bankingciooutlook

Financial Institutions Need Big Data Analytics in their Cyber Security Arsenals

By Cynthia Walker, VP & Data Analytics Innovation Center, Salient CRGT And Chuck McGann, Chief Cyber Strategist, Salient CRGT

Cynthia Walker, VP & Data Analytics Innovation Center, Salient CRGT

The U.S. Securities and Exchange Commission (SEC) Chair Mary Jo White emphasized in a recent speech that cyber security poses “one of the greatest risks facing the financial services industry.” The Federal Financial Institutions Examination Council (FFIEC) agrees, noting “Financial institutions are increasingly dependent on information technology and telecommunications to deliver services to consumers and business every day. Disruption, degradation, or unauthorized alteration of information and systems that support these services can affect operations, institutions, and their core processes, and undermine confidence in the nation's financial services sector.”

Overcome Growing Size and Complexity Challenges

Cyber security has become a big data opportunity because the size and complexity of the data has simply grown too big and too complex to analyze with using traditional security tools, including the security event and information management (SIEM) applications that many companies adopted over the past decade. For example, recent cyber-attacks have targeted interbank messaging and wholesale payment functions at financial institutions to originate unauthorized transactions. These unauthorized transactions may subject a bank that originates such transactions to losses and compliance risk, as well as shareholder lawsuits.

A successful big data analytics strategy involves more than just selecting the highest rated “Magic Quadrant” SEIM or analytics tools and having access to high value data. It also requires extending the knowledge and skills of your people with the technology expertise of the vendors and internal technology resources to create a dynamic picture of what activities should occur, when they should occur and validating those activities as legitimate.

Thwart Attacks with Big Data Analytics Threat Detection

Big data analytics brings tremendous value to cyber security teams, who have the daunting task of identifying threats and abnormal behavior of applications, systems, and users. Big data analytics techniques and tools provide the ability to ingest immense volumes of data from multiple event collectors and sources, and normalize these feeds for interrogation by various behavior and threat detection algorithmic applications at machine speeds in near real time.

“Developing your strategy is step one. Successful implementation of that strategy is step two on the path toward reaping the rewards of big-data-analytics-enabled threat reduction”

A recent MeriTalk study reveals strong evidence of the value of big data analytics to shore up Cyber security strategies: “81 percent of Feds say their agency is using big data analytics for cyber security in some capacity, including 53 percent who say it’s built into their overall cyber security strategy. Nearly all of federal agency big data users (90 percent) have seen a decline in security breaches as a result of using big data and analytics.”

Automating threat detection through data analytics holds the key to freeing up your valued resources to analyze the outlier behaviors for users and processing systems. An effective data analytics output helps a security analyst identify threats rapidly and effectively, and can help reduce scarce personnel resource requirements.

The recently passed Cyber security Information Sharing Act provides a vehicle for commercial banks to obtain increased access to threat information. Coupled with the Financial Services Information Sharing and Analysis Center (FS-ISAC) data currently available, banks have access to significant amounts of threat data. When this data is ingested into the analytics engine, outputs can have valued results. Threat actors can be identified, as can potential malware attempts and other attempts to negatively affect the capability of the financial institution to engage in business activities.

Chuck McGann, Chief Cyber Strategist, Salient CRGT

Adopt a Successful Strategy

Financial institutions concerned with cyber security should consider following the lead of these federal agencies and include big data analytics in their cyber security arsenals to enhance management of internal and external threats and vulnerabilities to protect information assets and the supporting infrastructure from technology-based attacks.

Embrace Proven Best Practices

A successful big data analytics strategy includes using a big data platform such as Hadoop and machine learning technologies to:

• Gather and analyze data from traditional network monitoring and log files (and from traditional SIEM tools)
• Enrich internal network data with threat information now available to commercial banks and the FS-ISAC data
• Identify trends and patterns from historical data as the foundation for predicting and thwarting future threats, and
• Evaluate seemingly unrelated activities that might be indicative of potential resource misuse or breach occurrence – e.g. power usage, unexplained environmental “adjustments”

Arm Your Team For Action

These technologies and strategies deliver insights regarding potential threats and attacks to cyber security analysts near real time in a form that enables prompt corrective action. Arming your analysts with these insights improves their ability to identify “outlier events” and make better-informed decisions.

A successful big data analytics strategy can make the difference between detecting and stopping an internal threat and data exfiltration or a possible breach. Developing your strategy is step one. Successful implementation of that strategy is step two on the path toward reaping the rewards of big-data-analytics-enabled threat reduction and breach identification.

Read Also

Software Defined Networks- A New Spine for IT

Software Defined Networks- A New Spine for IT

Scott Fenton, VP & CIO, Wind River
Cyber Security: A Continued Challenge In 2014

Cyber Security: A Continued Challenge In 2014

Gary P. Scholten, SVP & CIO, Principal Financial Group
Top 10 Security Solution Providers - 2018

Security Special