Page 1 of 2
Big data security analytics could be the foundation of a new, more agile security model, catching up to cybercriminals hell-bent on stealing information, taking down corporate networks or penetrating and disrupting critical infrastructure facilities, said Art Coviello, executive vice president of EMC and executive chairman of RSA, EMC's security division.
Kicking off the 2013 RSA Conference in San Francisco, Coviello told thousands of attendees that integrating powerful analytics on internal security and business data and external threat intelligence information is only just emerging, but over time it could help businesses gain new insight into attacks targeting their systems. It could help businesses keep pace with attackers and some well-funded cybercriminal groups, he said.
"As of now we are only at the dawn of big data," Coviello said. "Big data truly has the potential to transform our lives for the better, our health, environment and livelihoods; almost every aspect of our daily lives."
[Related: 8 Ways Big Data Will Change Our Lives]
A unified, intelligence-driven security architecture would offer true defense in depth, Coviello said. The model depends on an emphasis on threat-intelligence sharing by security vendors, government agencies and businesses, he said.
"I'm not talking about perfect security," Coviello said. "I'm talking about a model that evolves and learns from change -- a model that allows us to detect attacks quickly and respond quickly, a model based on big data."
Coviello and other security executives here are hitting the ground talking up the recent string of data breaches, punctuated by the targeted attack on The New York Times and other breaches, many of which are the result of stolen account credentials. In addition to financially motivated cybercriminals out to steal credit card data and other sensitive data, hacktivists are attempting to disrupt networks, and targeted attackers are out for intellectual property, Coviello said.
Nation-state driven attacks are also a serious concern, Coviello said. A recent report from security incident response firm Mandiant connected more than 100 attacks globally to a single hacking group based in China, with evidence linking it to the Chinese government. The report said there could be up to 20 such groups.
Meanwhile, the federal government is attempting to lay the groundwork to gain better visibility and control over the security of critical infrastructure facilities, the vast majority of which are owned by private networks. Coviello warned that while the risk is low, attacks on digital systems that result in physical destruction will no longer require manual intervention.