Feds Value – but Don’t Always Use – Big Data Tools for Cybersecurity

U.S. government agencies can significantly improve their ability to deal with cybersecurity problems by utilizing big data analytics. However, agencies are finding it difficult to fully benefit from these advanced analytical tools for a variety of reasons — including dealing with the sheer volume of data, which will only keep growing.

Cyberthreats hide in plain sight and exist on government networks for an average of 16 days before they are detected, suggests a recent report from MeriTalk. The report presents the findings of a survey of more than 300 local, state, and federal IT professionals.

In general, government IT staffs apparently are supportive of using big data analytics, with 86 percent of all survey respondents convinced that the technology can play a major role in dealing with cyberthreats. For federal IT staffs, the response was a bit lower, at 75 percent. However, only 28 percent of all respondents said their agencies were fully leveraging big data for security purposes today. Federal IT professionals scored higher, at 37 percent.

“Government organizations have access to a wealth of cyberthreat information,” said Kevin Davis, area vice president for the public sector at Splunk, which supported the MeriTalk report.

“The challenge is managing that data and connecting the dots in real time. That’s how we get immediate insight into threats. Agencies need to detect threats faster and start to predict when and how they will occur,” he said.

Mountains of Data

“Too much data to analyze” is the main reason federal agencies don’t maximize the use of big data analytics in meeting cybersecurity threats, the survey indicates. It was the top impediment cited by federal agencies, at 45 percent.

Among the other challenges listed by federal IT professionals was lack of skilled personnel, lack of management support, too much data to store, poor integration between solutions, inability to justify investment, and lack of effective solutions.

Nearly 90 percent of all survey respondents said they could not tell a “complete story” from the cybersecurity data they received, and 76 percent said their security team often operated reactively rather than proactively.

Collectively, the government IT respondents at the local, state and federal level showed an appreciation of the contribution data analytics could make to improve cybersecurity. Given a list of those advantages, the most frequently cited benefit of using the advanced tools was “could better detect a breach that is in process,” at 61 percent.

Among other benefits cited were “monitor streams of data in real time,” and “conduct a conclusive root-cause analysis following a breach.” Yet just 41 percent of federal IT professionals surveyed said they were prioritizing big data analytics for cybersecurity. The response was only 29 percent at the state and local level.

“When it comes to big data and cybersecurity, the first thing government agencies should acknowledge is that all data is security relevant,” said Adam Cohn, director for public policy and government affairs at Splunk.

“Big data analytics is a big deal for cybersecurity because of the insight it contains. Many organizations and agencies … continue to view certain types of data sets as meaningless or devoid of value. However, with the right analytics platform in place, that information can be transformed into knowledge and action,” he told the E-Commerce Times.

“There are four classes of data that security teams need to leverage for a complete view: log data, flow data, threat intelligence data and contextual data. If any of these data types is missing, there’s a higher risk that an attack will go unnoticed,” Cohn added.

“Federal IT professionals understand they need data analytics to achieve full-scale situational awareness around cyberthreats,” noted David Hantman, general manager of MeriTalk.

“Congress is working on legislation and recognizes this need. Also, looking at the National Institute of Standards and Technology’s most recent ‘Three Year Programmatic Plan’ there is an entire section devoted to using data analytics to promote cybersecurity performance in the government and private sectors,” he told the E-Commerce Times.

Federal Market Poised to Grow

“Big data analytics can serve a variety of agency needs. With the right queries in place, data sets can provide value in multiple areas, from statistical services that reveal operational insights, to identifying both internal and external threats to agency networks,” Cohn said.

“The right big data analytics platform serves as the nerve center, harnessing the data from many different sources for both IT operations and security,” he added. Splunk’s “most advanced customers” can detect attacks in minutes or less in some cases — instead of days, weeks or months — by using a big data approach.

The federal market opportunity for providers should grow as agencies improve their ability to implement big data tools for cybersecurity.

“As government agencies recognize the value data can provide for security and operations, there will undoubtedly be continued investment in data analytics solutions. Government is particularly interested in those solutions that can not only address today’s cyberchallenges but those that offer the capabilities to scale and adapt in an ever-evolving threat environment,” Cohn said.

In a 2014 report, Gartner listed 15 providers in the Security Information and Event Management (SIEM) market. Leading contenders included IBM, HP, Splunk, McAfee and LogRythm.

“Opportunities exist for direct responses to government RFPs as well as working with systems integrators, cloud providers and partners. As the applications of data analytics continue to be recognized within government, we anticipate there will be an increasing demand for big data analytics solutions,” Cohn said.

The Federal Buzz: Telecoms in Washington; Data Security Proposal

TIA Bolsters Staff: The Telecommunications Industry Association has seen a need to strengthen its federal presence, especially on Capitol Hill. To meet that challenge, TIA has appointed James Reid as senior vice president for government affairs. Reid previously served as the chief of staff to Senator John D. Rockefeller, D-WV, and as deputy staff director for the Senate Commerce Committee. TIA also appointed Patty Higginbotham as general counsel and senior vice president. Higginbotham had prior experience in government policy positions, most recently as vice president, government relations, and general counsel at the Global Business Travel Association.

”Communications issues are at the forefront for policy makers. Congress is currently examining policies that will impact the future of communications, including broadband, Net neutrality regulations, spectrum, and the increase and use of connected devices, or the Internet of Things,” said Scott Belcher, chief executive officer at TIA.

“Representing TIA’s members on the Hill is a vital component of strengthening the organization as the voice of the network at a time when dramatic change is affecting the industry. James Reid will bring a level of experience and expertise to TIA that will drive our efforts to shape the future of high-tech communications in both the legislative and regulatory arenas,” he told the E-Commerce Times.

Data Security: Financial businesses wasted little time in supporting the Data Security Act of 2015, a bipartisan measure sponsored by Rep. Randy Neugebauer, R-Texas, and Rep. John Carney, D-Del. The bill will help prevent data breaches by enacting strong new protections for sensitive financial information, and establish uniform guidelines to ensure customers receive timely notification when a breach happens, according to the Financial Services Roundtable.

“Ensuring that every industry is required to follow clear rules to safeguard data is the best way to help protect consumers,” said FSR president and CEO Tim Pawlenty.

The bill, H.R. 2205, creates a uniform set of national data security and breach notification requirements, while also recognizing that some industries, like financial services and healthcare, already comply with rigorous data security regulations, the FSR said.

FSR, the American Bankers Association and the National Association of Federal Credit Unions have announced their support for the proposal.

John K. Higgins is a career business writer, with broad experience for a major publisher in a wide range of topics including energy, finance, environment and government policy. In his current freelance role, he reports mainly on government information technology issues for ECT News Network.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by John K. Higgins
More in Government

E-Commerce Times Channels