- Ed Burns, Executive Editor
The recent spate of high-profile data breaches is a good reminder that the vast amounts of data that businesses store continues to be unsecured. Breaches have become a fact of life, and most businesses' response to the problem has been insufficient.
It doesn't have to be this way. Cybersecurity analytics has the potential to cut down on data breaches and limit the amount of valuable data hackers are able to abscond with. All it will take is a relatively small investment on the part of businesses that store data.
The matter is not trivial. The recent breach at Anthem Inc., the country's second-largest health insurance company, exposed the names, birthdates, addresses, Social Security numbers and healthcare ID numbers of potentially tens of millions of members -- everything fraudsters needs to do their work. This news was followed up by Kaspersky Lab's announcement that Russian hackers stole at least $1 billion from global banks. These two events came to light over the course of 10 days, a pace the global economy cannot sustain.
There is no way to keep every hacker out of a network, but there are ways to keep an eye on them once they're in. This is where analytics comes in. By logging and analyzing network data, organizations can identify anomalous activity and stop intruders from leaving behind malware or other malicious code that could be used in a hack.
In terms of the analytics involved, securing a network is relatively simple. Yet not enough businesses have invested in this area. This may be changing, as Forrester has predicted that information security budgets will increase during 2015 and security analytics will be central to businesses' plans. But the fact that breaches keep happening shows how far organizations need to go to catch up.
It's hard not to see the current state of cybersecurity as a case of misplaced priorities. Jeff Hammerbacher, the former chief research scientist at Facebook, famously told Bloomberg Businessweek that "The best minds of my generation are thinking about how to make people click on ads. That sucks."
He's right. There's nothing sexy about making it harder for hackers to take advantage of network vulnerabilities. But if you can develop an algorithm that predicts email subject lines that will get customers to open the message and click on a link, you're a rock star. The focus among data scientists and businesses' analytics teams is on generating revenue, even at the expense of other potentially important disciplines.
Part of the problem is that it's hard to prove the return on investment from security analytics. You can't demonstrate to the CEO or the CFO how much money hackers might have stolen from you had you not acted, so it's difficult to make the case.
But looking at the aggregate is clarifying. Forrester estimates that in 2012, breaches cost the global economy $11.27 billion. That number has likely grown in recent years. That number also doesn't address the issue of reputational harm that comes from customers not trusting you with their data after you experience a breach.
Cybersecurity analytics isn't particularly challenging from a technical perspective, it can save businesses billions and it's the right thing to do for customers. Businesses are out of excuses.
Security analytics to experience widespread adoption by 2016
Prove your knowledge of security analytics
Five security analytics reports to run daily
Cybersecurity analytics, information security monitoring for the digital age
- Security analytics: Enabling organisations to get ahead of attackers –ComputerWeekly.com
- Getting a handle on AIOps and self-healing systems –ComputerWeekly.com
- Managing and Optimizing the Call Center –SearchCRM
- Analyst's take: IBM’s acquisition of SPSS is good news for SAS and SAP customers –ComputerWeekly.com