Since the notion of a corporate security perimeter has all but disappeared in the recent years thanks to the growing adoption of cloud and mobile services, information security has experienced a profound paradigm shift from traditional perimeter protection tools towards monitoring and detecting malicious activities within corporate networks. Increasingly sophisticated attack methods used by cyber criminals and even more so, the growing role of malicious insiders in the recent large scale security breaches clearly indicate that traditional approaches to information security can no longer keep up.
As the security industry’s response to these challenges, a new generation of security analytics solutions has emerged in the recent years, which are able to collect, store and analyze huge amounts of security data across the whole enterprise in real time. These Real-Time Security Intelligence solutions are combining Big Data and advanced analytics to correlate security events across multiple data sources, providing early detection of suspicious activities, rich forensic analysis tools, and highly automated remediation workflows.
Industry analysts, ourselves included, have been covering this fundamental focus shift in the information security for a few years already. However, getting that message across to the general public is not an easy task. To find out how many organizations around the world are truly understanding the critical role of security analytics technology in their corporate security strategies, earlier this year KuppingerCole has teamed up with BARC – a leading enterprise software industry analyst and consulting firm specializing in areas including Data Management and Business Intelligence – to conduct a global survey on Big Data and Information Security. Our survey was focused on security-related aspects of Big Data analytics in cybersecurity and fraud detection and is based on contributions of over 330 participants from 50 countries representing enterprises of all sizes across various industries such as IT, Services, Manufacturing, Finance, Retail or Public Sector.
The study delivers insights into the level of awareness and current approaches in information security and fraud detection in organizations around the world. It measures importance, status quo and future plans of Big Data security analytics initiatives, presents an overview of various opportunities, benefits and challenges relating to those initiatives, as well as outlines the range of technologies currently available to address those challenges.
Here are a few highlights of the study results:
Information Security and Big Data are recognized as the two most important IT trends
Over a half of the survey respondents consider Big Data technology one of the cornerstones of the Digital Transformation and consider protecting their digital assets from security risks and compliance violation extremely important. The public awareness of the potential of security analytics solutions is very impressive as well: almost 90% of the participants believe that these solutions will play a critical role in their corporate security infrastructures.
Current implementations are still lagging behind
Unfortunately, only a quarter of the respondents have already implemented big data security analytics measures. Even fewer, just 13% consider themselves best-in-class in this field, believing to have a better understanding of the technology than their competitors.
Benefits from big data security analytics are high
The overwhelming majority of the best-on-class participants believe that security analytics can bring substantial profits for their companies. In fact, over 70% of all respondents, even those who do not yet have a budget or a strategy for security analytics, already consider potential benefits from implementing such a solution to be high or at least moderate.
Best-in-class companies use a wide range of technologies
The companies with deep understanding of current information security trends and technologies clearly realize that only multi-layered and well-integrated security architectures are capable of resisting modern sophisticated cyber-attacks. They are deploying multiple security tools not just for threat protection, but for identity and access governance, strong authentication, SIEM and user behavior analytics as well. Unfortunately, many of the “laggards” are not even aware that some of these technologies exist.
Automated security controls are a key differentiator
Identifying a security incident is just the first step of a complex remediation process, which is still largely manual and requires a skilled security expert to carry it out properly using a large number of security tools. New generation security analytics solutions therefore place a strong emphasis on automation, which helps to reduce the skill gap and ideally let even a non-technical person initiate an automated incident response process. 98% of the best-in-class respondents are already aware of these developments and consider automation a key aspect of security solutions.
You’ll find a short summary of our findings in the handy infographic above. The complete study can be downloaded from our website in English or German. Thanks to the generosity of MicroStrategy, Inc., we are able to make it available free of charge.
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
Today, the Cyber Defence Center (CDC) or Security Operations Center (SOC) is at the heart of enterprise security management. It is used to monitor and analyze security alerts coming from the various systems across the enterprise and to take actions against detected threats. However, the rapidly growing number and sophistication of modern advanced cyber-attacks make running a SOC an increasingly challenging task even for the largest enterprises with their fat budgets for IT security. The overwhelming number of alerts puts a huge strain even on the best security experts, leaving just minutes [...]