Finding a signal in the cybersecurity noise


There's a lot of chatter about analytics in the information security space. That’s actually a massive understatement. Analytics is a common buzzword, and if everyone's talking it, but how do you cut through all the noise? Who is doing what when it comes to analytics? It can be difficult to tell.

As part of our pre-RSA coverage and to give you a clearer picture of cyberanalytics, I chatted with Chris Smith, SAS director of cybersecurity strategy. What some organizations call analytics really amounts to a collection of IP address calculations, or perhaps measurements on intrusion detection/protection systems (IDS/IPS) data -- fancy terminology for basic network statistics.

That information is relevant for understanding your network, but by itself doesn’t hit the mark when it comes to offering network visibility for the purposes of improving security. Whereas advanced analytics can reach to the boundaries of your infrastructure for context, then give a better understanding of network interactions for your specific business environment.

A former US Army Cadet, Chris Smith spends his off-time happily parenting his three daughters and perfecting Northern Shaolin Chinese Kung Fu martial arts moves.

On top of the more elementary use of one type of analytics, organizations who talk analytics don’t always address the huge elephant in the room: Scale.

“Cybersecurity is truly a fast environment,” says Smith. “This is really big data. Huge. Hundreds of thousands of events per second and beyond. If you think small versus enterprise environments, the difference is significant. A telecom, for instance, has enormous network infrastructure with tons of events traversing it continuously.”

That kind of volume creates significant scalability issues, and more importantly, keeps security analysts from making good use of their time. Considering the security talent shortage and the speed at which hackers work, a stronger solution that quickly surfaces the most critical security risks is essential.

“A true analytics platform will not only offer better detection, but smarter use of your assets,” he continued. “The result is your executives will have better confidence in the results. There’s efficiency and effectiveness for the people and the hardware resources.”

With the right security platform, organizations can use analytics for insight into their existing investments by finding threats that would otherwise go undetected. Smith’s analogy to a needle in a haystack is spot on.

“Cyberanalytics serves up a signal in the noise. Your platform must not only detect that signal, but also detect an alternate version of it. Hackers are smart. If their footprint is constantly altered, by even a fraction, signature-based solutions can miss them completely,” he says.

Add network growth for the ever-changing business environments and BYOD (bring your own device) allowances for smartphones and tablets. You see where this is going — exponential opportunities for security breaches, and this doesn’t even address the Internet of Things (IoT).

"Ultimately, your network can generate data, but prioritization is necessary to show a security analyst where to look and what to review first," says Smith.

Find out more about security analytics. Then come chat with us at the RSA Conference. We'll help you make some sense of all that cybersecurity noise when it comes to analytics!



About Author

Amanda MacDowell

Marketing Strategist

Amanda leads strategy development and execution for integrated marketing programs focused on key initiatives at SAS. Her experience spans more than 12 years of marketing program management, digital campaign strategy, and content planning for contract research and life sciences companies. In the office, you’ll find Amanda doing what she does best – organizing and communicating. With a strong mix of project management and strategic marketing skills, she’s looking at the big picture to create and execute campaigns that generate results. She has a passion for writing, a need for order and the willingness to bring a group of people together to accomplish a goal on time and on budget. Outside of the office, you’ll find a woman with Southern roots that’s always on-the-go with her family. She’s passionate about community outreach and orphan advocacy, cheering on her alma mater under cloudless skies of Carolina blue and spending time outdoors. She enjoys travel, running, cooking and a glass of wine on the porch in the evenings. Amanda holds a bachelor of arts in journalism and mass communication from the University of North Carolina at Chapel Hill and is a certified Project Management Professional (PMP).

Comments are closed.

Back to Top