image-connecting-dotsBig Data is generally defined as data that has a very high volume, lots of variety, is from a trusted source (veracity), changes rapidly (velocity) and has value.

As you can imagine, there is lots of data associated with cybersecurity and it comes from lots of sources.  As technology improves and changes, more and more sources of data exist in the area of cybersecurity.  Most of this data is generated by machines:  network logs, event logs, firewall and security system data, web logs, email logs and more.  Pretty much anything and everything running in your computer infrastructure generates data.

But what to do with all this data?  It needs to be processed quickly and frequently (sometimes real-time).  Proactive cybersecurity needs sophisticated data management in order to aggregate and analyze all the data collected.  The goal:  to improve alerting, develop preemptive processes to detect and stop threats and to provide real-time reporting.

This machine-generated data can be problematic to aggregate, mine and analyze.  And even after the data has been extracted, it may need to be combined with other information to provide context, and establish patterns and trends related to cyber attacks. The process is very forensic in nature and can be difficult at best.

IT Radix is constantly researching and evaluating technology solutions that leverage big data analysis as part of its cyber protection.  For example, we are shifting clients to a new endpoint protection platform that not only leverages big data analysis but also cloud technology to provide greater protection to end user machines and devices.  The software combines file pattern and predictive behavior recognition to allow for continuous real time detection of potential threats.  It also leverages the data and knowledge from all its users and technology partners such as Microsoft, HP, RSA, Cisco and more that generates more than 200+ terabytes of data to quickly identify and manage new threats.  It uses a collective approach to ensure that end points are always protected.

The Internet of Things (IoT) has introduced an even greater threat vector.  As more and more devices are Internet-enabled, the attack surface for cyber threats is expanding.  While it’s tempting and easy to put everything on a single network, IT Radix recommends considering isolating work-related equipment from your IoT devices—sometimes this is easier said than done.

Finally, when protecting against cyber attacks, another important aspect is situational awareness or knowing what’s going on around the organization.  By understanding what’s happening within an organization and combining it with big data analysis, real-time assessments and decision making can be done to respond to potential threats an anomalies.  The bottom line, technology is enabling big data analysis to enhance your business’ cyber protection landscape.  Want to learn more about our new preferred end point protection platform or other ways you can protect your business from cyber threats by leveraging big data technology to connect your cybersecurity dots?  Give us a call today.

First published in our May 2016 IT Radix Resource newsletter

[code-snippet name=”hiding-blog-image”]