Cybersecurity is top of mind for security professionals across both the public and private sector, with the federal government alone in 2015 experiencing more than 60,000 cybersecurity breaches. Cyber breaches expose potentially sensitive information and can adversely impact both personal lives as well as materially impact businesses, all while costing organizations millions of dollars. It’s thus more important than ever that federal agencies seek new technologies to address cybersecurity as part of their overall big data strategy, and a multitude of factors have put Apache Hadoop at the forefront of cybersecurity strategy.
Cloudera and MeriTalk recently surveyed 150 Federal cybersecurity professionals to examine how agencies are using big data and advanced analytics to better understand trends and mitigate threats and have shared their results in a new report titled “Navigating the Cybersecurity Equation.” The study revealed that 81 percent of Feds say their agency is using big data analytics for cybersecurity in some capacity, including 53 percent who say that it’s built into their overall cybersecurity strategy.
Harnessing the Full Value of Data
Such results demonstrate that agencies understand the value that data analytics can bring to cybersecurity efforts, but the survey also illustrated where agencies are running into problems when it comes to effectively utilizing that data. Many public sector organizations still rely on traditional security information and event management (SIEM) systems that have limitations on the scope and scale of data ingest. With more than 40 percent of data currently going unused according to MeriTalk, many agencies simply cannot take full advantage of their data with the current tools they have in place and need to augment the capabilities of their SIEM systems with a more robust big data solution.
That’s where Apache Hadoop and Cloudera can help. Cloudera’s fast and secure data and analytics platform, built on Hadoop and the latest open source technologies, enables any type or volume of data to be included in analysis. Only by painting a full picture of agency operations through the analysis of all data can agencies get an accurate understanding of the cybersecurity posture, and begin to identify the advanced threats they face.
Using Data to Detect Cyber Risks
The survey also revealed that the most common uses for big data are detecting vulnerabilities in the IT environment (55 percent), detecting breaches that are currently happening (54 percent), and correlating and analyzing data from multiple sources (51 percent). Apache Hadoop can help agencies in all of these areas too. Immediate availability of data, the ability to process large volumes of diverse data over a longer period of time, and advanced persistent threat detection are just some of the benefits of Apache Hadoop-based products like Cloudera’s.
Federal agencies are struggling to draw intelligent, actionable insight from data for cybersecurity efforts. According to the survey, 88 percent of respondents said that their agency faces challenges drawing cybersecurity intelligence from data, and the majority agree that the task has become more difficult in the past two years. To address this, agencies must extend beyond a rules-based approach and adopt one that enables user behavior analytics and network traffic analytics so that evolving threats to data security can be identified. Cloudera can help here too—the Cloudera Enterprise data analytics platform makes Hadoop fast, easy and secure and is supported by a large network of partners who can help the public sector draw actionable insight from their data in real-time.
The time for agencies to advance cybersecurity analytics is now. This can be achieved through a robust data analytics platform like Cloudera’s. The survey also revealed that 90 percent of big data users have seen a decline in security breaches as a result of using big data analytics, and 84 percent have successfully used data to thwart at least one cybersecurity attack. This is good news, but agencies must ensure that they have the proper visibility and tools at their disposal as cyberattacks will continue to evolve. Using a platform like Cloudera’s enhances both user behavior and network traffic analytics with the ability to process trillions of events, all with reduced analysis time and unlimited scale providing a strategy to detect the known and unknown threats on a platform that will keep pace with the ever evolving needs for the decade to come.