Big Data analysis may prove to be the differentiator in the battle to secure private data, whether financial information or intellectual property.
“The ability to take massive volumes of information and to get intelligence out of it is going to fundamentally change what we are doing as security professionals,” said RSA’s cyber security architect Bob Griffin told The Jerusalem Post at the annual event of RSA’s parent company EMC in Las Vegas last week.
As technology develops, he said, new areas of security risk emerge, such as how to secure data stored off-site – in the cloud. But so does the ability to track everything from number of login attempts to how valuable assets end up accessed.
Analyzing such information can help raise the alarm in real time when something out of the ordinary is happening, as may be the case in a security breach.
“There are things that we as human intellects have trouble abstracting out of data,” Griffin said. “Big data analysis can say, ‘There are these patterns in the information, the good patterns and the anomalies.’”
Cyber crime costs people and businesses billions of dollars each year.
In 2007 and 2008, the cost of cyber crime worldwide was about $8 billion, while up to $1 trillion worth of intellectual property ended up stolen via corporate cyber espionage, according to Interpol estimates. Norton’s 2012 Cyber crime Report calculated the direct costs of global consumer cyber crime at $110 billion. The indirect costs they calculated for the previous year (including lost time and effort) added up to $274 billion.
As a result, the need for innovative cyber security is ballooning.
It is no coincidence that RSA is looking to big data. EMC’s business focuses on data storage and analysis, and sees the future of tech as using large quantities of information, increasingly captured through mobile devices and stored in the cloud, to help shape businesses.
Big data’s big benefits, however, raise new concerns about privacy as well.
“Security and privacy have to work together in order to be effective. When they come into conflict, the question is what information on the personal level can we use to deal with security threats?” Griffin said.