Welcome!

SDN Journal Authors: Rishi Bhargava, Pat Romanski, ManageEngine IT Matters, John Basso, Steven Lamb

Related Topics: @BigDataExpo, Java IoT, Linux Containers, @CloudExpo, Cloud Security, SDN Journal

@BigDataExpo: Article

Security Through Data Analytics

The best way to protect the infrastructure, the brand and the consumer

Given the mountains of data now floating around, it is perhaps inevitable that the very function of data analytics is seen as somehow intrusive. There's a constant glut of reports, columns and other stories bemoaning the lack of data privacy - and at times, they're entirely justified. Organizations have a solemn duty to protect their customers' data, and those that don't implement the proper safeguards deserve to be vilified.

But beneath the surface lurks another dimension of this discussion that is often overlooked. Ethical and effective data analytics enhances security. Ethical and effective data analytics protects not only the institutions that possess the data, but also the consumers that data reflects. Ethical and effective data analytics serves a good purpose.

Let's be clear about the parameters of this argument. Data doesn't exist in a vacuum - it's generated on an ongoing basis through multiple activities, created in numerous formats and comes in through a variety of channels. At any given time, it is being analyzed and used (and occasionally misused) to serve many different needs.

Of course, when done right, information services and analytics represent a key driver of most business decisions. Actionable intelligence based on real data doesn't just augment gut instinct; it leads to quantitative thinking that supports strategic initiatives, enables tactical outreach and boosts the bottom line. Perhaps most important, it enhances information security so as to protect customer privacy and prevent operational and brand damage.

High-profile assaults on retailers like Target and Neiman Marcus, or clandestine downloads of classified information from the National Security Administration (NSA), make more news than inside-the-infrastructure DDoS attacks, but the latter is even more insidious. There are over 2,000 DDoS attacks every day. Some 65 percent of all organizations see three or more attacks each year. While the devastation is certainly felt on an organizational level, the financial impact is just as significant: DDoS attacks can cost up to $100K an hour.

DDoS mitigation can be an enormous challenge. Making an accurate distinction between normal, benign Internet traffic and malicious activity that could be the root cause of a potential DDoS attack is critical, but it's not easy. This is in part because DDoS attacks, especially when they serve as the front line of advanced targeted attacks, are remarkably sophisticated. They rely on stealth techniques that go unnoticed within the enterprise for long periods. They're highly customized, based specifically on each target's infrastructure and defenses, and can often defeat defense strategies that rely primarily on signature-based detection. Then of course there's the cloud. When attacks become super-sized, the defensive strategies in place must have the capacity to scrub far larger volumes of bad traffic.

This is why information services and analytics are so crucial. They can boost awareness and reaction time to particular situations. When it comes to leveraging Big Data within the enterprise to help identify breach attempts, it's still early days. According to a January 2014 report from Gartner, eight percent of enterprises are using data and analytics to identify security flaws. But there's reason for optimism - the same report also estimates that within the next two years, around 25 percent of enterprises will leverage Big Data for security purposes.

It is this same pattern-searching approach that the enterprise should take when it comes to DDoS mitigation. Proactive site monitoring on a continuous basis - in particular with a centralized view of traffic patterns - enables organizations to identify anomalies and threats, before they become real problems. For example, in the case of a custom application being exploited for a directed attack to steal customer data, the detection solution must be able to identify and highlight the fact that there's a new kind of application traffic on the network.

This might be a new concept to enforce at the enterprise level, but this is really something that banks have been doing for years with regard to fraud protection services. Banks monitor a person's transaction activity, and when a purchase is made that does not fit the usual spending behavior, it is stopped and flagged with the customer. The same thing should - and will - happen at the enterprise level.

It's easy to see why information services and analytics are too often seen as a potential invasion of privacy. Data privacy is vital, and it should rightfully be a corporate priority. However, in the ongoing effort to secure data, the right kind of analytics can be the best weapon of all.

More Stories By Mark Bregman

Mark F. Bregman is Senior Vice President and Chief Technology Officer at Neustar. He joined the Neustar executive team in August 2011 and is responsible for Neustar’s product technology strategy and product development efforts.

Prior to joining Neustar, Dr. Bregman was Executive Vice President and Chief Technology Officer of Symantec since 2006. His portfolio while CTO of Symantec Corporation included developing the company’s technology strategy and overseeing its investments in advanced research and development, security and technology services.

Prior to Symantec, Dr. Bregman served as Executive Vice President, Product Operations at Veritas Corporation, which merged with Symantec in 2005. Prior to Veritas, he was CEO of AirMedia, an early mobile content marketplace, and spent 16 years in a variety of roles at IBM. Dr. Bregman serves on the Board of the Bay Area Science & Innovation Consortium and the Anita Borg Institute, which focuses on increasing the impact of women on all aspects of technology.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
"We host and fully manage cloud data services, whether we store, the data, move the data, or run analytics on the data," stated Kamal Shannak, Senior Development Manager, Cloud Data Services, IBM, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-for-purpose database tools for their different application needs regarding scalability, ease of use, ACID support, etc. Platform as a Service offerings make this even easier now, enabling developers to roll out their own database infrastructure in minutes with minimal management overhead. However, this same amount of flexibility also comes with the challenges of picking the right tool, on the right ...
IoT is rapidly changing the way enterprises are using data to improve business decision-making. In order to derive business value, organizations must unlock insights from the data gathered and then act on these. In their session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, and Peter Shashkin, Head of Development Department at EastBanc Technologies, discussed how one organization leveraged IoT, cloud technology and data analysis to improve customer experiences and effi...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develo...
SYS-CON Events announced today that MangoApps will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device.
“delaPlex Software provides software outsourcing services. We have a hybrid model where we have onshore developers and project managers that we can place anywhere in the U.S. or in Europe,” explained Manish Sachdeva, CEO at delaPlex Software, in this SYS-CON.tv interview at @ThingsExpo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Predictive analytics tools monitor, report, and troubleshoot in order to make proactive decisions about the health, performance, and utilization of storage. Most enterprises combine cloud and on-premise storage, resulting in blended environments of physical, virtual, cloud, and other platforms, which justifies more sophisticated storage analytics. In his session at 18th Cloud Expo, Peter McCallum, Vice President of Datacenter Solutions at FalconStor, discussed using predictive analytics to mon...
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discussed how businesses can gain an edge over competitors by empowering consumers to take control through IoT. He cited examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He also highlighted how IoT can revitalize and restore outdated business models, making them profitable ...
SYS-CON Events announced today that Isomorphic Software will exhibit at DevOps Summit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, cutting-edge enterprise web applications for desktop and mobile. SmartClient combines the productivity and performance of traditional desktop software with the simp...
"When you think about the data center today, there's constant evolution, The evolution of the data center and the needs of the consumer of technology change, and they change constantly," stated Matt Kalmenson, VP of Sales, Service and Cloud Providers at Veeam Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
We all know the latest numbers: Gartner, Inc. forecasts that 6.4 billion connected things will be in use worldwide in 2016, up 30 percent from last year, and will reach 20.8 billion by 2020. We're rapidly approaching a data production of 40 zettabytes a day – more than we can every physically store, and exabytes and yottabytes are just around the corner. For many that’s a good sign, as data has been proven to equal money – IF it’s ingested, integrated, and analyzed fast enough. Without real-ti...
Actian Corporation has announced the latest version of the Actian Vector in Hadoop (VectorH) database, generally available at the end of July. VectorH is based on the same query engine that powers Actian Vector, which recently doubled the TPC-H benchmark record for non-clustered systems at the 3000GB scale factor (see tpc.org/3323). The ability to easily ingest information from different data sources and rapidly develop queries to make better business decisions is becoming increasingly importan...
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
Cloud analytics is dramatically altering business intelligence. Some businesses will capitalize on these promising new technologies and gain key insights that’ll help them gain competitive advantage. And others won’t. Whether you’re a business leader, an IT manager, or an analyst, we want to help you and the people you need to influence with a free copy of “Cloud Analytics for Dummies,” the essential guide to this explosive new space for business intelligence.
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
Qosmos has announced new milestones in the detection of encrypted traffic and in protocol signature coverage. Qosmos latest software can accurately classify traffic encrypted with SSL/TLS (e.g., Google, Facebook, WhatsApp), P2P traffic (e.g., BitTorrent, MuTorrent, Vuze), and Skype, while preserving the privacy of communication content. These new classification techniques mean that traffic optimization, policy enforcement, and user experience are largely unaffected by encryption. In respect wit...