Hardy IT security demands ever-more-involved use of data analytics to identify threats—that’s the conclusion pushed by RSA, the security division of EMC, as it rolls out the new Security Analytics Unified Platform.
RSA’s Security Analytics Unified Platform relies on an analytics package, combined with network forensics software and EMC’s Security Information Event Management (SIEM) platform, in order to discover risks. In the name of that threat protection it collects and analyzes massive volumes of network data, including packets and logs—RSA insists the platform is capable of handling far more data than “traditional siem-based approaches to security.”
On top of that, the software features automated compliance reporting and the ability to recognize a broad number of malware-based attacks.
“The sophistication of advanced attacks and the associated malware is growing every day testing the limitations of existing security analytics tools,” Jon Oltsik, senior principal analyst at the Enterprise Strategy Group, wrote in a Jan. 30 statement tied to the Security Analytics Unified Platform’s release.
“The Big Data phenomenon could help address this situation for security professionals making it important for organizations to rethink their choice of security solutions,” he added. “Marrying intelligence-driven security with Big Data analytics has the potential to help enterprises address the complex problem of advanced threats and thus meet a significant need in the marketplace.”
Indeed, the use of Big Data to harden corporate security is an ever-more-prevalent theme among IT vendors and security experts. But is also raises a key question: when it comes to IT, is there such a thing as too much security? What happens when measures designed to protect data start to hinder work?
Javvad Malik, a Senior Analyst in the 451 Enterprise Security Practice, suggested in a recent interview that small companies ask whether it’s feasible to implement security at a level recommended by experts. In most cases, he believes, the answer is no. Many small- to midsize organizations live below the security poverty line, without the expertise, money, or appetite to invest in security.
“It’s really this uncertainty and lack of clarity, and lack of real information that is the real reason why poor security decisions are made that aren’t really appropriate to that particular organization,” he said. “When those sorts of decisions are made, that’s when it becomes prohibitive, because it’s not inline with the organization’s way of working or actual risk appetite or working culture.”
Nonetheless, some large companies that traffic in enormous amounts of data—and face constant IT threats—could embrace analytics as a way to strengthen their security, particularly if they have the resources to do so.
Image: Simon Booth/Shutterstock.com