安全需要大视野,而不仅仅是大数据

This isn’t an idle observation: Several high-profile breaches happened through vulnerabilities that had been documented months or sometimes years prior. The future lies in analyzing this data to give security professionals a comprehensive view of their security posture. Tell them what is at risk, how severe the risk, how important the asset is, and how to fix it. We see tremendous promise in Risk I/O’s approach to this problem, and we’re proud to have led their most recent investment.

Another area for exploration is security solutions that follow assets to protect them wherever they are. With cloud infrastructures (both public and private) and bring-your-own-device mobile enterprises, there is no perimeter and every layer of the stack is dynamic. Security professionals need to be able to apply security policies to applications, data, and users wherever they are, and those policies need to adapt based on the changing context.

There’s an increasingly popular saying that there are two types of organizations now: those that have been breached, and those that just don’t know it yet. As attacks have become too sophisticated for signature-based detection, there is a need for solutions that quickly notice anomalous and potentially dangerous behavior (likely leveraging machine learning) to prevent breaches or — failing that — detect malicious behavior once a breach has occurred, and minimize its impact.

Guardian Analytics, another Costanoa investment, applies behavioral analytics to data already resident in online banking platforms to prevent a broad range of fraudulent activity. This is just one example of applying data science to existing data sets to address more nebulous threats. There will be more opportunities looking at different applications and different types of attacks.

Finally, there is also the need for efficient data capture and analysis that can look broadly and historically across an infrastructure, sometimes trailing several months, to see when and how a breach occurred, and what the consequences were. This is a prototypical big data problem. It involves great volume, variety, and velocity of data. It now may be tractable, and we are on the lookout for solutions.

We live in an exciting time, but unfortunately in the case of security, that is a double-edged sword. New technologies present new opportunities for criminals. We are optimistic that great new companies are emerging to rise to the challenge.

via:TC