Big Data Defense against Big Data Heists

July 17, 2015

Protecting Big Data With the Power of Big Data

If you’ve read the news lately, you’ve probably heard of the recent attack on the Office of Personnel Management. This attack stole sensitive information from nearly 4 million current and former government employees, and has thrown the government into a scramble to figure out the whom, when, and why of the attackers.

4 million records may seem large but that number pales in comparison to some of the attacks against the retail industry. In 2014, many businesses found themselves victims of hackers, but two major retailers, Home Depot and Target, suffered the biggest breaches of their data stores. Target found that during the holiday shopping season, they had a breach that released over 40 million debit and credit card numbers to hackers. A few months before that, Home Depot confirmed that they had been targeted and had 56 million credit and debit cards affected by the breach. With these hackers targeting companies’ and governments’ data infrastructure and stores, some professionals in the industry have started to use Big Data as the answer, rather than the weakness.

Industry professionals are looking for answers and there is a growing demand for Security Information and Event Management (SIEM) technology and services. SIEM technology gathers and analyzes security event data and utilizes it to manage and assess threats to sensitive company information. Most companies currently have a data infrastructure where one security solution handles one facet of their company’s whole security infrastructure. With this integrated technology, these single facets now communicate back to a central security apparatus that analyzes unstructured and structured data to improve current protocols. This intelligence sharing allows for security systems to communicate and inform each other of detected threats, then adapt themselves in real time.

A few different companies have come out with SIEM technology solutions. IBM has combined their security solution QRadar with their big data consolidation service InfoSphere BigInsights. This system pores over multiple data sources, DNS transactions, emails, and business process transactions, over years of activity, to expose any suspicious or malicious activity hidden against the background noise of millions of ordinary events. Another product by CounterTack collects and correlates data collected from thousands of different endpoints to detect and inform of malicious behavior that might have been missed by a siloed product. Although hackers are getting more and more advanced, the business industry is innovating to try to keep up with them.