SAS is connecting the dots between cybersecurity, big data and analytics at this week’s SAS Global Forum Conference in Dallas. The effort includes new research plus a SAS Cybersecurity platform that will debut sometime in Q3 2015.
“SAS Cybersecurity correlates and analyzes billions of daily network transactions with business contextual information across the organizations, such as asset data, functional business role and existing security alerts,” according to a prepared statement from SAS. “It optimizes, then analyzes, data in real time to capture a continuous picture of active security risks. This comprehensive view of normal versus abnormal activity helps an organization sustain its information advantage over attackers.”
The Big Picture
SAS’s cybersecurity push arrives as much of the IT industry rethinks its overall approach to data and infrastructure protection. A seemingly endless stream of hacks — involving Anthem, Home Depot, Sony, Staples and Target, just to name a few — has made IT security a front-of-mind concern for businesses, governments and consumers. CEOs and boardroom leaders, meanwhile, have been scrambling to understand and address the new threat landscape.
Amid all those hacks and setbacks, the IT security industry must concede that it has not met the overall needs of customers, Amit Yoran, president of EMC Corp.’s RSA unit, conceded last week.
Analytics for IT Security
Big data and predictive analytics could fill the void, SAS and many other data-driven businesses assert. But the analytics solution also introduces its own set of challenges. Chief among them: 40 percent of IT managers say their security products don’t import threat intelligence data from other sources, according to a study from Ponemon Institute. Moreover, 86 percent of respondents said detecting cyberattacks takes too long, and 85 percent weren’t prioritizing incidents, the study said.
Not by coincidence, the SAS Cybersecurity platform has a proactive design. SAS claims the platform “provides an accurate, prioritized list of network devices exhibiting risky behavior that requires immediate investigation. This greatly reduces the number of alerts, ensuring the most efficient use of the security operations center’s (SOC) time and resources.”
SAS did not disclose pricing or exact availability for the platform, stating only that it would arrive in the fall of 2015.
IDC and SAS further describe the challenges — and potential solutions — in a new white paper: “Big Data and Predictive Analytics: On the Cybersecurity Front Line.”