Monday, November 24, 2014

Enhancing Cybersecurity with Big Data

Big data is creating profound business and social opportunities in every nearly field, enabling the discovery of previously hidden patterns and developing new insights to inform and guide decisions. At the same time, protecting the information of individuals and organizations from online threats remains an urgent priority so using big data tools and techniques to enhance cybersecurity is a natural development. For example, an organization might aggregate and analyze log data from all of its computing devices to identify malicious activities. In the absence of big data techniques, the task of storing, processing, and analyzing vast amounts of data is, for all but a few organizations, simply not feasible. Microsoft commissioned a study from the Ponemon Institute to understand whether and how organizations are using big data to improve cybersecurity, and to identify the challenges they face, including security and privacy considerations. The study surveyed more than 100 executive-level respondents in the United States and Europe representing their organization’s IT security, privacy, and compliance functions such as chief information security and privacy officers. The survey results suggest that while most companies have a strong interest in using big data to improve cybersecurity, concerns about the cost and complexity of big data solutions as well as privacy challenges, give them pause. Specifically, many respondents noted a conflict between privacy and security, coupled with ambiguity of how privacy will be protected in these applications. The report also details what security and privacy leaders require in big data solutions for cybersecurity. Finally, we offer five recommendations for organizations seeking to address both the security and privacy concerns of big data solutions.

Monday, November 17, 2014

1 in 3 indian companies vulnerable to cyber attacks

Nearly a third of Indian organizations do not possess the knowledge to prevent cyber attacks even as the information technology world is turning increasingly vulnerable, a recent study has found. According to consultancy EY's global information security survey 'Get Ahead of Cybercrime', released on Sunday, the biggest roadblocks in implementing cyber security effectively in organizations are lack of agility, budget and skilled manpower. The consultancy surveyed about 1,825 organizations across 60 countries, including 60 from India. While 54.55% of respondents in India said they were facing increasing online threats, 50.91% respondents said they were facing greater vulnerabilities in their information security risk environment. In spite of the greater awareness, 32.14% respondents said their organization's total information security budget will stay almost the same in the coming year despite increasing threats. Nearly half (46.3%) the companies surveyed said mobile technology will be a high focus area for online threat prevention in the coming year. According to the survey, fraud and cyber attacks to steal intellectual property or data are the top two threats faced by organizations in India. More than half (54.1%) the respondents said careless or unaware employees were the biggest vulnerability companies faced, while 40.9% named outdated information security controls or architecture and 22.7% said unauthorized access were the most common vulnerabilities.

Thursday, November 6, 2014

IBM introduces new cloud platform for threat analytics

IBM today unveiled a new cloud-focused enterprise security services portfolio that includes a threat-analytics platform for hybrid cloud environments. The IBM Dynamic Cloud Security portfolio covers four primary areas: securing users' connection to the cloud; protecting data stored in the cloud; detecting threats to the cloud; and optimizing security operations for both on-premises and cloud environments. The portfolio includes new cloud security software and service offerings, including the IBM Intelligent Threat Protection Cloud, which is a managed services platform for event monitoring and threat analytics. In addition to the Intelligent Threat Protection Cloud, which is built on IBM's Hadoop-based InfoSphere BigInsights for data analytics, IBM also redesigned its Managed Security Services platform for the cloud to provide better visibility and control of enterprise security operations. "The approach was to create a technology platform that allows us to control and manage an ecosystem of different security pieces across the seams of the environment," said Kris Lovejoy, general manager of IBM's security services division. The Dynamic Cloud Security portfolio also brings the IBM QRadar Security Intelligence analytics platform to the cloud for the first time. The QRadar platform offers cloud connector technologies to provide threat intelligence for cloud computing implementations, both those using IBM SoftLayer as well as other public cloud services. "The biggest part of IBM's security business is monitoring and analytics, and now that's being extended to the cloud," Lovejoy said. Lovejoy said the cloud-based threat analytics and threat intelligence platforms will allow Big Blue to aggregate data about a variety of potential threats and anomalies around the world, and make the data available to customers as actionable intelligence. IBM also has an on-premises version of the new threat analytics platform for customers who may be apprehensive about transmitting enterprise data to the public cloud for analysis. But Lovejoy said the on-premises version doesn't offer customers the wealth of information and actionable intelligence that's collected from other customers around the globe. In addition, she said, IBM doesn't store any of the enterprise data or event information that is used for threat analysis, and any data used is immediately destroyed following its analysis. "There are customers that have concerns about the cloud," Lovejoy said. "The biggest challenge for this is data privacy. Some customers will want to use the [public] cloud, and some will want us to build it on premise, which is expensive but we can do that. But most are going to want to use the cloud." Rick Holland, principal analyst at Forrester Research, said that while threat analytics is an important component for cloud security, there are other pressing needs that IBM will have to address with its cloud-centric customers. "For many organizations, they don't even know what applications and infrastructure are running in IaaS, PaaS [or] SaaS," Holland said. "Their most pressing need is an actual inventory so that they can then begin to understand the risks to these cloud assets. I'm consistently surprised by how little organizations, some of them very mature, know about their cloud based assets. If you have to have that visibility first, then you can think about securing it." Along with the threat analytics platform and threat intelligence, Lovejoy said IBM's Dynamic Cloud Security portfolio offers cloud identity and access management tools, cloud endpoint security and cloud network protection. The suite also provides API-based access on IBM's Bluemix developer platform to analytics tools that can scan Web applications and mobile apps for vulnerabilities. According to a new IBM study of nearly 150 Chief Information Security Information Officers , 85% said their organizations are now moving to cloud, but almost half expect a major cloud provider to suffer a security breach in the near future. Lovejoy said numbers like those were a major reason why IBM shifted its entire security product family to the cloud. "Taking over an enterprise's entire security services operation has been a core business for us," Lovejoy said. "Now that enterprises are moving more of their business off premise, we want to be able to manage those security services in the cloud too."