The debate over big data's value and relevancy to the enterprise has, for the most part, seen its conclusion as decision-makers continue to uncover the benefits of aggregating, organizing and analyzing information to improve key processes. However, questions still abound regarding the impact of big data on the realm of cyber security - do analytics tools serve to shore up organizations' defenses or make it even easier for malicious groups to infiltrate private networks?
There's no clear-cut answer, and depending on how these solutions are deployed, big data can either be a benefit or lead to vulnerabilities. IT decision-makers must be cognizant of how their analytics tools affect the protection of their infrastructure and when possible, use big data in a proactive manner to address cyberthreats.
More data, more problems?
While there's no proven correlation between the adoption of big data analytics platforms and the frequency or severity of data breaches, the past several years have been a whirlwind of cyber incidents resulting in the exposure of billions of personal credentials, private sector secrets and critical government information. A growing reliance on data has certainly driven cybercriminals to double down on their malicious efforts, and analytics environments only increase the digital footprint that organizations must protect in a proactive and dynamic manner.
According to a recent article from eSecurity Planet, the wide-reaching repositories in which companies store their data for analysis are tantalizing targets for individuals and groups looking for the next big digital heist. Ray Boisvert, president at I-Sec Integrated Strategies, reportedly explained at SAS conference that the link between these two developments is a serious concern for organizations in all sectors, and that security strategies must be fine-tuned to account for data-heavy blueprints.
"The media reports of stolen information or compromised networks are almost a daily occurrence," said Boisvert according to the source. "The stories are increasingly alarming and the trend line is troublesome. The Big Data picture is further complicated by security experts offering one-stop technology solutions. Unfortunately, there are no credible single-approach solutions."
Analyzing adversaries
Although big data projects may indeed make some organizations easy prey for cybercriminal entities, there are plenty of ways in which analytics can be used for good, eSecurity Planet pointed out. For instance, these tools can provide the real-time insight necessary to actively combat threat vectors, a missing component for many of today's most vulnerable private and public sector IT departments. The source noted that static defense measures are simply not adequate for the dynamic risks of the cyber environment.
"Securing the perimeter or building higher walls is no longer good enough," continued Boisvert, according to the source. "You have to understand that the threat actors have at their disposal a deep and broad pool of talent. You have to look at behavior, understand the context behind the threat actor, what they might be after, what tools they use and who they might be working with."
Organizations shouldn't let up on their big data goals, but they should account for the risks that they generate and find ways to utilize their defensive potential.