Mark Bregman, Chief Technology Officer at NetApp, believes 2017 will be about capitalizing on the value of data. The explosion of data in today’s digital economy has introduced new data types, privacy and security concerns, the need for scale and a shift from using data to run the business to recognizing that data is the business.
Off-line data analytics and threat hunting become endless money pits, says Gunter Ollmann of Vectra Networks. “We’re told, and we observe, that each year our corporate data doubles. That power-of-two exponential growth, after merely four years of storing, mining, and analyzing logs for threats, means a 16-fold increase in overall costs — with an accompanying scaled delay in uncovering past threats.”
Cybersecurity will be the most prominent big data use case, says Quentin Gallivan, CEO of Pentaho, a Hitachi Group Company. As with election polls, detecting cybersecurity breaches depends on understanding complexities of human behavior. Accurate predictions depend upon blending structured data with sentiment analysis, location and other data.
This then opens another door for hackers. WatchGuard’s Nachreiner says attackers will start leveraging machine learning and AI to improve malware and attacks.
“In the past few years, cyber security companies have started leveraging these technologies to help defend our organizations. One of the big problems in infosec today is we are too reactive, and not predictive enough when it comes to new threats. Sure, once we recognize a piece of malware or a new attack pattern, we can design systems to identify and block that one threat, but hackers have become infinitely evasive. They have found techniques that allow them to continually change their attacks and malware so regularly that humans and even basic automated systems can’t keep up with the latest attack patterns. Wouldn’t it be great if we had technology that predicted the next threats instead?,” he says.
Machine learning can help us do just that. By feeding a machine learning system a gigantic dataset of good and bad files, or good and bad network traffic, it can start to recognize attributes of “badness” and “goodness” that humans never would have noticed on their own.
“Next year, I expect the more advanced cyber criminals to start somehow leveraging machine learning to improve their attacks and malware," he says, adding that today, both good and bad guys have easy access to open source machine learning libraries like Google’s TensorFlow.
The security community as a whole will utilize big data more effectively in order to identify trends and threats, predicts Matt Rodgers, head of security strategy at E8 Security. “Organizations have the information they need, but they cannot find it. In 2017, companies will start looking at their data sets through advanced analytics to identify trends and risks. Big companies are already starting to augment their existing SIEM technology with behavior analytics capabilities to this end,” he says.
Sign up for Computerworld eNewsletters.