On Tuesday, RSA released a new security brief entitled “Big Data Fuels Intelligence-Driven Security.” Indeed, one of the themes of this blog over the last year or so has been looking for the bad guys hiding in plain sight. Your standard controls won’t catch them—or at least won’t catch them in time. Instead, you will probably rely on poorly constructed logs and expensive forensics to try and piece together exactly what happened.

The brief identifies two key shifts are driving the need for behavior-based controls:

  1. Dissolving network boundaries whereby legitimate users are probably not doing all of their activity within the physical four walls of the building, and
  2. Adversaries are getting much more sophisticated and they surgically attack organizations using many different techniques together that make it harder to defend and defeat.
Law Books, by Mr. T in DC

Law Books, by Mr. T in DC

But let’s take a step back. Those are two pretty tactical reasons for the shift. What’s really happening here? Business is becoming more digital to the point that you can’t really separate out the digital and physical parts of the business anymore. They are co-dependent—one doesn’t exist without the other anymore. We must shift our thinking in order to protect this part of the business.

Our business users generate both active inputs (such as challenge/response or knowledge of security tools) and passive inputs (the gait of their walk, phone’s GPS location, their originating IP address) that collectively must be used to evaluate whether the behaviors of a user match what is expected or might be malicious. This is where Big Data comes into play.

All of this information we collect about our users can be put to use finding the bad guy hiding in plain sight. Advanced analytics across these inputs help us pattern behavior and spot anomalies. We already have the data (or the ability to collect it), but we need to employ higher-order mathematics and intelligence to put it to work.

Go check out the brief! It includes some models and visual examples for how Big Data can make a huge difference in your security posture.

This post originally appeared on BrandenWilliams.com.

Possibly Related Posts: