Story image

Fighting back against cyber attacks with big data analytics

22 Feb 2018

While technological advancement is viewed as necessary to organisational success, there is a dark side to this transformation – the increased threat of cyber-attacks. While advancements like cloud computing, smart devices and AI have been heralded as vital to the success of Australian businesses, with increased reliance on technology comes a greater vulnerability toward cyber-attacks. In 2017, a new type of malware emerged every 4.2 seconds, highlighting an urgent need for businesses to protect their assets.

Cyber attacks are becoming inevitable – the question is no longer whether businesses are vulnerable, but rather will they be prepared when faced with an attack?

Turning the tables on security threats 

As organisations generate and gain access to increasing amounts of data, the threat of attack grows, as malignant forces seek access to this valuable commodity. 2017’s WannaCry attacks affected over 200,000 computers globally and led to other devastating attacks such Petya and NotPetya. By leveraging data, IT teams across organisations will be able to fight back against any potential attacks.

Specifically, the more log data businesses amass, the greater opportunity they’ll have to detect, diagnose and protect themselves from cyber-attacks. In doing so, businesses will have the opportunity to identify anomalies within data and correlate these with irregular events or actions – suggesting a potential security breach. While analysing this massive amount of data in a timely manner can be a challenge (to reduce the fallout from attacks) can be difficult, big data analytics allows for this process to be sped up.

Catching threats in real-time

By leveraging big data analytics, companies can monitor in real-time both network and user behaviours – identifying suspicious activity quickly and efficiently. Businesses can then model various network, user, application and service profiles to establish intelligence-driven security measures, in order to quickly respond to anomalies that indicate cyber threats or attack. Some examples of the types of activities big data analytics can track include:

  • Traffic anomalies to, from or between data warehouses
  • Suspicious activity in high value or sensitive resources in data networks
  • Suspicious user behaviours, such as varied access times, levels, location, information queries and destinations
  • Unauthorised or dated devices accessing a network
  • Suspicious customer transactions

Big data analytics is becoming a highly effective tool in the identification of cyber-attacks, both before the attack takes place and before it becomes a serious issue – minimising and sometimes completely eliminating additional losses and costs. This real-time analysis will allow organisations to thwart both the smallest and largest scale attacks.

Monitor attacks with data

Investment in big data analytics means that businesses will be able to improve the quality of their security monitoring to counter attacks as they come.

While security monitoring requires the storage of substantial amounts of data, a big data analytics solution will be able to analyse large amounts of data in real-time. The tool for organisations to be able to conduct consistent and scalable security monitoring is real-time analysis.

Access to big data includes access to activities and events that can signal a potential threat to prevent large-scale consequences, but combining big data analytics with real time analytics is what will create a truly effective security tool.

It’s two fold for organisations – investing in big data analytics to ensure that threats are recognised is key, but also investing in real-time analytics is vital to be able to react quickly to create a complete security monitoring platform.

The stakes are getting higher for organisations. Not only are businesses’ financial securities and intellectual property at risk, but their very reputations are on the line. These types of cyber-attacks are serious concerns for businesses of all size and complex solutions are required to tackle these threats in real-time. Big data analytics is the ideal solution to protect businesses by flagging threats and attacks before and as they occur – ensuring that the least damage possible is created.

Article by MapR's country manager for Australia and New Zealand, Paul Bennett.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.