Companies are just now beginning to harness the power of big data for the purposes of information security and fraud prevention.
Only 50 percent of companies are currently using some form of analytics for fraud prevention, forensics, and network traffic analysis, according to "Data Analytics for Information Security," a recent report from the Information Security Forum (ISF).
Less than 20 percent are using big data analytics to identify information, predict hardware failures, ensure data integrity, or check data classification, despite the fact that by doing so, companies are able to improve their balance of risk versus reward and be in a better position to predict potential risks and incidents.
"Banks, insurance, and other financial institutions use big data analytics to support their core businesses," Steve Durbin, global vice president at ISF, comments. "Large volumes of transactions are analyzed to detect fraudulent transactions and money laundering. These, in turn, are built into profiles that further enhance the analyses."
Some insurance companies, for example, share and analyze insurance claims data to detect patterns that can point to the same fraudulent activities against multiple companies.
Healthcare is another area in which data analysis can be used for information security. Milwaukee-based Children's Hospital and Health System needed to track data access to ensure compliance with the Health Insurance Portability and Accountability Act and to conduct forensic investigations. The network of hospitals and clinics is using the DatAdvantage solution from Varonis to help it manage the proliferation of data—two terabytes of information five years ago has turned into 15 to 20 terabytes today.
Big data, as outlined in the report, can arise from internal and external sources, spanning social media, blogs, video, GPS logs, mobile devices, email, voice, and network data. It's estimated that 90 percent of the data in the world today has been created in the past two years, and some 2.5 million terabytes of data are created every day.
Although many companies are already using data warehousing, visualization, and other forms of analytics to tap into this high-volume data, using that data to prevent future attacks or breaches remains relatively uncharted territory.
"For many companies, having the skill sets [and] resources, along with the ability to view the potential that analytics can provide, have simply not hit the corporate radar," Durbin explains. "This is changing and will continue to do so as security increasingly moves from being a technical to a business issue."
To balance the business benefits of big data analytics with the cost of storage, organizations need to regularly review the data they are collecting, determine why and for how long they need it, and where and how they should store it, Durbin notes.
The "Human Element" of the Big Data Equation
Because data volumes grow considerably every day, deciphering all the information requires both technology and people-driven processes. People often find patterns that a computer can pass over, ISF's Steve Durbin points out. Some other steps organizations can take to analyze big data for information security purposes include the following:
- Identify the business issue;
- construct a hypothesis to be tested;
- select the relevant data sources and provide subject matter expertise about them;
- determine the analyses to be performed; and
- interpret the results.