Now a days, we have a condition that is called The Internet of Things, which defines the situation where ubiquitous computing is happening, embodied and embodied technology becomes part of life, and different devices are connected together through internet.
With this situation, it provides not only easiness for human being but also brings new risks for the system vulnerability. Experience has shown that when everything is connected, everything is vulnerable. Therefore, to put more concern related to this security issues is suggested. It is obvious that we need to keep the pace with the development of technology in order to be one step ahead from the cyber criminals.
Apart from having proper infrastructures that can protect our data, it is important to also have intelligent system that is capable to predict what will happen in the future. This does not mean that we need to have â€śfortune tellerâ€ť in the company but to have the â€śfuture tellerâ€ť based on current trend and condition.
The scientific name of this future teller is data analytics. With the development this internet of things, new data is being added to the system. At the moment, these data is used mostly for business purposes, such as consumer behavior or marketing. Little of us use this source for security purposes.
Many of us may actually wonder what exactly the term security analytics means. In simple term, this is a deduction based on the results of interactions of multiple simultaneous security phenomena and the security analytic allows human to perform multi-variable security analytic. For example: when an email account is blocked due to three times wrong credentials log-in, triggers alarm only when this happens from the working desktop in the office and the employee is not in her/his room, and outside office hour. Without these specific data, alarm is not necessary.
What we have missed about data analytics is that the sophisticated innovation in data analytic software allows us to spit out an avalanche of data like logs, events, packets, flow data, asset data, configuration data, and assortment of other things on a daily basis. Professional is security needs to be able to access and analyze this data in real-time in order to mitigate risk, detect incidents, and respond to breaches. The algorithm of data analytics tools should provide valuable information that allows us to catch criminality before it happens.
Good analytic tools are supposed to perform comprehensive security monitoring, investigation of incidents, malware analytics, and compliance reporting via a unified, browser. It should be able to enable security analysts to be more effective and efficient in doing their job to protect organizationâ€™s digital information and IT systems.
Unfortunately, it is true to say that big data security analytics fits the big companies more due to they are the one with big data and more complicated issues. They are also usually able to have bake-in intelligent algorithms, intuitive visualization, and process automation.
In order to start this security analytics, there are some open source tools that can be used such as BigSnarf, PacketPig, or sqrrl. With the analytics tools, it is expected that the analysts will be able to deliver better prediction and contributes the real value in security field.