Coviello put forward that organizations can no longer afford to remain idle when it comes to updating their security measures and must be willing to take action to adopt an intelligence-driven security model to better defend against unknown threats. The security industry, he said, must also develop an adaptive capacity built on security analytics, risk-based controls and multiple sources of threat intelligence to help security organizations more rapidly identify and respond to threats. Coviello articulated his vision for an intelligence-driven security model enabled by Big Data that can be applied in two ways:
- Security Management for Big Data – Despite today's compute power, bandwidth, database management and storage capacity, organizations will still require all data sets to be analyzed so that they can gain better visibility into a wide variety of contextual data, structured and unstructured, internal and external. Organizations will need to have the right level of context to build specific information about digital assets, users and systems. Big Data architectures can and should be scalable enough to meet each organization's unique requirements. Organizations will then be able to spot and correlate abnormal behavior in people, transactions and the flow and use of data to identify potential attacks and fraud.
- Development and application of controls for Big Data – Organizations will need to subscribe to a more holistic approach for implementing individual Big Data controls by replacing isolated controls that are task-specific, such as malware blocking. Individual controls should evolve to interact with intelligence feeds, risk and compliance platforms, security management systems, and each other making them more dynamic and situationally aware. Other task-specific Big Data controls should have the capacity to be self-learning.
- Download the RSA Security Brief, " Big Data Fuels Intelligence-Driven Security"
- Get Art Coviello's full RSA Conference 2013 keynote transcript on the EMC Reflections Blog
- Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and the RSA Speaking of Security Blog and Podcast