RSA Conference 2012: The security risks and rewards of big data

Big data does not automatically mean big security improvements. If not handled with care and expertise, it could mean the opposite. That will be the focus of a panel discussion at the RSA Conference in San Francisco today at 3:50 p.m. in room 301.

By

February 28, 2012CSO

"Big Data" is all the rage.

The Boston Globe reported last month that Massachusetts alone is home to more than 100 companies that focus on big data -- the ability to dissect and understand a flood of digitized information quickly and then act on it in a "predictive" rather than "reactive" way. Employment in this sector is expected to more than double over the next six years, adding an estimated 15,000 jobs in a sector that McKinsey Global Institute recently estimated is worth $64 billion.

But big data does not automatically mean big security improvements. If not handled with care and expertise, it could mean the opposite. That will be the focus of a panel discussion at the RSA Conference in San Francisco today at 3:50 p.m. in room 301.

Bill Brenner, CSO magazine managing editor, will moderate. Panelists are John Adams, security operations manager for Twitter; Andrew Jaquith, CTO at Perimeter E-Security; Rich Mogull, analyst and CEO at Securosis; and Adam O'Donnell, chief architect at Sourcefire.

While much of the buzz around big data understandably focuses on marketing, since it makes it easier to predict consumer behavior, a blog post last November by Morey Haber, vice president, project management for eEye Security, notes that for organizations with high security requirements, "the security data driving today's modern threat and risk intelligence is 'big data' in itself. In fact, it might be the biggest data in your organization, with regards to its value and impact to operations.

"It is one thing to collect this data," Haber writes, "but the real challenge is in making sense of (it) in an actionable format."

Indeed, much of the panel discussion will focus on the pros and cons of managing big data for security purposes.

O'Donnell says that on the plus side, big data enables the analysis of not only security threats, but also, "gives context to the threats by comparing them with rich, global baseline data. It allows us to know either that a threat or an attack is unique to a specific target or something commonly seen across all users."

Jaquith says his firm has a "natural affinity for huge quantities of 'machined' security data (since) we filter through 450 million events per day." He adds that it encourages exploration and is, "well suited for MSSPs and other companies that handle large amounts of customer security information."

But then, O'Donnell notes that big data, "can do powerful things, but only when wielded by the right hands, rather than implemented in a haphazard fashion by someone saying, 'Oh, we need big data to solve this.'"

RESOURCE CENTER