When it comes to protecting the enterprise, cyber security professionals are caught between the proverbial rock and a hard place. On the one hand, they face a constantly rising number of threats from a constantly changing threat landscape. On the other, they’re handicapped by a severe and rapidly growing shortage of trained cyber security personnel to help them respond to threats.
And, as we all know from the nearly daily reports of major data breaches and ransomware attacks, it doesn’t make for a pretty picture.
Their challenge is even more acute due to the amount of data they collect. Enterprise security teams are drowning in it. According to one survey, the average enterprise security operations center (SOC) encounters more than 10,000 alerts per day.
When it comes to protecting the enterprise, cyber security professionals are caught between the proverbial rock and a hard place.
Meanwhile, the International Information System Security Certification Consortium (ISC)2, a non-profit organization that specializes in the training and certification of cyber security professionals, estimates that there is a shortage of more than four million trained cyber security professionals worldwide, an increase of more than a million over 2019. The number includes more than 560,000 unfilled positions in North America alone. Even more eye-catching, the same (ISC)2 report reveals that nearly 80 percent of security professionals polled said their existing teams need more training and resources to be effective.
Way too much data. And organizations, large and small, with far too few assets, expertise, and resources to handle the threats hiding in that ocean of information. If organizations don’t have the resources to know what they need to know, how do they understand where their risks are? How can they remedy the situation so that they can identify, prioritize and remediate risk?
Turning Data Into Information
Fortunately, there is a solution: augmenting enterprise security staff resources with the science and technology of data analytics. And specifically, risk analytic models that focus data science on understanding and prioritizing the true risk to an organization so that enterprises can focus their limited resources where they’re most needed. For enterprise SOCs, risk analytics is a game changer that gives them the tools they need to do more with less.
Data is not information. Data are facts and figures that, by themselves, may be useful but not necessarily valuable. They require additional context and data relationships to become useful and valuable to understanding what they mean. Information is what results when that data is processed and becomes meaningful. For example, many enterprise organizations deploy security information and event management (SIEM) solutions. These popular tools do an excellent job collecting log and event data but lack the capability to process and analyze the data they collect.
Fortunately, there is a solution: augmenting enterprise security staff resources with the science and technology of data analytics
But now, new risk analytic platforms like Symantec, a division of Broadcom (NASDAQ: AVGO), Information Centric Analytics (ICA), can take the network, endpoint and other data collected and make it meaningful so that information security teams can identify their areas of greatest risk and take the necessary actions to manage it.
Risk analytics takes the data collected, weaves it all together, and analyzes it from a variety of different perspectives. It allows an organization to create a narrative about what’s really going on in their computing environment. The goal is to identify and prioritize an enterprise’s top cyber security risks, prioritize those risks based on likelihood and impact to the organization, and if a potentially substantial risk is uncovered, provide the supporting information for human analysts to vet the identified risks or orchestrate automated actions to control it.
Boiling the Ocean
Risk analytics help organizations quickly identify, prioritize and remediate risk by looking at risk in several different ways. It enables organizations to quantify the risk possibility of everyone in their organizations, scoring them by their risk potential and their normal workplace behaviors. By doing risk analytics, not only can organizations determine the chance of a data loss incident from a malicious insider but pinpoint exactly who that person could be.
As so many organizations moved to working remotely due to the pandemic, never has the need for organizations to understand their risk been more important. Employees at every level are now working from home on an unmanaged device. That’s a risk. They are logging in from who knows where and an unknown network. That’s a risk. They are working at any hour. That’s another risk.
Risk analytics platforms like Symantec ICA give them the help they need by boiling down the ocean so that they can deal with what they need to deal with first, fast, and effectively in order to put the odds in their favor.
All of these actions exponentially raise the risk for every organization, but they also tell a story risk analytics can weave together. The individual segments of that story may not mean anything by themselves. After all, everyone is basically working remotely from somewhere. But if that employee is supposed to be in California and logs in from a location overseas just minutes later, risk analytics will immediately flag it for your SOC for further action.
Cyber security professionals are drowning in an ocean of data. Risk analytics platforms like Symantec ICA give them the help they need by boiling down the ocean so that they can deal with what they need to deal with first, fast, and effectively in order to put the odds in their favor.
We encourage you to share your thoughts on your favorite social platform.