DataVisor – is Big Data helping, or harming, online security? (v2)

by Maria Ilie, Andrei Nicolae, Maria Ficiu and Matei Butucescu

Recent Concerns in Online Security

16 days- that’s the average time a cyber threat can exist on a government network before being detected [1]. Considering the sensitive data that is stored on their servers, the mean response time of these government agencies is concerning. Government agencies aren’t the only likely victims: from small start-ups to tech giants such as Yahoo and Sony Pictures, it seems no one is immune to cyber-attacks. High-profile hacks hurt companies in more way than one, from stealing sensitive customer data to shaking the employees’ confidence in their company. It is no surprise then that budgets for cyber security have increased and more and more specific service providers have emerged.

To add to the traditional types of vulnerabilities (servers, web-sites, etc), with the emerging Internet of Things (IOT) sector, both the number of threats, and their impact, is set to substantially increase. As can be seen in the below picture, any new device that can connect via Wi-Fi or Bluetooth has the potential to be used for nefarious purposes. Devices that have a GPS such as health bands can be used to track your location, any digital lock (such as smart home locks) can be unlocked, and any type of data can be tracked by third parties. This means that the stakes for security companies are much higher now: being hacked no longer means just losing your password or having money taken from your account- attackers could go as far as entering your house or tracking your every move.  This means that, as IOT evolves, so will cybersecurity have to expand as a field.

screen-shot-2015-04-29-at-1-49-13-pm

Where does Big Data come into play?

The main issue with processing vulnerabilities is incomplete data. Government agencies, as well as most small and medium companies, don’t have the time or resources to process all the security information that they have. In order to detect unusual activity without suspending all other activity (for instance, like if you went abroad, paid for something by card, and then got your card blocked by your bank because they detected suspicious activity), many different patterns of behavior have to be taken into account. Furthermore, it’s hard for government agencies to keep up with the industry security standards, as most companies themselves don’t do so. Cloud storage providers such as Microsoft pride themselves with being one of the only companies that fulfill all the security requirements and even create new ones, which means that most other companies aren’t as up to date. Security analysts are in consensus when they say that big data security companies will be crucial to fix these issues[2].

Among other problems (see below), inadequate staffing and tools were mentioned as reasons against using big data in cyberdefense. DataVisor solves this problem by offering big data-based cyberdefense as a service, so security becomes a operating expense rather than a capital expense (changes from CAPEX to OPEX). This means that instead of governments having to continuously pay for designated security staff and resources, they can just use DataVisor as consultants, who, through having multiple contracts, can afford to train their staff and stay up to date with all the latest demands of the field.

 

why-not-big-data

By outsourcing their security issues to companies that use big data analytics efficiently, any organization storing sensitive data can benefit from the aforementioned economies of scale, but there is also another main advantage. By serving so many different types of customers, companies such as DataVisor have far vaster datasets, and come across a wide range of problems that a small company wouldn’t encounter as frequently.

Why DataVisor?

Value Proposition

DataVisor is a cybersecurity company that uses big data and machine learning to help its customers find malicious accounts and prevent attacks, fraud and account takeovers [3]. Its platform can analyze billions of events per hour, and detects threats in real time- far better than the 16 day industry average. The quality of data analytics increases directly proportional with the size of the dataset, and with DataVisor having analyzed over 5 billion events to date, it’s easy to see the advantage over trying to analyze the data yourself.

Customer-facing online services such as Facebook and Snapchat have seen a rapid expansion lately with the dawn of the “billion user era”. Companies now have far more users than ever before, which also means increased responsibility for those users’ data. Furthermore, cyber-attackers are leveraging this growth by “creating armies of fake and compromised accounts to hide in the shadows and conduct fraud against banks, web sites and mobile apps” [3]. DataVisor helps detect over 500,000 such accounts every day.

Customer Relationships

A barrier for government agencies and small companies to implement big data solutions is its lack of resources to convert the data. Raw data isn’t useful if it’s not transformed into the right format, and transforming it takes time and effort. DataVisor is cloud-based and does all the needed data transformation for its customers, so the customers’ input is minimum, which makes it extremely convenient to use [3].

datavisor

With government agencies and start-ups often being understaffed, it’s easy to see why, if cyber-security consultancies would require too big of a time investment, they wouldn’t be used. DataVisor requires minimum to no user input in terms of interpreting the data that is given, so this makes it an easy choice for customers.

Opportunities

With the expansion of the IOT scene, DataVisor and other cybersecurity companies’ scope will increase, and as DataVisor offer the type of service that pertains to small companies and government agencies, a great opportunity for them will be to expand into this area. For instance, there has been much debate around police officers wearing body cameras. Should the data transmitted from these cameras be intercepted by a third party, footage of people being questioned by the police or arrested could be leaked online, or individual police officers’ locations could be tracked.Or, on the other hand, a small sensor company’s hacking could mean that a promising new invention is stopped in its tracks by a loss of reputation. DataVisor could help in both cases with the detection of unusual transmission of data to third parties.

Threats

With the increase in work opportunities will also come an increase in stakes. Unlike in a classic data breach scenario, where the only negative consequence is loss of company reputation, as security will start to touch more and more aspects of human life, a hacking could mean the loss of human lives. In this case, if DataVisor falls behind the attackers in terms of innovation, it faces immediate bankruptcy. However, as the number of companies in need of cyber-security increases and more and more companies turn to DataVisor, its resources would also increase in order to keep up with the demand.

Privacy concerns

One of the listed causes for the lack of use of big data in security analysis is privacy concerns. If we consider that security firms can be themselves subject to vulnerabilities, the consequences of a data leak can be devastating.

The disadvantage of outsourcing is that if one supplier fails, all the companies depending on that supplier also suffer. If DataVisor were to get hacked itself, the data of many different companies would get leaked, and the attackers would get an insight into the fraud-detection algorithms that the company uses. Security companies are often the target of cyber attacks for specifically this reason, but it is their responsibility to stay one step ahead of the hackers.

In the end, as with physical security, no form of protection is infallible, but as the stakes grow higher and higher in the digital space, it is our collective responsibility  to ensure that every innovation comes with appropriate security protocols against abuse.

 

References and bibliography

Images:

Featured image: DataVisor. Retrieved from: https://datavisor.com/

Why companies don’t use big data image:https://www.microsoft.com/

IOT vulnerabilities image:https://www.pubnub.com/wp-content/uploads/2015/04/Screen-Shot-2015-04-29-at-1.49.13-PM.png

Secure cloud image: http://www.all-internet-security.com/wp-content/uploads/2015/08/Security_IoT.jpg

Text references:

[1] How big data analytics can improve cybersecurity. Retrieved from  http://www.bsminfo.com/doc/how-big-data-analytics-can-improve-cybersecurity-for-your-government-it-clients-0001

[2]How data can help improve cyber security efforts. Retrieved from http://kognitio.com/big-data-can-help-improve-cyber-security-efforts/

[3] Datavisor. Retrieved from https://www.datavisor.com/product/

Using big data to defend against cyber security threats. Retrieved from http://www.csc.com/cybersecurity/publications/93325/104033-using_big_data_to_defend_against_cyber_security_threats

The use case for big data and security analytics. Retrieved from https://securityintelligence.com/the-use-case-for-big-data-and-security-analytics-an-interview-with-ben-wuest/

Cybersecurity is the killer app for big data analytics. Retrieved from http://www.csoonline.com/article/2942083/big-data-security/cybersecurity-is-the-killer-app-for-big-data-analytics.html

Big data advancing cybersecurity. Retrieved from https://www.solutionary.com/resource-center/blog/2016/02/big-data-advancing-cybersecurity/

The future of cybersecurity. Retrieved from http://www.computerworld.com/article/2893656/the-future-of-cybersecurity-big-data-and-data-science.html

Microsoft report: Enhancing Cybersecurity with Big Data: Challenges & Opportunities. Retrieved from http://www.microsoft.com/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s