A friend of mine once told me that software engineers are fashionistas at heart. Instead of trying to out dress each other they out buzz word each other. Well the latest buzz words you likely to hear on this season’s software engineering runway are Hadoop, Splunk and Deep learning.
Yes indeed these big data buzzwords have been flying around Irdeto for some time. Now you normally think of big data as being used to analyze consumer behavior or to learn that the breading patterns of toads are great predictors of earthquakes. But what has big data got to do with security?
Out with the old
Quite frankly deploying a security solution without a big data element is a waste of time. The sophistication of today’s systems means that there are too many attack surfaces which are difficult to completely analyze or some instances are simply impossible to close. Take a STB, you have a system with millions of lines of code sitting connected to the internet. Making sure that there is no weakness that can be exposed is a tall order. Worse still when you get to video it gets displayed on a high resolution screen which can easily be captured by a high resolution camera.
Given this, it’s not surprising that we’re finding that traditional security is no longer enough on its own. It doesn’t provide a complete picture of the threat; the organization’s security posture. Why would it?
In with the new
The systems were designed to protect perimeters that are easy to define and are clear: does this person have permissions to access this data? The narrow parameters mean that the rules and triggers are based on known threats. In reality, the security perimeters are becoming blurred. We’re opening up systems to more people: suppliers, partners, customers, employees who work from home even without adding Internet of Things into the mix. Protecting today’s perimeters requires a different approach.
With big data analytics you get a comprehensive view of the security landscape. It provides actionable intelligence which adds context to the incidents. The insight exposes what is at risk, how severe those risks are, how important the asset at risk is and what should be done to minimize the security weakness. If one device does something even a little bit different you can zero in on this, in real-time.
Style of the future
From an operator perspective this could be relevant not only for preventing attacks on STBs, but also when monitoring piracy networks as well as for fraud management and device security.
Big data analytics enables a security solution to quickly notice anomalous and potentially dangerous behavior to prevent breaches or failing that detects malicious behavior once a breach has occurred allowing operators to dynamically update their policies to minimize risk.
This is a fashion that is here to stay, with analytics and intelligence being at the heart of all next generation security solutions.