The billions of bits and bytes that make virtual government services, information sharing and even shopping easier also open the doors for adversaries to gather intelligence that aids their nefarious pursuits. AFCEA International’s Cyber Committee has published a white paper that describes several ways big data analytics can help cybersecurity analysts close those doors or at least shrink the gap and lessen vulnerabilities.
Complex networks comprising traditional information technology systems, the Internet of Things and multiple cloud environments make it difficult for cybersecurity analysts to detect, prevent and mitigate sophisticated cyber exploits and attacks. The Cyber Committee urgently recommends the United States apply big data analytics to the security of government and critical infrastructures and undertake the necessary research to speed the development of these tools.
The urgency of this recommendation comes not only from the magnitude but also the diversity of the data that’s being filched. Breaches of the Office of Personnel Management (OPM), a voter database and even Yahoo’s user base demonstrate that cyber criminals are after both large amounts and various types of information. By using big data analytics on the spoils of cyber war, they gain significant insight into U.S. national security decisions, the economy and even political dynamics.
However, the AFCEA Cyber Committee points out that the U.S. national security and intelligence communities also can use big data analytics to understand how to stop foreign intelligence services and cyber criminals from exploiting U.S. computer networks. It recommends increasing the emphasis on the kind of research IBM is conducting, which applies artificial intelligence to the data that security information and event management systems collect.
Particular attention should be paid to the collaborative research efforts among companies that include GE and C3 IoT, the committee points out. For example, GE and C3 IoT are pioneering advances in understanding the data generated throughout complex information and operational technology networks, including networks that may be managed via cloud infrastructures.
If possible, government research and development organizations should undertake a joint effort to support the development of such technologies, the committee recommends. In addition, given the progress the private sector has made, the government should allow industry to help shape and conduct such research.
The collection and storage of data presents another major challenge to the security of big data analytics environments. The OPM hack illustrated that a single adversary can move easily across the enterprise to steal information. Consequently, it is important that all data be encrypted during transmission, at rest and, if possible, during processing, the committee suggests.
In addition, concern is rising that the United States is losing billions of dollars in intellectual property as well as terabytes of data each year. Several approaches are worth exploring to combat this assault against both national security and the economy. The Cyber Committee recommends that the Intelligence Community look at foreign countries’ policies, doctrines and concepts of operations in several areas to address this issue. Committee members believe such intelligence could be of immense importance to national and homeland security and is prepared to support development of initial terms of reference.
“Given the value of big data environments, we should look at ways to enhance cybersecurity at an enterprise level. In addition, urgent attention should be paid to the way other countries are using big data analytics to understand the United States and craft courses of action that affect our national interests. The AFCEA Cyber Committee stands ready to support these efforts,” the committee states.