Using Big Data to Identify AnomaliesInstigating SIEM Process with Massive Amounts of Information
"Big data not only allows you to collect the data, but also relate it to security events that you're looking for," Ostergaard, research director for business networks and IT services at the IT advisory firm Current Analysis, says in an interview with Information Security Media Group.
Combined with security information and event management (SIEM) tools, big data can help organizations identify vulnerabilities.
Because of an exponential increase in data most organizations handle, corporate and IT security folks just don't have the bandwidth to spot every vulnerability and threat. "Frankly," he says, "I'm a corporate guy and I don't really have the bandwidth to do all this. Then, big data comes along and we can actually instigate a SIEM process. We basically look for these anomalies. We look for the traffic that's going off to India at 2 o'clock in the morning. We look for the people who are accessing a lot of data just prior to leaving the company.
"Those kinds of events are what we're looking for. That's where big data and data analytics - which is sort of the aspect of actually using big data to analyze it - are making a difference."
In the interview, Ostergaard:
- Defines big data.
- Explains how big data help organizations react faster to threats.
- Explain how big data work with organization's governance-risk-compliance policies.
Big data, as Ostergaard notes, is hot, and using tools to analyze massive amounts of data in a variety of forms is being employed to identify trends that can help organizations to accomplish their goals.
Ostergaard joined Current Analysis in 2005 and before his current assignment, managed the company's European telecommunications business and consumer service modules. Before joining Current Analysis, he served as vice president and research director at Forrester Research in charge of European telecoms and networks research. Earlier in his career, Ostergaard advised and analyzed the European telecoms for IT advisers Giga Information Group and the Meta Group. Aarhus University in Denmark awarded Ostergaard a master of science degree in political science.