Anton Chuvakin

A member of the Gartner Blog Network

Anton Chuvakin
Research VP
2+ years with Gartner
14 years IT industry

Anton Chuvakin is a research VP at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

Coverage Areas:

Gartner Predicts 2014 Out – And One On Big Data!

by Anton Chuvakin  |  December 3, 2013  |  2 Comments

‘Tis that season … to predict. Gartner just released a set of security Predicts notes, specifically:

  • Predicts 2014: Mobile Security Won’t Just Be About the Device with this fun quote: “Mobile security breaches are, and will continue to be, the result of misconfiguration and misuse on an application level, rather than the outcome of deeply technical attacks on mobile devices.“ (i.e. most of the “new and hot” mobile security is really “old” appsec)
  • Predicts 2014: Security Solutions focuses on predictions for security vendors and contains this gem of an SPA: “By 2015, the demand for greater security intelligence sharing for context-aware systems will form a marketplace for brokering security data.”
  • Predicts 2014: Infrastructure Protection has a lot of exciting stuff and it discussed separately below.

So, the last of the 3 Predicts contains this bit that I contributed to: “By 2014, 95% of organizations will not use security big data analytics due to complexities, a dearth of COTS tools and skill shortages.”

If you recall, my topic this quarter is using big data for security. Why am I suggesting that most organization won’t? As the note says “big data technology in security contexts will stay immature, expensive and difficult to manage for most organizations as targeted attacks become more stealthy and complex to identify in progress.” The organizations may be stuck between these two forces:

  1. A lot of “big data” problems are not well treatable by COTS (commercial off-the-shelf) and OOB (out of the box) stuff, you need to have a mindset to explore, research and customize.
  2. Many organization can only use advanced technologies (such as analytic algorithms, etc) if they are packaged by the vendor i.e. exist in COTS form.

The results is: you can’t do COTS, but you can only do COTS. The result? Not doing it! At the very least, not doing it until more creative solutions are built by the vendors and until more “boxed analytics” becomes available (if that can happen at all beyond a few niche uses).

A few more fun quotes from this Predict note follow below:

  • “The noise about big data for security has grown deafening in the industry, but the reality lags far, far behind. As many organizations continue to struggle with utilizing traditional security analysis tools, such as security information and event management (SIEM) tools, the expectation that they will magically adopt big data technologies and approaches is simply unrealistic.”
  • “Big data use for security will continue to be populated by the most advanced, mature, Type A organizations for the near future. Security may well be becoming a big data problem, but riding that big data wave will stay difficult and expensive for most organizations.”
  • “Many vendors — new and existing ones — will try to position their technology as big data. However, much of this will remain hype, not reality. “Lean forward” security programs at select large enterprises will still need to build and run their own tools for big data analysis if they choose to embark on this journey.”
  • “Advanced expertise in both information security and data science will be a necessary ingredient in enabling accurate discrimination between malicious and benign activity. “

For our recommendations, please read the note.

Related posts on the topic of big data for security:

2 Comments »

Category: analytics big data future security     Tags:

2 responses so far ↓