Big Security: the larger canvas

Big Data is widely used for security purposes, especially in the banking sphere. However, the amount of security-related data causes an issue of its own.

We’re proceeding with our Big Data Week, a series of posts dedicated to usage and security of larger amounts of data.

Published so far:

  1. What’s so big about Big Data
  2. Big Deal: when Machines know better
  3. Big Data vs. Big Fraud

And it will be continued.

Banks and financial organizations traditionally relied on security information and event management (SIEM) systems, those provided real-time analysis of security alerts generated by network hardware and applications. These systems used to work well until really Big Data arrived.

 

 

With increasing number of various detection, surveillance and monitoring systems, the amount of data they generate grows – well, “wildly” is perhaps the most appropriate word. For instance, last year’s Computer Weekly article stated that Barclays bank’s systems generated 44 billion security events monthly, estimated to be up to 65 billion by the end of the 2013. Currently there may be much more. Which makes even storing this amount of data (not saying anything about sifting it through) a problem on its own.

And the traditional SIEM used in Barclays before proved to be useless when it had to deal with measly” 500 million events. 500 million vs. 65+ billion. Quite a difference. 

The bank switched to a Big Data solution, capable of crunching all those grandiose amounts of security events, and there was no other way. As mentioned in the previous post, fraudsters learn fast and read the same books as the white-hat security and Big Data experts. In order to keep uncovering their tricks successfully the defensive “machinery” must be kept up-to-date so that nothing flew under radar or slipped through the small breach in the fence. And that most likely means further investments and further increase – and a dramatic one – in the amounts of data to be handled.

Barclays’ approach is by no means unique: lots of entities use analytic tools to sift through huge amounts of data in order to detect suspicious patterns and prevent bad things from happening. Actually, we have our own system of this kind – Kaspersky Security Network that empowers our antimalware solutions, speeding up the distribution of data on new malware and cyberattacks.

Equally common is the problem with the ever-increasing amount of data – actually it’s plaguing entire IT industry today. Hence – cloud solutions, map-reduce algorithms, and, ultimately, small town-sized data centers that could use their own nuclear power plants to run.

But having a “big picture” is worth it (or at least considered so): the larger the picture, the higher the resolution and the more details (patterns and relations either) become visible. Including those related to cybercrime and fraud. 

A successful fraudulent transaction may cost the bank much, much more than heavy investments into Big Data-based security systems.

Securing the Big Data itself, however, is another challenge. We’ll talk about it in the next post. Stay tuned!

Big Data Week

<< Previous post | Next Post >>

Tips