Applications of Analytics in Cybersecurity

Applications of Analytics in Cybersecurity
on 19 Sep 2018 12:29 PM
  • Rang Technologies
  • Cybersecurity

We live in a world where technology and the use of technology is growing and changing at an
unimaginable pace. The number of users for Internet, Wi-Fi, Bluetooth devices, smart devices like
smartphones, televisions and wearables are increasing with the minute. Just to have a small idea of the
amount of data being generated, lets look at the Data produced every minute in 2017:

• 455,000 New Tweets
• 510,000 Comments and 293,000 Status Updates on Facebook
• 400 Hours of Video uploaded on YouTube
• 3,607,080 Google Searches
• 186,000,000+ Emails sent

The amount of data that is generated and captured by such vast use of technological devices is
unprecedented. This brings the challenge of securing this data for the customer privacy, as well as from
the business point of view, to survive in the cutthroat competition in the market.
Cybersecurity is the protection of computer systems from theft of or damage to
their hardware‚ software or electronic data&‚ as well as from disruption or misdirection of the services
they provide. Cyberthreats have evolved with the everchanging and evolving technology market.
Different types of cyberthreats have been identified and classified:

• Ransomware is a type of malware that involves an attacker locking the victim's computer system
files --typically through encryption -- and demanding a payment to decrypt and unlock them.
• Malware is any file or program used to harm a computer user, such as worms, computer viruses,
Trojan horses and spyware.
• Social engineering is an attack that relies on human interaction to trick users into breaking
security procedures in order to gain sensitive information that is typically protected.
• Phishing is a form of fraud where fraudulent emails are sent that resemble emails from
reputable sources; however, the intention of these emails is to steal sensitive data, such as
credit card or login information.

Cybersecurity requires careful planning and coordination across an information system, which includes:

• Network security
• Information security
• Application security
• Operational security
• Disaster recovery
• Client/End User education

At the core of Big Data analytics in cybersecurity rests the approach of improved detection. Detection
must be able to identify changing use patterns; to execute complex analysis rapidly, close to real time;
to perform complex correlations across a variety of data sources ranging from server and application
logs to network events and user activities. This requires advanced analytics along with modern concepts
of AI and machine learning that can collect, store and analyze huge amounts of security data across the
whole enterprise in real time.

The IT industry has reached a point where big data handling frameworks like Apache Hadoop and
powerful analytics tools and languages have been commoditized making it possible to combine real-time
and historical analysis and identify new incidents that could be related to others that occurred in the
past. The information provided by external security intelligence sources along with the historical data
and the real time data that is captured, can be analyzed to identify ongoing cyber-attacks on the
network.

Modern big data security analytics solutions provide multiple automated workflows for responding to
detected threats, such as disrupting clearly identified malware attacks or submitting a suspicious event
to a managed security service for further analysis. Automated controls for cyber security and fraud
detection have been identified as one of the key business drivers for future adoption.