Three out of four intrusions exploit weak or stolen (but otherwise legitimate) credentials, and another 13 percent result from misuse of information by privileged users, according to Verizon\u2019s 2013 Data Breach Investigation Report. The solution is harnessing the big data in the trillions of access relationships \u2014 the ever-changing information related to who is accessing what resources for what purpose \u2014 to better understand what is really going on. As Gartner says, \u201c[Big Data] is a class of information processing problem that, due to the volume, velocity, variety and complexity of the data, requires different approaches to support analytics to derive cost-effective, timely, business-relevant insight.\u201d While big data has been used effectively by line of business to analyze customer purchase behavior, inventory turns, or other critical data, it also offers tremendous promise for IT security to manage business better.<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
This is where predictive analytics come in \u2014 the same technology that an online retailer might use to better target product offers to customers based on recent buying behavior, for example. Consider a salesperson that might have the right to download an entire customer database, but if he does it at 2 a.m. on a Sunday morning from his home office, this might raise a few questions. By identifying patterns or anomalies from \u201cnormal\u201d \u2014 and serving them up in graphical profiles \u2014 security staff have a never before seen, real-time view into potential risk.<\/p>\n
<\/p>\n
Here\u2019s the key point: with this new approach, risk is assessed from live data, not anticipated scenarios that have been coded into the system, alerting security staff to actions already defined as \u201cbad.\u201d Real-time, predictive analytics lets companies truly understand where their greatest risks lie by harnessing existing company data to sound alarms before a loss \u2013 when the risk around an individual or resource spikes.<\/p>\n
<\/p>\n
By having a way to analyze risk associated with user access on a continuous basis, companies can truly understands who someone is, what they should access, what they are doing with that access and what patterns of behavior might represent threats. With this insight, companies will also have a better understanding of where their next breach could take place, and whether that threat is internal or external.<\/p>\n
<\/p>\n