Big Data can Help Security Efforts

Monday, May 4, 2015 @ 09:05 AM gHale

Cyber threats exist on government networks for an average of 16 days before they end up detected and big data can help ease the security crunch, a new survey said.

The good news is 86 percent said big data analytics will improve cyber security efforts. But only 28 percent are fully leveraging big data for security purposes today, according to a MeriTalk and Splunk report that looked at cyber security in federal, state and local government agencies, and identifies steps to empower these organizations to make the shift from compliance to risk management to see better security outcomes.

U.S. Leads Hosts Most Phishing Sites
Government Attacks via APT
‘Air Gapped’ Systems Targeted
Safe Air Gaps Not Protected

Government cyber security professionals said big data can help make cyber security risk management more effective and proactive. Today, nine out of 10 respondents said they cannot tell a “complete story” with the cyber security data they receive. As a result, 76 percent of cyber security professionals said their security team often operates reactively rather than proactively.

By leveraging big data and analytics, government cyber security professionals said they could better detect a breach that is in process (61 percent), monitor streams of data in real time (51 percent), and conduct a conclusive root-cause analysis following a breach (49 percent). Just one in three, however, said they are prioritizing big data analytics for cyber security.

“Government organizations have access to a wealth of cyber threat information,” said Kevin Davis, area vice president, Public Sector, Splunk. “The challenge is managing that data and connecting the dots in real time. That’s how we get immediate insight into threats. Agencies need to detect threats faster and start to predict when and how they will occur.”

There are challenges. Organizations are drowning in data, with 68 percent saying their organization is feeling inundated by the volume of security data. Forty-five percent of federal IT managers cite data volume as the biggest challenge when it comes to fully leveraging big data analytics for cyber security, while 54 percent of state and local government IT managers cite lack of resources, specifically skilled personnel.

In addition, 78 percent of all government cyber security professionals said at least some of their security data goes unanalyzed due to a lack of time and/or skill of their team. And, while 70 percent said their organization can monitor streams of cyber data in real time, fewer can analyze it – of the security capabilities identified by respondents, statistical analysis is the weakest area.

Government cyber security professionals believe they need management support, funding, and training to move to a more proactive cyber security strategy and leverage security data to the fullest.

They are making positive strides – 92 percent are working to improve cyber security – investing/upgrading existing security technologies (65 percent), deploying network analysis and visibility solutions (51 percent), and investing in training (50 percent).

Leave a Reply

You must be logged in to post a comment.