Data Analytics Tools to Prevent Cyber-Attacks

Big data analytics will help utilities to create a more robust IT defence mechanism.
Published: Fri 31 Jan 2014

While data analytics has the ability to maximize profits in today’s competitive global markets, it also has the ability to strengthen IT and critical infrastructure security.

Today, utilities have access to a lot more data than before, thanks to the development in technology such as smart meters. In order to safeguard this data and protect it from cyber attacks, utilities should adopt the latest defence mechanisms.

Traditional methods not as reliable

Traditional defence methods can no longer be relied upon as they are incapable of combating today’s cyber threats. This is according to Neil King, VP security analytics at Big Data analytics specialist, Guavus, who explains that traditional security approaches are unable to cope with very large data sets and handle many sources. He says that this can prevent full visibility to the environment.

Traditional security focuses mainly on defending against known threats. Many anti-virus technologies will work from an existing list of potentially dangerous viruses. To avoid these viruses from becoming active, traps are created.

Hackers are more sophisticated

According to Mr King, hackers are becoming more organised, are well-funded, and even more determined than before. He expands: “Many are working with government agencies or organised crime, and the money involved would make bankers' bonuses look like pocket change. As such, they know where the old booby traps are, and they know how to get past them."

King says that there has been an increase in the number of 'zero day' polymorphic attacks. This is where attackers change the code of their attack each time so that each attack has a different DNA.

Nature of attacks are always changing

Due to the fact that the make-up of these attacks is constantly changing, it is impossible to pre-programme security defences to prevent them because they have never been seen before. As a result, these attacks do not appear on the pre-prescribed list of actions that they should stop.

Data Analytics uncover the unknown

This is where Big Data analytics tools can help to detect the unknown. Data analysis can give businesses a comprehensive view of internal and external risks by alerting decision makers about potential fraud, unusual network traffic patterns, hardware failures, and security breaches. It converts data into actionable information, helping businesses move their cybersecurity measures from a reactive state to a proactive state.

By analysing network traffic in real-time, Big Data analytics solutions can help to identify attacks as they happen and also identify unusual behaviours that result after a breach has occurred.

Mr King points out that Big Data is not confined by the traditional IT silos-threats are put into greater context. This contextualisation is critical when trying to determine the level of threat and appropriate response. This gives IT a broader picture of why changes may be taking place and potential impact of the threat.

Big Data allows security teams to integrate data from a variety of sources, thereby producing a holistic view of the environment. But, security teams need to take care because as the security landscape shifts and attackers become more sophisticated, this visibility and contextual data will become even more critical.

Because of the significant increase in data and the ever-transforming face of technology and its accompanying risks, making accurate and timely cybersecurity decisions can present many challenges. Although big data can be challenging, its sheer breadth and depth also present businesses with an almost unlimited capability to proactively monitor and avoid potential cybersecurity issues.