Big data and analytics is showing promise with improving cyber security. 90% of respondents from MeriTalk\u2019s new U.S. government survey said they\u2019ve seen a decline in security breaches. 84% of respondents said they\u2019ve used big data to help block these attacks.Not surprising, companies that are already heavy analytics users have a greater amount of confidence when it comes to using analytics to detect threats.\u00a0An article in ITWire\u00a0states that, \u201con 11 common cyber threats, the biggest gaps concern the organization\u2019s ability to detect advanced malware\/ransomware, compromised devices (e.g., credential theft), zero-day attacks and malicious insiders. The smallest gaps concern denial of services, web-based attacks and spear phishing\/social engineering.\u201dKeeping Up with the VolumeOf course, there are still many challenges as new cyber security threats are popping up daily. Of those\u00a0surveyed, 53% said they are using analytics for their overall strategy and 28% are using it in a limited capacity. Even with this, 59% said that their given agency has been compromised at least once per month because they were not able to keep up and fully analyze the data.Out of these participants, less than half say their efforts are highly effective. When asked why, they listed these\u00a0top challenges:49% said it is because of an overwhelming volume of data33% aren\u2019t collecting the data they need because they don\u2019t have the right systems30% say it didn\u2019t work because the data is stale when it finally gets to a cyber security managerBig data can be ineffective for threat analysis if it is poorly mined for improving cyber security. While the metadata is available, it can be difficult to get the maximum benefit from it. Sometimes the problem is finding the right people who know how to mine data for trends.A Big Data SolutionCyber security needs the risk management and actionable intelligence that is common from big data analysis. While it is great to have tools that can analyze data, the key is to automate tasks so that the data is available more quickly and the analysis is sent to the right people on time. This will allow analysts to classify and categorize cyber threats without the long delays that could make the data irrelevant to the attack at hand.Big data will also help analysts to visualize cyberattacks by taking the complexity from various data sources and simplifying the patterns into visualizations.Being able to utilize the data in its raw format allows disparate data to be useful not only with what is happening now, but also with historical data. Using this historical data, you can create statistical baselines to identify what is \u201cnormal.\u201d You will then be able to determine when the data deviates from the norm. Sometimes it\u2019s easy to miss indicators when they are offered in real time; however, they may have new meaning when they are viewed over time.This historical data can also create new possibilities for predictive models, statistical models, and machine learning. This gives the ability to predict future events.However, it\u2019s what you can do with this data, if anything, that can make the difference between being attacked or not. After all, data is just really information unless an action is taken towards improving cyber security. Being able to automatically respond to threats noticed in data, and also being able to have a high level of trust in the accuracy of the data is key to a big data security solution.ConclusionSome might believe that big data will quickly solve the problems of the cyber security industry. The reality is that data and analytics will allow companies to identify anomalies and advanced attack vectors.\u00a0SentinelOne\u00a0uses machine learning paired with cloud intelligence and automated responses to detect unusual activity and respond when you need it.