Professional Documents
Culture Documents
Conrad
Constantine
It looks like big data is here to stay. When it first emerged as the next big
thing a few years ago, it didnt take too long for the information security
industry to realise it had applications within the field and quickly it was being
pitched as yet another silver bullet solution.
We love parroting the line that silver
bullets dont exist in infosecurity and
yet every time something new and
shiny comes along, excitement trumps
reason every time. The information
security field has always suffered from
a very special form of hubris that
feeling that somehow our problems
are so unique to us that no other
field could possibly have encountered
anything of the scope or scale of
intrinsic complexity and innumerate
factors determining the outcome of
any action. Yet here we are, welcoming
in a new age of mathematically-driven
analysis of our data.
And theres the rub. Information
security people, by and large, are not
good at mathematics, data modelling or
programming. Infosecurity has become
the new hotness for people looking to
go into university for something that
will get them a guaranteed career with
lots of money. The hand-wringing
among old hands over the transition
of our field from craft to trade can fill
volumes. Infosecurity rookies come
fresh from university with a smattering
of familiarity with core concepts and
skills, into a field that demands mastery
of them all.
Network Security
Big queries
But lets bring this back around to
big data an easily digestible name
for the emergence of commodity
software designed to allow synchronous
N-dimensional analytics quite
the mouthful to anyone without a
background specialising in the data
sciences. Data has always been big: an
intrinsic side-effect of Moores law can
be expressed as utilisation will always
expand to fill capacity. No, the real
nature of big data is big queries the
ability to ask questions of our data that
have been computationally unfeasible
before.
Ask anyone working frontline security
operations and analysis weve had big
data for years terabytes of logs we need
to sift through to find that single log
entry that delivers the smoking gun to
us. And well regale you with stories of
waiting hours, days even, for that search
to return results. If big data were nothing
more than a leap beyond isometric
increases in the speed of querying our
vast repositories of data in accordance to
their volume, the average security analyst
would be quite happy with that.
January 2014
FEATURES/NEWS
technical skills that are only hastily
covered in the current educational tracks
for infosecurity.
If security big data is going to do
more than keep buzzword-pace with
the rest of the technology world, it will
inevitably draw upon prior expertise
from other fields. True, they will have
to acquire some of the experience and
domain knowledge of the security field
a task that may be far less challenging
to people with a background in data
science than for our current crop of
security graduates to replicate in reverse.
Information security
expertise requires experience
and competence across a
wide variety of information
technology domains
Better questions
January 2014
Network Security
19