IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING

CONTACT    SIGN IN    SIGN UP
    
White Paper
Advanced Security Analytics in Achieving Continuous Security Intelligence
Date: 11/03/2015 Length: 8 pages Cost: $99.00

            Linked In    

Abstract:
Information Security has always been a large producer and consumer of data. More sophisticated best practices and expanding compliance and regulatory requirements have almost exponentially accelerated the production and consumption of data. Event and activity logs have grown to Big Data proportions and the diversity of data being consumed has become significantly more varied. As the need for continuous security intelligence and accelerated incident response increases, traditional log and event management tools and monitoring practices are becoming increasingly insufficient.

IT and Security are deluged with thousands of alerts daily, a majority of which appear to be critical, making response an insurmountable task with affordable staff levels and traditional tools. With so many critical alerts, they have moved from the analogy of finding the needle in the haystack to identifying and prioritizing THE needle in the stack of needles.

The era of Big Data has begun demonstrating to information security that there is more that can, and must, be done to identify threats, reduce risk, address fraud and improve compliance monitoring activities by bringing better context to data creating information for actionable intelligence. 

This research studies how both management and operations level IT and information security practitioners perceive the change in the volume and types of data available and the tools needed to provide analysis to generate actionable threat intelligence. 

Advanced security analytics provide new adaptive algorithms called Machine Learning and Big Data analysis techniques that can be utilized to identify abstract data relationships, anomalies, trends, fraudulent and other behavioral patterns, creating information where only data existed. The era of Big Data is driving the next technology evolution. 

Security analytics, though a relatively new field of technology, is the next step in detection and response technology, with possible impacts on prevention as well. Machine-learning algorithms and analysis techniques have advanced far beyond the capabilities of what was available in the commercial markets only 2-3 years ago. They also address the issue dubbed "We don’t know what we don't know." Security analytics' core function is to monitor and collect vast amounts of information from the environment to identify threats that indicate elevated risk and ultimately prevent lateral spread of those threats and data exfiltration. To succeed in this endeavor, the analytics platform performs the identification of threats and prioritization of threats without the requirement for the administrators and analysts to create policies or rules.

Security analytics tools provide practitioners a means to meet their needs for continuous actionable security intelligence to provide timely response to attacks to prevent attacks from becoming breaches.
Author:

David Monahan


 




EMA Services

IT Professionals

EMA can help you:

  • Support your decisions
  • Succeed with key projects
  • Align IT with the business

Learn More!

IT Vendors

EMA can help you:

  • Build the right product
  • Reach the right prospects
  • Establish market credibility

Learn More!

EMA Advisory Notes Service

An Affordable Way to Stay on Top of Key Trends & Industry Events

Subscribe now

EMA Premium Research Service

In-Depth Insight into IT Management Benefits, Challenges & Best Practices in the Enterprise

Subscribe now




©1996-2019 Enterprise Management Associates, Inc. All rights reserved.
EMA™, ENTERPRISE MANAGEMENT ASSOCIATES®, and the mobius symbol are registered trademarks or common-law trademarks of Enterprise Management Associates, Inc.
Site Terms & Conditions | Integrity Policy | Site Map | My Account
Hide
Subscribe to EMA RSS Feed
Email
Show