How enterprises use large data to improve security

Companies have used large data tools and technologies to analyze competitor product strategies from consumer buying patterns. It is a matter of time before the security industry realizes that using large data to analyze the effectiveness of complex, typed and diverse input data and to find a way to solve the current security problem. Today, it is rare to hear which new security product does not mention large data. The suppliers of security products predict that large data can obtain security information, and event management fails to meet the needs of the enterprise, which requires the analysis of large amounts of data and new sources of information.

McAfee's report, titled Needle in a Datastack, found that most companies were exposed to data leaks because of the inability to properly analyze and store large data. Worse, incorrect security confidence makes businesses more vulnerable. In one survey, more than one-fifth of respondents said they needed a day to identify a data threat, while 5% said the process would take a week. On average, the enterprise identifies a security threat for up to 10 hours.

McAfee executive vice president and global chief technology officer Mike Fey admits that "the study confirms our long-standing doubts that few companies are able to answer a simple question about whether you are under threat or not." Not to mention, ' Can you stop the threat from happening? ' "But the false sense of security is at stake, and it may cause the seemingly calm enterprises to ignore the problem."

According to the report, nearly 73% of respondents said they could assess their security status in real time, in addition to 74%;78%;72% and 80% of investigators who said they were able to identify internal threats, perimeter threats, 0 malware, and compliance controls respectively. But 58% of the companies said they had been exposed to security threats last year, and only 24% were aware of the threat within minutes. In addition, when the real discovery of the source of attack, only 14% of enterprises can be found in a few minutes, 33% of the time required to spend a day, and 16% of the business needs a week.

"This false confidence makes the gap between the IT department and the security professionals in the business even more pronounced, especially when comparing the results of the Hai needle survey with a recent data disclosure survey on security incidents," McAfee said. "In a study of 855 events, 63% of businesses take weeks or months to discover the existence of a security threat," he said. In almost half of the incidents, the data stolen from the injured enterprise took only a few seconds, up to a few minutes. ”

The threat has been increasing: the Hai-pin report shows that companies store 11-15TB security data every week, and Gartner predicts that this number will multiply every year until 2016. Describe it in a figurative way: 10TB is the equivalent of the number of printed collections in the Library of Congress. While storing such large volumes of data, 58% of businesses are candid about keeping the data for less than three months, ignoring the advantages of storing the data. According to McAfee's threats, advanced sustainability threats continue to increase in the fourth quarter of 2012.

Long-term retention and analysis of the situation, trends, and correlations of safety data indicate that it is essential for businesses to find and immediately address advanced ongoing threats. "In order to gain timely threat intelligence in the age of large, fast, and diverse information flooding into stranded systems, companies must analyze, store and manage these large security data," says one company: "These growing volumes of events, as well as assets, threats, Users and related data have created a large data challenge to the security team. "Because of the need to define complex attacks, enterprises should jump out of the inherent pattern to achieve real risk-based analysis and modeling," McAfee advocates: "The ideal approach is to use a data management system to return data to create a complex, timely method of analysis." "It is said that in addition to the ability to detect threats in a timely manner, companies should also have the ability to identify potentially sinister long-term trends and patterns." In addition to the Hai of the data just mentioned, businesses should spend a longer span of time and find the right needle in a risk-based context, only so they can respond positively to today's threats. ”

(Responsible editor: The good of the Legacy)