Our “Security Information and Event Management Futures and Big Data Analytics for Security” Paper Publishes
All that big data for security research I did last year has finally condensed into a published paper. Please enjoy “Security Information and Event Management Futures and Big Data Analytics for Security” that focuses on two things: outlining SIEM futures and analyzing the usage of big data technologies and approaches for security. The abstract states: “Organizations with lean-forward security programs complement their SIEM tools with custom-built big data platforms and utilize advanced analytics for security. This assessment predicts the directions for SIEM technology and analyzes the use of big data for security today and in the near future.”
A few fun random quotes follow below:
- “SIEM tools have been, and are expected to remain, a central point for security monitoring within most large organizations, even though they are not explicitly mandated by any regulations.”
- “The noise about big data for security has grown deafening in the industry, but the reality lags far, far behind. As many organizations continue to struggle with utilizing traditional security analysis tools, such as SIEM tools, the expectation that they will magically adopt big data technologies and approaches is simply unrealistic.”
- “Big data use for security will continue to be populated by the most advanced, mature, Type A organizations for the near future. Security may well be becoming a big data problem, but riding that big data wave will stay difficult and expensive for most organizations, at least for the next one to two years.”
- “Before embarking on a big data project, carefully review the needs and assess whether they really require a big data approach rather than a traditional set of COTS tools.”
- “Start from analysis of existing data: No new data! Explore datasets in SIEM, NFT, ETDR, etc. tools. Expand to new data types gradually, after you master your existing data and acquire necessary analytical skills.”
- “Do not buy any new tools, especially those labeled “big data,” before analysis goals are set and needs are clear. Do not pay for the “glamour” of big data if there is low chance of benefiting from the investment.”
GTP subscription is required for access, for those without one here are some links from my research that resulted in this paper.
Related posts on the topic of big data for security:
- Big Data for Security Realities – Case 4: Big But Narrowly Used Data
- Gartner Predicts 2014 Out – And One On Big Data!
- Big Data Analytics Mindset – What Is It?
- Big Data for Security Realities – Case 3: Elastic Search or Similar
- Big Data for Security Realities – Case 2 Variety Explosion
- Big Data for Security Realities: Case 1: Too Much Volume To Store aka “Big Data Collection”
- Big Data Analytics for Security: Having a Goal + Exploring
- More On Big Data Security Analytics Readiness
- Broadening Big Data Definition Leads to Security Idiotics!
- Next Research Project: From Big Data Analytics to … Patching
- 9 Reasons Why Building A Big Data Security Analytics Tool Is Like Building a Flying Car
- “Big Analytics” for Security: A Harbinger or An Outlier?
- Upcoming Gartner Webinar: The Future of Security Monitoring and SIEM
- Our SIEM Futures Paper Publishes! (previous edition of this paper, with no BIG DATA)
Read Complimentary Relevant Research
Organizing for Big Data Through Better Process and Governance
With big data past the Peak of Inflated Expectations on the Hype Cycle, organizations are addressing next-level challenges and asking,...
View Relevant Webinars
Hadoop and Spark: Understanding Open Source Opportunities and Risks
As companies build foundational data and analytics infrastructure with Spark and Hadoop, the market continues to shift and evolve in...
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.