BAE Systems advocates a Big Data approach to cyber security analytics as the volume and variety of data from cyber security monitoring continues to grow.
We were an early adopter of applying Big Data analytics tools and methods to cyber security analytics, building on our analytics and technical expertise, as well as experience in related fields of fraud detection and intelligence analysis.
There are significant benefits to be realised from applying Big Data to security analytics in terms of efficiency, scalability and cost effectiveness. However a well-planned, incremental and well mitigated approach is key to success.
"There are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again."
Robert S Mueller III,
Former Director of the FBI
Implementing a Big Data solution for security analytics can be a significant challenge without the proper design and planning. From our experience, the key issues include:
- People with skillsets in Big Data engineering, data science and cyber security are scarce;
- The technologies are emerging and complex;
- There is no shortage of vendors promising to solve all your security analytics challenges;
- There needs to be a compelling business driven case that clearly defines the goals and business benefits that your Board will prioritise.
In this paper we explore key considerations such as: Building your business case, Considering market risks, Choosing the right technology and Lessons learned from our own experience of implementing Big Data (specifically Hadoop-based) cyber security analytics solutions.