3 Ways Hadoop Can Minimize Security Risks

Email     |     Share  
1 | 2 | 3 | 4 | 5
Next 3 Ways Hadoop Can Minimize Security Risks-2 Next

SIEM

With a combination of a real-time Hadoop platform and advanced analytics, organizations can predict, identify and deter security threats in several different ways, including:

Security Information and Event Management (SIEM). Hadoop can be used to analyze large amounts of real-time data from network and security devices. For instance, a large U.S. regional bank that was running out of storage capacity on its SIEM infrastructure chose to replace its SIEM with Hadoop. The bank now has the dual benefits of ensuring adherence to SEC/FINRA regulations for newer data sources along with the deeper analytical capabilities that machine learning on Hadoop provides using those data sets.

The IT environment is rapidly changing: New technology stacks emerge every year that serve billions of people worldwide and naturally have been targeted by malware writers. How can you quickly and effectively distinguish a network intrusion attempt from an expected and authorized event? As it turns out, Apache Hadoop is one emerging technology that improves your chances of detecting and stopping security attacks.

Organizations realize that just putting up walls around data is no longer enough protection. CIOs want to avoid security-related incidents having an impact on service-level agreements (SLAs), so they want to reduce the likelihood of a successful attack while being able to respond faster when one does occur. What is needed to do this is a deeper insight into the data being generated in order to identify threats – and that happens by monitoring and analyzing all events across the network in real time. This approach, however, results in the generation of large amounts of security-related data that must be stored and analyzed. In addition, increased regulations require storing and archiving security event data for longer time periods to comply with more stringent regulations. That's where the advantages of using Big Data technologies on a real-time Hadoop platform come in.

According to Ted Dunning, chief application architect at MapR Technologies, it's possible to get in front of attacks by analyzing all network event data with tools such as Apache Spark running on a real-time Hadoop platform, and to do so economically. IT professionals can build models that identify "normal" behavior thanks to the large scale of data made available to them. An understanding of normal patterns enables the models then to identify anomalous behavior. The anomalies signal potential security threats, and the combination of the Hadoop platform with Spark gives the high performance and scalability needed for accurate models as well as the speed needed to alert organizations to take action quickly, thus reducing risk.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.