Big Data analytics are being used to help organizations make better decisions based on large volumes of data they have collected, but such analytics are also being used to determine threats to cloud computing. The Cloud Security Alliance's Big Data Working Group has released the results of its "Big Data Analytics for Security Intelligence" report.
The initial report does focus a little bit on the differences between traditional and Big Data before it dives into how Big Data analytics is being used to obtain actionable intelligence in real time. It's still early on in the technology's maturation, though, as there are still a few challenges to be overcome, according to the report. Data provenance, privacy, securing Big Data stores and human-computer interaction are all areas the report noted still need some work and continued evolution.
"Although Big Data analytics holds significant promise, there are a number of challenges that must be overcome to realize its true potential. We have only just begun, but are anxious to move forward in helping the industry understand its potential with new research directions in Big Data security," said Alvaro Cardenas, the report's lead author and an assistant professor at the University of Texas, in a prepared statement.
The 22-page report in part is simply breaking down the current state of Big Data analytics, but it also does some crystal-ball gazing as analytics will relate to security. One of the areas the report scrutinizes is how Big Data analytics relates to intrusion prevention and the evolution from first-generation systems that were the first to focus on layered security, to second-generation systems that introduced security information and event management (SIEM) to manage alerts from different intrusion sensors, to the expected third-generation systems that will be driven by Big Data analytics.
According to the report, "Big Data tools have the potential to provide a significant advance in actionable security intelligence by reducing the time for correlating, consolidating and contextualizing diverse security event information, and also for correlating long-term historical data for forensic purposes."
The report seems to be just scratching the surface of Big Data analytics for security in the cloud, so I'd expect to see more from this CSA working group in the not-too-distant future.