to capture a continuous picture of active security risks. By first understanding normal behavior and then unearthing hidden, complex patterns to identify potential threats, an organization can have a comprehensive view of risk to sustain its information advantage over attackers.
Learn more about SAS Cybersecurity and read the full research paper: Big Data and Predictive Analytics: On the Cybersecurity Frontline.
Today's announcement was made at SAS Global Forum, the world's largest gathering of SAS users, attended by more than 5,000 business and IT users of SAS software and solutions.
1 and 2 Ponemon Institute, Threat Intelligence and Incident Response. Feb. 12, 2014.
Kris Balic
919-531-0624
About SAS
SAS is the leader in business analytics software and services, and the largest independent vendor in the business intelligence market. Through innovative solutions, SAS helps customers at more than 75,000 sites improve performance and deliver value by making better decisions faster. Since 1976 SAS has been giving customers around the world THE POWER TO KNOW®.
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies. Copyright © 2015 SAS Institute Inc. All rights reserved.
Tags: