Story image

Fighting back against cyber attacks with big data analytics

22 Feb 2018

While technological advancement is viewed as necessary to organisational success, there is a dark side to this transformation – the increased threat of cyber-attacks. While advancements like cloud computing, smart devices and AI have been heralded as vital to the success of Australian businesses, with increased reliance on technology comes a greater vulnerability toward cyber-attacks. In 2017, a new type of malware emerged every 4.2 seconds, highlighting an urgent need for businesses to protect their assets.

Cyber attacks are becoming inevitable – the question is no longer whether businesses are vulnerable, but rather will they be prepared when faced with an attack?

Turning the tables on security threats 

As organisations generate and gain access to increasing amounts of data, the threat of attack grows, as malignant forces seek access to this valuable commodity. 2017’s WannaCry attacks affected over 200,000 computers globally and led to other devastating attacks such Petya and NotPetya. By leveraging data, IT teams across organisations will be able to fight back against any potential attacks.

Specifically, the more log data businesses amass, the greater opportunity they’ll have to detect, diagnose and protect themselves from cyber-attacks. In doing so, businesses will have the opportunity to identify anomalies within data and correlate these with irregular events or actions – suggesting a potential security breach. While analysing this massive amount of data in a timely manner can be a challenge (to reduce the fallout from attacks) can be difficult, big data analytics allows for this process to be sped up.

Catching threats in real-time

By leveraging big data analytics, companies can monitor in real-time both network and user behaviours – identifying suspicious activity quickly and efficiently. Businesses can then model various network, user, application and service profiles to establish intelligence-driven security measures, in order to quickly respond to anomalies that indicate cyber threats or attack. Some examples of the types of activities big data analytics can track include:

  • Traffic anomalies to, from or between data warehouses
  • Suspicious activity in high value or sensitive resources in data networks
  • Suspicious user behaviours, such as varied access times, levels, location, information queries and destinations
  • Unauthorised or dated devices accessing a network
  • Suspicious customer transactions

Big data analytics is becoming a highly effective tool in the identification of cyber-attacks, both before the attack takes place and before it becomes a serious issue – minimising and sometimes completely eliminating additional losses and costs. This real-time analysis will allow organisations to thwart both the smallest and largest scale attacks.

Monitor attacks with data

Investment in big data analytics means that businesses will be able to improve the quality of their security monitoring to counter attacks as they come.

While security monitoring requires the storage of substantial amounts of data, a big data analytics solution will be able to analyse large amounts of data in real-time. The tool for organisations to be able to conduct consistent and scalable security monitoring is real-time analysis.

Access to big data includes access to activities and events that can signal a potential threat to prevent large-scale consequences, but combining big data analytics with real time analytics is what will create a truly effective security tool.

It’s two fold for organisations – investing in big data analytics to ensure that threats are recognised is key, but also investing in real-time analytics is vital to be able to react quickly to create a complete security monitoring platform.

The stakes are getting higher for organisations. Not only are businesses’ financial securities and intellectual property at risk, but their very reputations are on the line. These types of cyber-attacks are serious concerns for businesses of all size and complex solutions are required to tackle these threats in real-time. Big data analytics is the ideal solution to protect businesses by flagging threats and attacks before and as they occur – ensuring that the least damage possible is created.

Article by MapR's country manager for Australia and New Zealand, Paul Bennett.

Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
Ransomware’s decline equals cryptomining’s rise
ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.
IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.
Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.