IBM has focused its strategy on data management and analytics, said Scott Crawford, research director at Enterprise Management Associates. Crawford said he would expect the company to build security analysis tools specifically purposed to environments such as Hadoop. "Given the importance of investigation to security operations in many enterprises, I would expect IBM to address that need directly," he said.
Forrester's Kindervag likens big data warehousing systems to a "garage that IT built for the business to throw stuff into." A lot of the data is never going to be used again, he said. In addition, maintaining large warehouses of data poses the problem of how to ensure the information is well protected so it isn't stolen, he said.
"Right now we're at the honeymoon between the business and big data and pretty soon the business is going to learn that big data is going to have big problems that didn't show up in the courtship," Kindervag said.
Another challenge both IBM and RSA face with their new security analytics capabilities will be the need to build better automated statistical analysis and visual mapping to keep data correlation and analysis in the background, Kindervag said. Eventually organizations will be able to do more predictive threat modeling, finding weak points where exploitation is likely, but the systems will always have the problem that there is a certain randomness to attacks, Kindervag said.
"This is only going to be valuable if the reporting engine is good enough to give you some actionable results with fairly minimal effort," Kindervag said. "Most companies can't afford those kind of high-paid, mathematical whiz-kid genius staffers needed for big data analysis."
PUBLISHED JAN. 31, 2013