Uncovering the Truth about Six Big Data Security Analytics Myths

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Uncovering the Truth about Six Big Data Security Analytics Myths-6 Next

User Behavior Analytics

Myth #5: User behavior analytics is all you need.

User behavior analytics (UBA), which profiles user behavior to identify bad actors (i.e., malicious insiders, compromised users, etc.), is the only thing needed to detect advanced attacks.

Why it's a myth: Behavioral analytics is key to discovering advanced attacks, but it's not only users who should be profiled, as devices and applications should also be in the mix. What's really needed is entity behavior analytics. While UBA identifies anomalous activity, attributing maliciousness is a different matter. Producing an alert for every anomaly just adds to alert white noise, as there will be false positives. Behavioral analytics must be combined with a) discrete analytics, which look at data at a singular point in time in a stateless and entity-less manner and b) forensics, which provide the supporting evidence needed to triage and investigate alerts. The three together can establish the maliciousness of anomalous activity and, given the probabilistic nature of UBA, provide a means to check the accuracy of identified attacks.

Cyber threats are becoming extremely sophisticated, as evidenced by the many high-profile breaches over the last few years. Organizations are confronting a new reality where they must accept that they are likely to be impacted, despite their best attempts to keep these threats out altogether. They need quicker and better ways to discover, investigate and remediate these threats. Marrying Big Data with machine learning can help address this challenge by providing security professionals with the Big Data security analytics (BDSA) they need to thwart the bad guys.

Without a doubt, when BDSA is used correctly, it is extremely beneficial to an organization. However, there are many false claims around the capabilities of BDSA. When considering BDSA solutions, analysts need to carefully evaluate these capabilities and determine whether their organizations' needs for detection of attacks on the inside and incident response are being met. In this slideshow, John Dasher, vice president of marketing at Niara, a cybersecurity company focused on Big Data analytics, has identified six common myths to consider when deploying BDSA solutions.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.