Enterprises are Analyzing Lots of Internal Cybersecurity Data
As part of the threat intelligence research project, ESG surveyed 304 cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees), and asked them which types of internal security data they regularly collect, process, and analyze today. It turns out that around 40% of enterprises collect and analyze 13 different types of cybersecurity data. At the top of the list:
It’s also worth noting that 35% of enterprises plan to collect “significantly more” internal cybersecurity data over the next 12-24 months so big data security analytics initiatives will continue to grow in data capacity and complexity. I expect more big data technologies and data scientists to elbow their way into this market as this happens. Heck, we’ve already seen examples of this with Splunk buying Caspida while vendors like Cloudera, Hortonworks, and Sqrrl add cybersecurity algorithms to their platforms.
All of this data collection, processing, and analysis seems like a good thing for as Sun Tzu stated, “If you know the enemy and know yourself, you need not fear the results of a hundred battles.” Following this advice assumes that we can turn cybersecurity data into actual knowledge, actions, and countermeasures. This is the real challenge facing the enterprise cybersecurity community.