Security measures and data analytics don’t always seem like a natural fit. On one hand, there’s an easy overlap: a host of available data from possible security breaches and responses. But there’s also a mismatch. Security threats are constantly evolving, which puts typical tools at a disadvantage. Can analytics really beat the breach?
According to Ray Boisvert, president of I-Sec Integrated Strategies, in a recent Tech Target article, “most generals fight the previous war. We’re seeing the same thing in cybersecurity.” As C-suite executives discover that firewalls and more traditional defenses don’t work, the key is making analytics-driven cybersecurity “the heart of your business. Look at it as an entire enterprise approach.”
Even still, companies are often reluctant to marry security and analysis—if firewalls are “good enough” and there’s a real risk of getting an analytics product that won’t live up to the hype, security analytics might be too much of a risk for too little return.
Unless, of course, it’s done right.
As noted by Health Data Management, there are measurable benefits to the right security analytics solution. Using both internal and external data, says Ken Bradberry of Xerox Commercial Healthcare, can give companies the heads-up about a breach as it happens, providing time to mitigate and repel the attack. How? Visual Analytics for intrusion and detection that spot “broken patterns.” These patterns could be anything from rogue user IDs to odd file movements or strange permission requests. The goal is to create awareness: even if an activity is revealed as benign, knowledge allows companies to take proactive steps, in turn mitigating or avoiding damage altogether.
The bottom line? Security tools and analytics may not be fast friends, but offer real benefits when used together. Beating the breach is about more than firewalls and virus scans—real-time, behavior-based analytics provides the insight necessary to correlate suspicious activity and respond before network walls come down.