Organisations have been advised that they should “collect and analyse everything” they can when it comes to big data security.
This is the recommendation that arose from analysis of a report by ESG Global, with the author Jon Oltsik noting that big data, cheap storage and cloud-based storage services are “changing the game” when it comes to security analytics and data recovery.
A poll by the IT research firm discovered that when it comes to the most important type of data for detecting and analysing malware, security professionals believe it to be firewall logs.
Almost half (42 per cent) those questioned selected this as a key source of information in this area, followed by 28 per cent who opted for IDS/IPS alerts, 27 per cent who selected PC/laptop forensic data, 23 per cent citing IP packet capture and 22 per cent saying server logs, according to the ESG Advanced Malware Detection and Protection Trends report.
However, Mr Oltsik declared the list “has ‘old school’ written all over it” as companies are no longer constrained by analytics platforms and the cost of storage. He urged organisations to incorporate big data capabilities into their cybersecurity strategies as soon as possible.
In a blog post for ESG, he claimed “sampling security data is no longer adequate or necessary” and urged chief information officers to alter their mindsets and embrace new technology in a mobile device and user world rather than relying on an outdated data security hierarchy.
The ESG senior principal analyst pointed to big data security analytics platforms as offering the tools to analyse everything, but he also cautioned that global cybersecurity skills shortages could hamper efforts and stressed the importance of scanning rather than retaining all data collected.
Mr Oltsik’s remarks are echoed by recent comments made by vice-president of professional services at Avecto Andrew Avanessian in which he declared there is an increasing disconnect between perception of business-critical risks and the actuality of potential dangers regarding data breaches.
He urged firms to do all they can to ensure they prevent such incidents by adopting a more comprehensive approach than previously, ITProPortal reported.