One of today's buzzwords is big data. Volumes of information generated are increasing rapidly, driven in part by increased take up of mobile technologies and the growing number and range of machine-to-machine communications as ever more equipment, such as industrial sensors, is connected to networks. Increasingly, organisations are looking to understand how information, events and behaviours impact the overall goals and objectives of the business. Making use of that information is critical as it provides valuable insights that can be used for improving operational performance and business decision making.
The ability to harness big security data generated by feeds from throughout the network stack, incorporating network systems, host, applications and users, combined with internal and external security intelligence information, similarly has enormous potential benefits for organisations. These feeds provide essential information and should be continuously monitored in real time to uncover and understand deviations from what is considered to be normal behaviour to uncover threats that more reactive security controls can miss.
To answer these needs, vendors with their roots in the security information and event management technology and log management systems space have been building out their capabilities, developing security intelligence platforms that incorporate such advanced capabilities as big data analytics and event correlation, integrity and change management, archiving and incident response.
A new report from Bloor Research discusses these developments and provides pointers as to what organisations should look for in such a security intelligence platform. This link will take you to the report: The value of big data in security.