Despite cyber-security having sky-rocketed to the top of boardroom discussion agendas, an average of 35 per cent of all cyber-attacks still go undetected.
Recent IDC research, sponsored by SAS, shows that organisations need to shift from reactive to proactive strategies that seek to understand a threat before an attacker can cause damage.
To do this, they require a new set of security solutions to match the increasing number and sophistication of attacks. SAS Cyber-security, which harnesses high-performance analytics to process and evaluate billions of daily network transactions in real-time, shrinks the time to detect security events and improves the efficiency of security operations.
In an earlier study from the Ponemon Institute2 86 per cent of respondents said detecting cyber-attacks takes too long, and 85 per cent weren’t prioritising incidents. Meanwhile, 40 per cent said their security products did not import threat intelligence from other sources.
“After more detailed evaluation of the challenges and gaps in the market, organisations need a more strategic approach to threats by augmenting existing security systems with more advanced behavioural analytics,” said Alan Webber of IDC. “Software vendors who have integrated a big data analytics platform at the core are well positioned to provide an additional layer of security protection and deterrence in the market.”
IDC interviewed information security executives, practitioners and industry experts across three industries: US federal government, financial services and energy. The goal was to understand the evolving cyber-security threat landscape and how big data and predictive analytics should be deployed to better address threats and risks they face every day.
The research explains that effective big data solutions must differ from existing, reactive “collect and analyse” methods since we now have technology to use information in timeframes and manners not possible in the past. To derive value from big data, organisations need behavioural analytics and frameworks like Hadoop to improve security at a much faster rate.
Industry implications and opportunities
For government, IT security is neither a small nor inexpensive problem. The US Computer Emergency Readiness Team (US-CERT) reported more than 46,000 incidents at US federal government agencies in 2013. IDC estimates US federal government agencies alone will spend over $14.5 billion in IT security to thwart attackers and address incidents. In addition to multilayered security defenses, government agencies have highly complex infrastructures composed of a range of technologies from older mainframe systems to cloud-based and mobile apps. By turning to predictive behavioural cyber-analytics, these agencies are able to shift toward a more proactive defence posture.
In the utility and energy industry, the IDC research found advanced and predictive analytics critical for advancing a wide array of cyber mandates, including regulatory compliance. Utilities are just beginning to appreciate the opportunities for threat identification and remediation that big data analytics deliver.
For financial services, cyber-security strategies remain atop the agenda. The IDC research predicted the financial services industry would spend over $40 billion in 2015 on managing operational risks, including cyber-threats. They noted that $27.4 billion would be earmarked for IT spend on information security and fraud. With shrinking response windows and the complexity of threats to digital channels, advanced, predictive threat intelligence solutions and services have become top items for chief risk officers, data officers, executives and regulators.
“Cyber-security may be the most critical area where big data can be a barrier to understanding the true threat landscape,” said Stu Bradley, Senior Director of Security Intelligence at SAS. “Yet, if optimised, big data presents a significant opportunity to add context for more accurate and faster threat detection.”