In recently attending the SINET Innovation Summit 2014 in New York, I was impressed with the quality of speaker/panel participants the event continues to showcase. This included Admiral Michael S. Rogers, Commander of U.S. Cyber Command and Director of the National Security Agency/Chief of Central Security Service.
And if you sat in on a panel session or two, you’d notice that very few of the panelists were security vendors that had a message to sell. The conversations were led by insight from chief information security officers (CISO) and Cybersecurity heads from the highest levels of the military, Department of Homeland Security (DHS), additional federal agencies, financial institutions and other esteemed private organizations. This afforded to me an invaluable opportunity to hear about the trends and challenges they’re seeing first-hand.
While a variety of topics were discussed, there were two issues that really stood out for me and those were 1) The massive cyber security undertakings required of the large government and financial institutions and 2) How organizations are using Big Data.
While on their own, these two topics may seem pretty common, but as they were discussed and I reflected on them, some key points stuck out in my head.
1) If the ‘big guys’, with their massive investments in cybersecurity, are still very concerned about stopping the bad guys, what does that mean for everybody else? Not surprising, many of the leaders at these large organizations discussed the staggering challenges of implementing effective security strategies and focusing /managing resources and personnel to execute and stay ahead of the latest attacks on a daily basis. And even with these massive efforts, more often than not, they are still concerned about their security posture.
If these hardened enterprises, which are at the top of their game when it comes to cybersecurity, are working this hard, what does that mean for all the other companies? Retailers and other corporations – not to mention smaller companies – usually don’t command the same attention and resources when it comes to cybersecurity. It doesn’t take long to find real-life examples of this.
Just look at Target, from which 40 million customer credit card numbers and 70 million addresses, phone numbers and additional items of information were stolen late last year due to a breach. The Michaels store chain also dealt with a major breach this year, affecting data linked to 3 million of its customers’ payment cards .
It only takes one successful exploit by an attacker to inflict months – even years – of losses and reputational damage. This is why it’s important for enterprises to partner with a vendor who can bring the required cybersecurity expertise and talent to the game, allowing them to focus on core competencies such as merchandise, sales, customer service, etc.
At Bay Dynamics, we work with some of the world’s largest organizations, including financial services companies, to deploy solutions that help them reduce the “noise” from their security tools, identify threats and effectively safeguard their systems. If we can produce effective results for these customers, think of the results we can produce for other brands.
2) Congrats, you have a giant Big Data repository! How did it make you more secure? Big Data is a hot topic in most industries and especially in security where some enterprises have up to 100 different security tools producing mountains of data daily. So, it was no surprise that Big Data was part of the discussions at SINET. As I put more thought into this topic in general, I feel we as an industry have lost sight of the ultimate goal of Big Data and fail to ask ourselves, “Is my Big Data strategy tied directly to a measurable security improvement?”
The trap many fall into is directing all of their data resources into one big repository and hiring ‘experts’ to try to make sense of it, while not focusing on impact-generating systems for using it. Today, many enterprises are entrusting data scientists with operational responsibilities to uncover and act on insights from security data. I see two serious issues with this:
- As data and repositories continue to grow, organizations will have to keep adding more and more ‘Big Data’ people
- These people aren’t subject matter experts in the problem they’re responsible for solving
Throwing more data experts at a security problem is not a sustainable – or secure - solution
Enterprises need to understand the data they should be going after and the context in which that data can be useful. Ultimately, striving to deliver the right data directly to the security teams (not the data scientists), so they can quickly and effectively remediate security incidents.
Prioritizing investigations goes a long way. When dozens or even thousands of possible threats are coming at you every day, you need a solution that allows you to rank incoming incidents in order of urgency: Which ones have the capacity to do the most harm? Then, after you tackle those, you move on to the next on the list. Never spending too much time prioritizing events because the solution does that for you.
At Bay Dynamics, we take customers to this optimal state of preparedness every day by helping them unlock the vast potential of Big Data. We take pride in bringing them to the point where they’re empowered by data, instead of engulfed in it. If that sounds like something you’d like to talk about, then please contact us.