BEDFORD, Mass. - January 15, 2013 -
RSA, The Security Division of EMC® Corporation (NYSE:EMC), today released a Security Brief asserting that Big Data will be a driver for major change across the security industry and will fuel intelligence-driven security models. Big Data is expected to dramatically alter almost every discipline within information security. The new Brief predicts Big Data analytics will likely have market-changing impact on most product categories in the information security sector by 2015, including SIEM, network monitoring, user authentication and authorization, identity management, fraud detection, governance, risk and compliance systems.
Authors of the Brief assert that changes driven by Big Data have already begun. This year, leading security organizations will deploy commercial, off-the-shelf Big Data solutions to support their security operations. Previously, the advanced data analytics tools deployed within SOCs were custom-built, but 2013 marks the beginning of the commercialization of Big Data technologies in security, a trend that will reshape security approaches, solutions, and spending over the coming years.
Longer term, Big Data will also change the nature of conventional security controls such as anti-malware, data loss prevention and firewalls. Within three to five years, data analytics tools will further evolve to enable a range of advanced predictive capabilities and automated real-time controls.
Today’s hyper-extended, cloud-based, highly mobile business world has rendered obsolete prevailing security practices reliant on perimeter defenses and on static security controls requiring predetermined knowledge of threats. That’s why security leaders are shifting to an intelligence-driven security model—a model that is risk-aware, contextual and agile and can help organizations defend against unknown threats. An intelligence-driven security approach, supported by Big Data-enabled tools, incorporates dynamic risk assessments, the analysis of vast volumes of security data, adaptive controls and information sharing about threats and attack techniques.
The Security Brief presents six guidelines to help organizations begin planning for the Big Data-driven transformation of their security toolsets and operations as part of an intelligence-driven security program.
The result of integrating Big Data into security practices, according to the Security Brief authors will be greatly enhanced visibility into IT environments, the ability to distinguish suspicious from normal activities to help assure trust in IT systems and vastly improved capabilities for incident response.
William H. Stewart, Senior Vice President, Booz Allen Hamilton
“The game is changing. More and more data is going onto the Internet in automated forms, and that vector will continue. Therefore, a security analysis tool that worked great two or three years ago doesn’t work so well anymore. You now have to look through a whole lot more data, and you have to look for threats that are far more subtle. Commercial tools are changing to take advantage of these Big Data streams coming online.”
Eddie Schwartz, Chief Information Security Officer, RSA, The Security Division of EMC
“In the coming year, top-tier enterprises with progressive security capabilities will adopt intelligence-driven security models based on Big Data analytics. Over the next two to three years, this security model will become a way of life.”
Sam Curry, Chief Technology Officer, Identity and Data Protection, Chief Technologist, RSA, The Security Division of EMC
“Big Data is changing the nature and addressing the limitations of conventional security controls such as signature-based anti-malware and firewalls as well as rules-based identity and access management tools. Big Data is being applied in new ways to enable security controls that are adaptive, risk-based and self-learning so that security is continuously evaluated and the level of protection is automatically adjusted based on changing environmental and risk conditions. The discovery of and response to threats and fraud therefore can become more predictive as a richer view of user identities and complex data flows comes together to give a data-driven perspective of what normal versus aberrant behavior looks like.”
RSA Security Briefs provide strategic insight and technical guidance on today’s high-stakes digital information risks and opportunities. Each brief is written by subject matter experts with deep technical knowledge and with broad exposure to how leading-edge organizations manage information security risks. Providing both big-picture context and practical technology advice, RSA Security Briefs are vital reading for today’s forward-thinking security executives.
, a part of , enables organizations to modernize, automate and transform their using industry-leading , servers, and data protection technologies. This provides a trusted foundation for businesses to transform IT, through the creation of a , and transform their business through the creation of cloud-native applications and solutions. Dell EMC services customers across 180 countries – including 98 percent of the Fortune 500 – with the industry’s most comprehensive and innovative portfolio from edge to core to cloud.