Cyber attacks cost businesses as much as $400 billion a year, according to insurance company Lloyd’s.
Experts say that the risk of cyberattacks, especially targeted at financial institutions, has become systemic: simultaneous attacks, directed at multiple companies. That’s why some of the regulators are extending their reach into cybersecurity. In October 2016, the Federal Reserve issued an advance notice of proposed rulemaking on cyber risk management standards that are aimed at institutions with $50 billion or more in assets. “Due to the increasing interconnectedness of the U.S. financial system, a cyber incident, or IT failure at one entity may impact the safety and soundness of other financial entities and introduce potentially systemic consequences,” the draft proposal states.
The “game” has reached another level and the tools of yesterday cannot keep up. What has changed is that the attacks are happening too fast and on a larger scale and there are new types of attacks every day.
As financial firms collect more and more sensitive customer data, their cybersecurity posture needs to be stronger, but they need to do so without affecting customer experience. This requirement produces challenges that range from responding to suspicious activity with limited context, to discovering advanced threats buried in billions of events, to understanding the true business risk associated with a user or entity.
Cloudera offers a solution that complements Splunk implementations in the Cybersecurity space. By combining Splunk and Cloudera, firms can expand the amount of data available for analytics. Optimized data sets (hot data) will reside in Splunk and will be used to support business critical short term analytics, alerting, and search use cases. This makes the existing Splunk investment even more valuable by reducing indexing licensing costs and enterprise storage costs.
Large-scale historic data sets (cold data) will reside in Cloudera and will be used for longer term data retention and machine learning analytic use cases that require more analytics flexibility at scale. Results from Cloudera-based analytics outcomes can be fed back into Splunk from Cloudera post-enrichment to augment specified use cases.
Cloudera’s cybersecurity solution accelerates anomaly detection, investigation, and response with machine learning and complete enterprise visibility. Cloudera’s solutions, based on Apache Spot, enable large-scale visualizations, machine learning, and comprehensive access across all enterprise data using an open, scalable platform. Building off of Cloudera’s scalable, open platform allows organizations to build custom solutions as well as deploy packaged applications on top of one shared hyper-enriched data set. Using the diverse open source community to accelerate shared innovations, while changing the economics of IT and cybersecurity allows organizations to come together to protect their enterprise. You can see a demo here of Apache Spot.
The open data model can support multiple applications without duplicating data, thus creating a future-proofed platform for all data and applications.
As the cyber threats become systemic, Financial Services firms need to respond by increasing their collaboration. Apache Spot and Cloudera’s cybersecurity solution facilitate the exchange of information and use an open source data model to accelerate innovation.
Learn more by watching our Splunk Optimization Webinar