Under Siege: Combatting Cyber Risk with Big Data Analytics
Scenarios of summer action blockbusters pale in comparison with the boldness and impact of real world cyber attacks we’ve already experienced in 2015. Cyber criminals have become increasingly more sophisticated and no one is immune. The 2015 cyber attack hit list includes major organizations in healthcare, government, education, finance and technology. Among those affected are prominent names like BlueCross/Blue Shield, Anthem Healthcare, Harvard University, the National Guard, and the Office of Personnel Management. The hackers have even gone so far as to target security companies like Kaspersky Labs and LastPass. Acting solo, in cross-border teams, today’s cybercriminals prey on vulnerabilities of our increasingly exposed, siloed, and poorly managed systems and the attacks often go unnoticed until it’s too late.
According to a 2013 report sponsored by McAfee, cyber attacks have a $500 billion impact on the global economy every year. Another recent study by LexisNexis found that companies are paying $2.79 for each dollar lost to fraud. The total financial impact can range from thousands of dollars to millions of dollars per company. If you think your organization is too small to be affected, think again. Hackers regularly target small and medium-sized businesses. A survey by the National Small Business Association showed that cyber criminals have attacked as many as 44% of small businesses.
This is more than an IT issue – it’s a business issue that impacts the entire organization. In an effort to stem the flow of cyber crime, Congress passed the National Cybersecurity Protection Act of 2014. This landmark bill represents the most significant legislation affecting cybersecurity in over a decade. Congressional members believe cybersecurity is one of our nation’s biggest challenges – and they are absolutely right. Is your organization ready to respond?
The fact is, most organizations aren’t prepared for cyber attacks. In recent years, the data landscape has significantly changed. Networks generate petabytes of data at tremendous speeds, and it’s difficult for companies to keep up. Many enterprise networks consist of disconnected “buckets” of vulnerable data that make it easy for hackers to gain access without detection.
Once inside, the attackers drop malware in the environment to hide their activities. They encrypt the data and remove it from the system over a period of 30 days or more. Unfortunately, your security tools probably won’t detect the threat. In fact, the success rate of traditional security tools is only 5%.
Traditional security tools are ineffective because they rely on antiquated methods. Some tools make use of sampling. When you’re talking about petabytes of information, you’re not likely to find a threat by examining a drop of data. Network logs are essentially useless because attackers can expertly cover their tracks.
Even the most robust traditional systems are vulnerable to attack. Target spent $1.6 million on a malware detection tool 6 months before the data breach. Yet, hackers were still able to install malware on Target’s security and payments system. It captured shopper’s credit card numbers and stored the information on a server controlled by the attackers. 40 million credit cards and 70 million addresses were stolen. A year later, Target is still trying to regain consumer trust and confidence.
So, the real question is, what can you do today to protect your data from cyber crime?
The solution lies with a comprehensive, high performance analytics platform designed to process massive amounts of data and detect fraud patterns in real time – the Actian Analytics Platform. Using a series of integrated components, users can connect and blend data coming from multiple sources to scan for unusual patterns, using all available data without sampling. When you have the ability to process data using advanced analytics, you can start to predict and prevent threats in real time.
The Actian Analytics Platform marries parallelized data processing and management with sophisticated analytics – all within a single interface. By focusing on key anomalies, you can detect, diagnose, and prevent cyber attacks before they happen. You can also use your data to uncover hidden patterns, discover correlations, and predict future behavior.
A major governmental agency saw that the manner of attacks had changed from humans to machines which meant that they now had to detect and stop threats in sub-seconds instead of hours. They also had to parse false-positives to ensure that legitimate government assets were not getting locked out of the network. This required the agency to deploy an analytic system to perform discovery analytics on unprecedented volumes and types of data while providing timely insights so that the agency could make the appropriate network security decision.
The annual cost of ATM fraud in US alone is over 8 billion dollars. Thieves use compact scanners at the terminal to capture ATM card data, then mass produce fraudulent debit cards to empty user accounts in record time. Faced with a growing problem of ATM fraud, a major bank could do little to stop the cyber thieves because its legacy system took 36-48 hours to load and process ATM data. So fraud would be detected long after the crime had occurred. Running natively in Hadoop where the bank’s ATM data was stored, Actian’s analytic platform enabled the bank to perform sub-second analysis on all ATM transaction data. Now malicious activity could be detected and stopped right at the source.
Traditional security tools look at the past in an attempt to predict the future. Unfortunately, that leaves your organization vulnerable to the newest threats. Hackers are constantly coming up with new methods of deception. Your organization needs a system that can analyze, learn, predict, and prevent these unknown threats. That’s the promise of a big data 2.0 analytics platform.
Preparedness is the key to preventing cyber attacks. Is your organization prepared?
About Ashish Gupta
Ashish Gupta joined Actian in 2013, where he is responsible for marketing and business development. Ashish brings more than 21 years of experience in enterprise software companies where he focused on creating go-to-market approaches that scale rapidly and building product portfolio that became category leaders in the industry.