One of the main defenses against hacktivists and cybercrime is to apply the techniques of big data to identifying patterns that could hint or predict the next attack.
While big data is a buzzword associated with making sense of unstructured data from social media sites such as Twitter and Facebook, experts say that cyber security can be approached like a big data problem by the financial industry.
[For more on In Fight Against Hacktivists, Financial Firms Need Layers of Security, see Ivy Schmerken's related story.]
"You can apply these techniques to grow your business and analytics. You can also use the same technologies to defend your business which comes in threats in the format of data," suggests Mark Akass, CTO at BT Global Banking and Financial Markets.
"If you say you can be threatened by a huge number of behaviors, then the information inside your business, information hitting your firewalls, security topics coming up on your enterprise, PC workflow, and virus blocking systems that warn you not to open attachment. But what if there are thousands of those notifications? "
According to Akass, there are all sorts of ways to collect data that could be pertinent to threat analysis. Devices such as PCs, private networks, logs, password updates, virus detection systems — all of these produce huge volumes of data that can be mined, he and others suggest. Historically, people did not analyze this data. But now there are new threats and new tools to crunch high volumes of data faster than ever before.
"This is where you are trying to look at scenarios that would induce people to have a go at your [enterprise]," comments Chris Pickles, Head of Industry Initiatives, Global Banking & Financial Markets, BT. In addition to having a focus on "firewalls and encryption of data," Pickles said the purpose of data analysis is to figure out "what will start people wanting to attack you." Take a cyber terrorist who accuses one's bank of illegal practices in human rights or a customer who is saying "lousy" things about a financial organization to teach the company a lesson.
Essentially, the idea is for banks and investment firms to monitor the social sentiment about their companies, such as who is saying nasty things on Twitter about a product the company has just released. "It's analyzing scenarios and patterns in the market before things happen," adds Pickles. You're trying to look and get ready for things versus after the event happens," said Pickles.
"It's not about locks on the door. It's more about how do you see these patterns building up in the financial markets," said Pickles. Big companies that are looking at how to respond effectively to threats are taking this proactive approach.