Big Data Is Transformative Solution To Security Challenges: RSA's Art Coviello

Art Coviello, Executive Vice President of EMC and Executive Chairman of RSA, The Security Division of EMC addressed a record crowd about the ways that Big Data is transforming the security industry, information technology, business and society. Specifically Coviello articulated how an intelligence-driven security strategy that uses powerful Big Data analytics will help security practitioners regain the advantages of vigilance and time to better detect and defend against advanced threats.

Coviello noted the sheer amount of unstructured data being mined and the richness and variability of that data provides great opportunities for business and society, while that same data also provides new attack vectors for adversaries.

“But, new tools and techniques are coming online to analyse all of this data. It won’t be long before Big Data applications and stores become the ‘crown jewels’ of an organisation. . . And those crown jewels will be readily accessible in the cloud and via mobile devices across our hyper-connected enterprises – and not just by us, but by our adversaries as well.”

Coviello also called for a more realistic level of understanding when it comes to the escalation of threats. “Having the right level of understanding is key, because if we, as an industry, overhype this situation, organisations won’t take the necessary measures to prepare themselves.”

Coviello put forward that organisations can no longer afford to remain idle when it comes to updating their security measures and must be willing to take action to adopt an intelligence-driven security model to better defend against unknown threats. The security industry, he said, must also develop an adaptive capacity built on security analytics, risk-based controls and multiple sources of threat intelligence to help security organisations more rapidly identify and respond to threats. Coviello articulated his vision for an intelligence-driven security model enabled by Big Data that can be applied in two ways:

Security Management for Big Data – Despite today’s compute power, bandwidth, database management and storage capacity, organisations will still require all data sets to be analysed so that they can gain better visibility into a wide variety of contextual data, structured and unstructured, internal and external. Organisations will need to have the right level of context to build specific information about digital assets, users and systems. Big Data architectures can and should be scalable enough to meet each organisation’s unique requirements. Organisations will then be able to spot and correlate abnormal behaviour in people, transactions and the flow and use of data to identify potential attacks and fraud.

Development and application of controls for Big Data – Organisations will need to subscribe to a more holistic approach for implementing individual Big Data controls by replacing isolated controls that are task-specific, such as malware blocking. Individual controls should evolve to interact with intelligence feeds, risk and compliance platforms, security management systems, and each other making them more dynamic and situationally aware. Other task-specific Big Data controls should have the capacity to be self-learning.

Coviello also cited examples of technologies starting to meet these new Big Data requirements by building tools with Big Data analytics such as the new RSA Authentication Manager 8.0 platform. He outlined how Authentication Manager 8.0 combines risk-based analytics drawn from a self-learning engine refined through more than 30 billion transactions with a powerful rules engine and RSA SecurID two-factor authentication. RSA also recently announced the RSA Security Analytics platform that is designed to provide a Big Data approach to security monitoring by fusing security log and packet data with internal and external threat intelligence.

Referring to RSA’s recent Big Data Security Brief, Coviello highlighted the six guiding principles that can help organisations begin planning for the Big Data-driven transformation of their security toolsets and operations as part of an intelligence-driven security program.