Do you feel like no matter how much you invest in IT security, you are losing the battle? There has been a lot of talk that security specialists are facing an uphill battle for the foreseeable future thanks to the speed of mobile device evolution and cloud development. Personally, I feel the pain of security folks. Virtualization has made things more complicated, and now with tablets and smartphones, it’s never going to return back to the network security days. But there is something that cloud is bringing to security that will make it easier for security folks, and that is Big Data.
EMC’s Greenplum estimated that by 2020 there will be around 25 trillion GB of stored data worldwide, roughly 40 times the data of 2009. It’s also predicted that the companies who will emerge as leaders in cloud will be those who can analyze and utilize Big Data. These organizations will be more productive and have higher ROI on equity.
But what does this have to do with security? Imagine if you had the power of Big Data powering your security intelligence? Big Data is going to be key to help develop next generation security tools in several key areas.
Firstly, Big Data is going to be the key for powering security analytics, especially in SIEM and log management. The amount of information that is currently collected by these devices for analysis, investigation and forensics is already bordering on terabytes and it will only increase. Current tools will not be able to keep up unless they take advantage of the processing power Big Data provides.
Security vendors have already started to start realizing the need for Big Data. RSA with enVision, HP with ArcSight, McAfee with Nitro Security and IBM with Q1 Radar are all examples of how important these vendors anticipate Big Data will be in powering future security intelligence tools.
Big Data will also be key in powering the next generation of dashboards that will be required to manage dispersed and abstracted cloud environments. Right now it seems we can’t get enough information to mange our virtual and cloud environments effectively, soon we will have too much information and if we can’t properly manage and analyze it, it will cripple our infrastructure and data storages. Our existing tools don’t provide us with the right analytics, so there will be a great need for vendors who can create the right analytic tools. Companies like Splunk and LogRhythm are great examples of a next generation of vendors on providing the right analytics to power security.
But more key will be the need for analytic and Big Data specialists. People who can properly manage the data, tag it, catalogue it, and more importantly, understand and make decisions based on it. The new IT departments will be focused on managing information and streamlining infrastructure to make the organization more nimble, while protecting an increasingly complex environment from threats that evolve faster than the tools to protect them.