With the emergence of advanced sustainability attacks and the increasing complexity of malicious software, enterprises urgently need a flexible technology and scheme that breaks through the traditional information security model to deal with the ever-changing security threats in the future. Big data has completely changed the information security industry. Intelligent-driven security strategy based on big data analysis will help information security practitioners regain their vigilance and time advantage, so as to better detect and defend advanced network threats.
Information security is facing challenges in the era of big data.
In the era of big data, ubiquitous intelligent terminals, online network transmission at any time, and frequent social networks make the Internet generate massive data all the time. With the generation, storage and analysis of more and more data, there are a lot of economic and political interests hidden behind these massive data. Big data is like a double-edged sword. While we enjoy the accurate information brought by big data analysis, the security problems it brings have also become hidden dangers for enterprises.
1, the hacker's more obvious target: in cyberspace, big data is a big target that is easier to be "discovered". On the one hand, big data means massive data, and it also means more complex and sensitive data, which will attract more potential attackers. On the other hand, the massive collection of data enables hackers to obtain more data after successful attacks, which invisibly reduces the attack cost of hackers and increases their "yield".
2. Increased risk of privacy leakage: The collection of a large amount of data inevitably increases the risk of user privacy leakage. On the one hand, the centralized storage of data increases the risk of leakage, and these data are not abused and become a part of personal safety. On the other hand, the ownership and use rights of some sensitive data are not clearly defined, and many analyses based on big data do not take into account the personal privacy issues involved.
3. Threatening existing storage and protection measures: Big data storage brings new security problems. The result of data concentration is that complex and diverse data are stored together, and it is likely that some production data will be placed in the storage location of business data, which will lead to non-compliance in enterprise safety management. The size of big data also affects whether security control measures can operate correctly. The update and upgrade speed of security protection means can't keep up with the nonlinear growth of data volume, which will expose the loopholes of big data security protection.
4. Big data technology has become a means of attack for hackers: While enterprises use big data technologies such as data mining and data analysis to gain commercial value, hackers are also using these big data technologies to attack enterprises. Hackers will collect as much useful information as possible, such as social network, email address, Weibo, e-commerce, telephone number, home address, etc. Big data analysis makes hackers' attacks more accurate. In addition, big data also provides more opportunities for hackers to launch attacks. Hackers use big data to launch botnet attacks, which may control millions of puppet machines and launch attacks at the same time.
5. Become the carrier of advanced sustainable attacks: Traditional detection is real-time matching detection based on the threat characteristics of a single point in time, while advanced sustainable attacks (APT) is an implementation process, which cannot be detected in real time. In addition, due to the low density of big data, it is difficult for security analysis tools to focus on value points, and hackers can hide attacks in big data, which makes the analysis of security service providers very difficult. Any attack set by hackers that will mislead security vendors to extract and retrieve target information will lead to security monitoring deviating from its proper direction.
6. The information security industry is facing changes: the arrival of big data has also brought new opportunities for the development of the information security industry. Security vendors who don't realize this change will be abandoned in the tide of this change. Big data provides new possibilities for security analysis. In the future security architecture system, the original divided security products can be effectively integrated into different security intelligent nodes through big data intelligent analysis, which will be the focus of research breakthroughs in the security industry in the era of big data.
Prospect of the Future Trend of Big Data Security
According to MacDonald's prediction, by 20 16 years, 40% of enterprises (mainly in banking, insurance, medicine and national defense industries) will actively analyze at least 10TB data to discover potential dangerous activities. However, the product pattern of suppliers cannot be changed in a short time. Nowadays, enterprises usually rely on SIEM system to correlate and analyze security-related data. MacDonald said that the current SIEM products cannot handle such a large workload. Most SIEM products can only handle standardized data, but some SIEM products can handle a large number of original transaction data, but they cannot provide real-time intelligence information.
Gartner analysts said that using "big data" to improve enterprise information security is not entirely hype, which will become a reality in the next few years. Big data will bring a new way of working for security teams. By understanding the advantages of big data, setting realistic goals and using existing security technologies, security managers will find that their investment in big data is worthwhile.
Hu Jun, general manager of RSA Greater China, said, "Big data will drive directional changes in the security industry, and security and data will interact to promote future development. Today's security requires more comprehensive and extensive visibility, agile analysis, actionable intelligence and scalable infrastructure. "
We can see that big data security has become an irresistible trend. In the future, big data security will become a hot spot in the industry, whether from the perspective of business needs or industrial technology. In this feast of big data security, there will inevitably be new and old replacements and innovations. Let's wait and see!