With the RSA Conference settling in for a week’s run in San Francisco, security will be the big focus of the IT industry – and IT Trends & Analysis. A variety of product and service announcements are scheduled, and first up is HP, which is unleashing a major Big Security Data push, with several new products and services that leverage its technologies from across the company’s Enterprise Security Products (ESP) and Autonomy.
You would never go into a battle blind folded, but many organizations have not been able to access the information needed to combat potential threats, said HP. However, with the integration of cloud monitoring, content analytics and Big Data processing, the company provides clients with the context needed to effectively stop potential breaches, it stated.
Security (i.e. ArcSight, Fortify, TippingPoint and Atalla) is a big part of HP’s business, said Varun Kohli, Director, Product Marketing. “We are number one or two in all markets in which we play. We have more than 10,000 customers, and released more than three dozen products in the last 12 months. Most large organizations are our customers.”
Security is not still a pressing problem, but it’s also time consuming, he said. Cloud and Big Data are helping to double the amount of data every two years, but security can’t keep pace. “So customers are looking for simple solutions.”
The economic slowdown has put pressure on IT budgets, but Gartner said security is expected to remain a priority through 2016. Worldwide spending on security is expected to rise from $60 billion in 2012 to $86 billion in 2016.
However, according to survey released earlier this month, more than a third of security professionals say their security spending is being deployed on the wrong technologies. More than half (59%) said their data would not be safe once the perimeters were breached, and almost two-thirds (65%) said they expect to suffer a data breach in the next three years.
But wait, it gets worse. Another study reports that more six out of ten organizations hit by data breaches take longer than three months to notice what has happened with a few not uncovering attacks for years. A total of14% of attacks aren’t detected for up to two years, with 5% taking even longer than that.
Cloud computing, mobility, social tools and other technologies that put more power in the hands of individual users pose new challenges for organizations seeking to secure data, devices and networks, according to a study released in November by CompTIA, the association for the IT industry. The majority of companies in CompTIA’s10th Annual Information Security Trends study attribute human error as a contributing cause of security breaches, just as they have in the previous nine years of the study. What’s changing, however, is that the human element is no longer confined to malware, phishing and viruses.
“As users gain more responsibility for their own technology, the human element becomes more and more important,” said Seth Robinson, director, technology analysis, CompTIA. “But many organizations are not sure what to do about it. The way they’ve thought about security in the past is to purchase a firewall or antivirus software or other product. But there’s not a product that can help with end-user awareness. It really requires a commitment to training and education.”
Organizations are deploying Big Data, but they’re using it for everything but security, said Kohli. By integrating ArcSight and Autonomy, that changes. All the structured and unstructured data passes through Autonomy which determines positive and negative aspects of data and passes that on to ArcSight which can then automatically make security rules for problems that previously would have gone unnoticed.
In a scenario that makes Orwell’s dystopian ‘1984’ and Big Brother a reality, organizations can detect unhappy employees and then monitor them more closely to see if they pose a risk, he said. In most cases it’s an innocent employee or an honest mistake, but we absolutely need a new approach, said Kohli.
HP has integrated the Security Information and Event Management (SIEM) capabilities of HP ArcSight with the HP Autonomy IDOL content analytics engine to automatically recognize the context, concepts, sentiments and usage patterns related to how users interact with all forms of data. HP ArcSight Cloud Connector allows organizations to configure the collection of application event and log data from cloud service providers. HP ArcSight/Hadoop Integration Utility is a plug-in ready platform that integrates HP ArcSight ESM 6.0c with Apache Hadoop.