You have 10 petabytes of security data in your Hadoop cluster.
You count RAM in terabytes and CPU cores in dozens.
You speak HiveQL better than you speak English.
You collect literally and unquestionably every timed record of activity in your organization – including transaction logs, IM messages, flows, anything.
You run queries over 13 months of data – and you do not have to take a vacation before the results come in.
You outgrew your market-leading SIEM product … 5 years ago.
You have statisticians (data scientists) on speed-dial – and on staff.
You run statistical models on volumes of security data before your morning coffee – and get good results.
Your organizations’ BI team thinks you are actually cool… despite being in security.
are you a HARBINGER or an OUTLIER?
Is this the way information security will be done nearly everywhere in 3, 5, 10 years? (good arguments for this)
Or is this a case of “there are only 10 organizations in a Top 10 list”? (some arguments for this)
Is this the way we all need to learn to succeed with current and future threats?
Or is this the way to the top of the mountain that only the enlightened gurus will ever tread?
In any case, let’s keep this discussion going!
P.S. By the way, remember that: “If at first you don’t succeed, skydiving may not be for you.” [by unknown] –> “If you keep failing with small data now, BIG DATA isn‘t for you!” [by Anton Chuvakin]
Read Complimentary Relevant Research
How to Create a Data Strategy for Machine Learning-Powered Artificial Intelligence
MLpAI can help deliver systems with more automation and less human intervention, but success requires a data strategy to deal with the...
View Relevant Webinars
Big Data Architectures: Comparing Relational and NoSQL Databases
In the big data arena, few choices are more important and impactful than the persistent data store. Relational and nonrelational databases...
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.