Security needs big vision, not just big data.

Editor's note: Nier Ochi Grosso (Neill Occhiogrosso) is the Costanoaventure capital partner of the early venture capitalist company.

When we look for new opportunities in security and other areas, we tend to focus on the current trends in the IT industry: cloud, mobile, large data. These trends, and in particular the interplay between them, are dramatically changing the security needs. Further complicating this is the changing character of potential hackers-now both members of international organized criminal gangs and employees of enemy governments. At the same time, we see the potential of several new solutions, each of which can be the cornerstone of one or more successful businesses.

The first solution is to use large data technology to create a secure vision. This is also the classic example of "Applied Big Data", that is, using new analytical techniques to solve the current problems faced by enterprises. At present, security professionals are drowning in the ocean of log files, vulnerability scans, reminders, various reports, and so on, but these data are not uncontrollable.

This recognition is not worthless: many of the hacker attacks that have caused widespread concern originate from vulnerabilities that were discovered a few months or even years ago. The future will depend on the ability to analyse such data and provide a comprehensive security posture perspective to security professionals. Tell them what is at risk, how serious the risk is, how important the asset at risk is, how to fix it, and so on. Resolving this problem with the risk I/O (input/output) approach will give us a broad perspective, and we are proud of Costanoaventure Capital's latest investment in the field.

Another area that we explore is a security solution to track the status of assets, which provides protection regardless of where the asset is. With the development of cloud infrastructure (both public and private) and the trend of BYOD, there is no specific scope for data protection, and each stack layer is dynamic in its own right. Regardless of where applications, data, and users are, security professionals must be able to take full advantage of security policies that must adapt to new conditions in a changing environment.

It is increasingly popular to say that there are currently two types of organizations: one that has been hacked by the system and one that is unclear about whether the system is being attacked. As hacker attacks become more sophisticated, feature-based intrusion detection is difficult to come by, so people need new solutions to quickly detect potentially dangerous anomalies (possibly using machine learning techniques), to prevent hacking, or to avoid the discovery of malicious behavior in the event of a system attack. Thus minimizing the negative impact.

Another company, Costanoa Venturecapital, guardiananalytics the use of behavioural techniques to analyze data hosted on online banking platforms to avoid widespread fraud. This is just one example of applying data science to existing datasets to eliminate more subtle threats. In the future, we may also have solutions for different applications and different types of attacks.

Finally, the security market also requires efficient data capture and analysis techniques that can be based on history to cover the entire infrastructure-sometimes even months-to track the time and manner in which the system was hacked and the impact. This is a typical large data problem, involving the number, type, and speed of the data, and so on. Today, this data may be easy to handle, and we are looking for concrete solutions.

We live in an exciting time, but unfortunately we have a security problem, so this is a double-edged sword. The new technology also brings the criminals to carry out the crime to bring the fresh opportunity. We believe that innovative enterprises will continue to emerge and shoulder the responsibility to meet this challenge.

Pictures from Blesse Debin (Brycedurbin)

Translation: Hao Yue