‘Tis that season … to predict. Gartner just released a set of security Predicts notes, specifically:
- Predicts 2014: Mobile Security Won’t Just Be About the Device with this fun quote: “Mobile security breaches are, and will continue to be, the result of misconfiguration and misuse on an application level, rather than the outcome of deeply technical attacks on mobile devices.“ (i.e. most of the “new and hot” mobile security is really “old” appsec)
- Predicts 2014: Security Solutions focuses on predictions for security vendors and contains this gem of an SPA: “By 2015, the demand for greater security intelligence sharing for context-aware systems will form a marketplace for brokering security data.”
- Predicts 2014: Infrastructure Protection has a lot of exciting stuff and it discussed separately below.
So, the last of the 3 Predicts contains this bit that I contributed to: “By 2014, 95% of organizations will not use security big data analytics due to complexities, a dearth of COTS tools and skill shortages.”
If you recall, my topic this quarter is using big data for security. Why am I suggesting that most organization won’t? As the note says “big data technology in security contexts will stay immature, expensive and difficult to manage for most organizations as targeted attacks become more stealthy and complex to identify in progress.” The organizations may be stuck between these two forces:
- A lot of “big data” problems are not well treatable by COTS (commercial off-the-shelf) and OOB (out of the box) stuff, you need to have a mindset to explore, research and customize.
- Many organization can only use advanced technologies (such as analytic algorithms, etc) if they are packaged by the vendor i.e. exist in COTS form.
The results is: you can’t do COTS, but you can only do COTS. The result? Not doing it! At the very least, not doing it until more creative solutions are built by the vendors and until more “boxed analytics” becomes available (if that can happen at all beyond a few niche uses).
A few more fun quotes from this Predict note follow below:
- “The noise about big data for security has grown deafening in the industry, but the reality lags far, far behind. As many organizations continue to struggle with utilizing traditional security analysis tools, such as security information and event management (SIEM) tools, the expectation that they will magically adopt big data technologies and approaches is simply unrealistic.”
- “Big data use for security will continue to be populated by the most advanced, mature, Type A organizations for the near future. Security may well be becoming a big data problem, but riding that big data wave will stay difficult and expensive for most organizations.”
- “Many vendors — new and existing ones — will try to position their technology as big data. However, much of this will remain hype, not reality. “Lean forward” security programs at select large enterprises will still need to build and run their own tools for big data analysis if they choose to embark on this journey.”
- “Advanced expertise in both information security and data science will be a necessary ingredient in enabling accurate discrimination between malicious and benign activity. “
For our recommendations, please read the note.
Related posts on the topic of big data for security:
- Big Data Analytics Mindset – What Is It?
- Big Data for Security Realities – Case 3: Elastic Search or Similar
- Big Data for Security Realities – Case 2 Variety Explosion
- Big Data for Security Realities: Case 1: Too Much Volume To Store aka “Big Data Collection”
- Big Data Analytics for Security: Having a Goal + Exploring
- More On Big Data Security Analytics Readiness
- Broadening Big Data Definition Leads to Security Idiotics!
- Next Research Project: From Big Data Analytics to … Patching
- 9 Reasons Why Building A Big Data Security Analytics Tool Is Like Building a Flying Car
- “Big Analytics” for Security: A Harbinger or An Outlier?
- All posts tagged big data
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.