Big Data Could Bolster Security Models, But It's Early: RSA Chairman


Distributed denial-of-service (DDoS) attacks, which have been targeting many U.S. financial institutions, have the potential to be ramped up, causing more of a serious problem than the risk posed by potentially destructive attacks against critical infrastructure, Coviello said. Experts are predicting an escalation on such attacks. Economic losses would be severe or even catastrophic, he said.

"The escalation is about the source and severity with which they are being carried out," Coviello said. "Disruptive attacks will be the prelude, the pathway to destructive attacks."

Using threat intelligence on top of security data has been the central message coming from RSA and many of its competitors. Both RSA and IBM made announcements integrating the Hadoop big data analytics framework into their security products. RSA is integrating the Hadoop with its NetWitness network monitoring and EnVision security information and event management appliances. Both security firms acknowledged that the emerging technology only will be used by a handful of early adopters.

This week, RSA also announced an expanded partnership with Juniper Networks in which the networking security vendor will provide its new threat intelligence global hacker database service to the RSA Live threat intelligence feeds.

Juniper Networks announced its new global hacker database, which is being created by using a technology that fingerprints attacker devices rather than their IP address. The Junos Spotlight Secure, announced at the conference, is based on the Mykonos Software technology that Juniper acquired last year. RSA also partners with Juniper in mobile interoperability testing to enable the firm's mobile authentication technologies to support Juniper's SSL product.

Following Coveillo's keynote presentation, one information security executive at a Fortune 1000 company called the approach being advocated by Coviello and others extremely promising but also potentially dangerous if big data repositories fall into the wrong hands and are abused by dangerous people. "It's everything we've been talking about for years and it's slowly coming to fruition," he told CRN, declining to give his name. "But it comes with serious implications if the wrong person is controlling that data."

Coviello and other RSA executives call the announcements, and many like it from other security vendors at the conference, the beginning stages of changing the way security is applied at organizations. "It's about using the massive amounts of data being collected to make better decisions," he said.

"We need to recognize that this is the trend line that we are working on and that it all means we need to take a much different approach to security," Coviello told reporters at a press conference Monday. "A couple of years ago we talked about a reactive approach; now we're talking about an intelligence-driven approach. Some of you will be cynical about whether, or if, we will be capable to carry this out, but my job is to do the best we can to provide this kind of capability."

PUBLISHED FEB. 26, 2013