Page 2 of 2
The report's authors also dismiss point security products, calling on organizations to create a unified security architecture. It dismisses static analytics tools based on threat signatures or network boundaries, and calls on organizations to look for tools that are flexible and scalable to adapt to corporate infrastructure and threat landscape changes. It also calls for the addition of external threat intelligence services.
"Organizations need to think strategically about which security products they will continue to support and use over several years, because each product will introduce its own data structure that must be integrated into a unified analytics framework for security -- or deliberately omitted as a potential blind spot," according to the report.
Despite readying security systems and the IT architecture the report does, however, warn about a major hurdle: A shortage of skilled analysts needed to perform statistical analysis. It warns that emerging security technologies will be powerful enough to provide deep analysis into the data, but security teams may not be ready for the data science skills necessary to perform the analytics.
"Security leaders should consider adding data scientists to their teams," according to the report's recommendations. "Specialists will not only need to manage the organization’s big data capabilities efficiently, but they will also need to understand business risks and cyberattack techniques in sufficient depth to develop analytical models that detect, and even predict, illicit activities," according to the report.
RSA's Schwartz admits that organizations will have some major challenges ahead to make big data analytics a reality. It can become a reality beyond large organizations with the available cash and staff to invest in such systems. It's going to take VARs and distributors to set this up in the midmarket, and managed services could help provide the skilled staff necessary to do the analysis, Schwartz said.
"We must work to take away the limits and also the new skill sets needed on both the vendor side and on the security team side," Schwartz said.