By 2016, 25 Percent of Large Global Companies Will Have Adopted Big Data Analytics For At Least One Security or Fraud Detection Use Case
February 6, 2014
Criminals are rapidly evolving their hacking techniques, and are attacking quickly, making timely security and fraud analytics more critical than ever. Big data analytics give enterprises faster access to their own and relevant external information.
In today's blog post, Avivah Litan, vice president and distinguished analyst at Gartner, said enterprises can achieve significant savings in time and money when using big data analytics to stop crime and security infractions, by stopping losses and increasing productivity.
Ahead of the Gartner Business Intelligence & Analytics Summit 2014 , being held March 31 – April 2 in Las Vegas, Gartner predicts that by 2016, 25 percent of large global companies will have adopted big data analytics for at least one security or fraud detection use case, up from 8 percent today, and will achieve a positive return on investment within the first six months of implementation.
Ms. Litan said:
Big data analytics gives enterprises faster access to their own data than ever before. Big data analytics enables enterprises to combine and correlate external and internal information to see a bigger picture of threats against their enterprises. It is applicable in many security and fraud use cases such as detection of advanced threats, insider threats and account takeover.
Information needed to uncover security events loses value over time, and timely intelligent data analysis is critical as criminals and bad actors move much more quickly to commit their crimes. For example, a year or two ago, hackers would look around, conduct extensive cyberespionage on their targets, and then go in for the theft — whether it was for money or information. Now, hackers — aware of more-effective security and fraud prevention measures erected by their target victim enterprises — simply go directly to the theft without a drawn-out reconnaissance phase.
To address these issues in the past, enterprises relied on various siloed monitoring or detection systems that were optimized for various use cases, such as data loss, financial fraud, or privileged user monitoring.
Now, with big data analytics, enterprises can:
- Cut down on the noise and false alerts in existing monitoring systems by enriching them with contextual data and applying smarter analytics. This is especially important as the number of security events increase substantially year over year.
- Correlate the resulting high-priority alerts across monitoring systems to detect patterns of abuse and fraud, and to get the big picture on the security state of the enterprise.
- Pool their internal data and relevant external data into one logical place, and look for known patterns of security violations or fraud.
- Profile accounts, users or other entities, and look for anomalous transactions against those profiles.
- Remain agile, and stay ahead of malicious actors and activities, via faster tuning of rules and models tested against data streaming in near real time.
Big data analytics is ahead of most organizations' abilities to successfully adopt them, and most vendors have barely begun to prove their software's effectiveness, so it's still early days for this market. Enterprise are recommended to start small, but think big, and develop a road map that encompasses multiple use cases and applications across the organization. The return on investment (ROI) on big data analytics is typically too big to ignore.
More information is available in the Gartner report "Reality Check on Big Data Analytics for Cybersecurity and Fraud." Additional information on big data analytics will be presented at the Gartner Business Intelligence & Analytics Summit 2014 in Las Vegas, as well as the Gartner Business Intelligence & Information Management Summit 2014, February 24-25 in Sydney, Australia and the Gartner Business Intelligence & Analytics Summit 2014, March 10-11 in London.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.