In my recent blog series, ‘learning to cook ’, I created the recipes required for protecting against Advanced Threats. Big data analytics plays a key role in this as we really need to collect all of the data in our environment. So ,where do we start with analyzing this data ? I see it as a four step process.
1. Tools -You need to ensure you have the right tools/solutions in place to collect and correlate all the security data within your environment. Business information e.g. payroll, HR, Finance and Sales needs to be correlated with security information like vulnerability reports and information from external threat report needs to be incorporated at this level.
2. Methodology – What type of analysis techniques are you going to use and how are you going to supplement this data with information from servers and applications containing high value data?
3. Skills – The level of analysis will require new skills in most organisations who already have security analytics skill but don’t have the data analytics or statistical analytics skills which would be critical when handling big data security.
4. A Comprehensive View – Do you have answers to the three steps above? How is this information going to be displayed? A single comprehensive pane of glass that show the security posture and biggest risk to an organisation must be the end goal.
This process of managing Big Data Security Analytics will allow organisations to make informed decisions against attack and ensure early detection and prevention. Organisations completing these steps will have a better understanding of their overall understanding of its most vulnerable assets and apply a more efficient cost effective and targeted approach to protecting them. Big data analytics is by no means the only thing organisations need to implement but just one of the steps needed to create a comprehensive defense strategy.