Is Big Data just another over-hyped buzz word for physical security users?

July 25, 2013
Several security professionals provide their roadmap of where Big Data fits into security's Big Picture

I recently started a conversation on my LinkedIn page regarding the impact Big Data is having among practicing security professionals. The discussion has been intelligent and engaging. Big Data is certainly big news these days and some of the comments of these top security and risk experts are compelling.

So why Big Data? The massive accumulation of information – 2.5 quintillion bytes of data are created every day – has brought benefits and competitive advantages to many businesses. Yet there are new threats that have come on the heels of this new business driver. There are increased network vulnerabilities as cyber criminals exploit technology to their advantage, and the potential to misinterpret data to the detriment of the organization.

As veteran security consultant David Aggleton puts it: “I don't have any experience with handling Big Data but Hari Seldon in Isaac Asimov's ‘Foundation’ (trilogy & prequels) was tasked with the analysis of galaxies of data in order to predict meaningful historic trends. Hari's output had to be much more accurate than the figures I have heard quoted, e.g., 55 percent in one direction is considered a trend. Statistically we should be talking about a confidence rating in the 90-95 percent range to bet the farm on it!”

Most of the top organizations worldwide understand that enhanced internal capabilities to collect, store, access, and analyze these exponentially large, complex datasets, increasingly known as Big Data, are crucial to enterprise growth and security. However, executive leaders need to allocate greater investments to Big Data capabilities in order to fully realize the value potential.

"Organizations have significant hurdles to overcome in order to capture the value potential of Big Data. These hurdles span the continuum of investment capacity, skill availability, legacy infrastructure, and operating models,” says Bill Pieroni, chief operating officer of Marsh Inc., one of the world's leading insurance brokers and risk advisors. “However, organizations that are able to effectively leverage data and insights to drive differentiated value propositions and outcomes will dominate their industries. Ultimately, these organizations will be industry leaders rather than just industry participants.”

While Pieroni is speaking in a larger business context, leveraging Big Data for the purpose of mitigating risk and creating sound security strategies follows much the same course. Being able to differentiate the value proposition of incoming data to analyze trends, predict outcomes and formulate appropriate policy and procedure has to be the residue of constructive information.

“Analysis is important as a part of the management of all security risks. So, I do believe Big Data has the capability now to add deeper analysis, but I am confused by the lack of understanding about what we are analyzing -- and why,” adds Jeff Spivey, CRISC, CPP, an information risk management expert from Charlotte. “Big Data will begin to answer questions we have not asked yet, but we need to better understand what this innovation can do that we could not do previously and how can we use it to change the world of security. Our world is changing at light speed and we are using old models of context to address new problems. Big Data will start to give us new answers and we need to be ready with an open mind to be innovative to look for new ways to achieve security.”

Ken Cummins, PSP, CPP. chief security officer of the Central Puget Sound Regional Transit Authority understands that more data doesn’t necessarily translate into good data. He cautions that the development of a risk picture has its own inherent risk.

“I’m oversimplifying here, but the collection of ‘everything’, coupled with the ability to measure and compare ‘everything’ against ‘anything’, runs the risk of paralysis through analysis. Overtime, organizations will demand a higher degree of accuracy in their risk picture with less tolerance for assumptions – beyond the reasonable due diligence and analysis by today’s standard. The increased accuracy and the resulting narrow focus will make organizations more, not less, susceptible to Nassim Taleb’s ‘Black Swans’, warns Cummins. “Big Data is not without merit either. Well-defined data mining processes can feed into specific core metrics providing additional analytical capabilities to the organization’s risk picture as the actual operating environment or planning scenarios change.”

Ty Richmond, senior vice president of global security at Sony Pictures Entertainment also knows a lot of the burden will be on the shoulders of his peers. "Big Data needs an end user who can understand and apply analysis and then use problem solving and decision making to address the findings in the data. Time and time again we push information around without having a clear picture on what we are trying to understand and improve; and even worse, the ability to implement a plan that will demonstrate the value of investments in Big Data."

Terry Gold is an analyst and founder of iDanalyst, a vendor-neutral research and advisory firm that provides information on strategy, best practices, methodology, and analysis for security, identity and privacy. He insists that security professionals are still trying to wrap their heads around the concept of Big Data as it relates to security. Gold contends that its definition is so all-encompassing that it blurs the true nature of its applications.

“Just how big is big data? One could argue that there has always been big data. But now much more information is being collected, with organization struggling with storing it and making conscious efforts to better manage it. Hence, there is much more awareness of Big Data,” says Gold, adding that the complexities of how data will be managed and not just stored will depend on a strong working relationship between end users and vendors offering solutions. “So, it is in fact buzz, but is also very real and not going away. We will likely see Big Data ‘2.0’ instead of it just passing. Big Data requires multiple disciplines to manage, from technical IT, policy, legal, security, privacy, and others. This is why it is multi-faceted, confusing, dynamic, and ultimately, very interesting."

Gold also points out that physical access does not have anywhere near the data load capacity as information security. However, he says as the two merge - at least from an infrastructure standpoint, with physical security transforming from separate legacy systems to servers, Ethernet, digital storage of video, PSIM and event aggregation – a clearer picture on creating true analytics will come into focus.

But Shahar Ze'evi, a senior product manager with Tyco Security Products thinks the security industry has already reached that tipping point. He concludes that we should no longer be debating the whys and ifs of Big Data, rather the how.

“The key for Big Data is the ability to convert all this data to usable, actionable information that can be measured and acted upon. An important usability factor is the ability to implement ‘thresholds’ to scrutinize new information and deems it usable,” he says. “Storing days, weeks and even month of security activity is an eventual Big Data issue as the user seeks to convert this data to information. The key is to convert the data and reduce it to actionable information and provide the ability to then manipulate incoming data to provide better analytics. The ability to adapt useable data and create actionable metrics will be the pillars for its success.”

Jeffrey A. Slotnick‏, CPP, PSP, who is president of Setracon Inc., points out that it is not the unwieldiness of the data as much as it is the lack of savvy among security end user to properly organize and analyze this information that causes confusion. While he admits that traditional Big Data applications for business can be large and complex, and perhaps even more difficult to process using legacy database management methods, he believes security is different.

“It is my experience that security professionals do a great job of speaking ‘security’, which may have been great years ago when our primary focus was ‘guards, gates and guns’. Today, we live in a different world of converged and integrated data systems. Additionally, security professionals are challenged to speak the language of business which is spoken by all other aspects of the enterprise.

"As we keep the business case in mind when we address data and data analytics, we should be asking ourselves the following; how do we drive the value proposition for the security function in a business centric environment? In order to answer the previous question we should respond to the following; how do you measure your performance (value)? What are the core processes that drive performance, and what constraints do you have in getting to a common operating picture that ensures proper communication and a coordinated response?”

Slotnick realizes Big Data represents realistic solutions for the security industry, if and only if, users are able to leverage incoming and stored data.

“In my opinion, data presents many issues for us. But the challenge remains that all mission critical enterprise functions, public or private, should deliver the right information, at the right time, within the right context, to create value and mitigate risk,” Slotnick concludes. “The areas of risk management and security are no different. This leads to the real purpose of data, which is the collection, analysis, verification and resolution of data which leads to improved communications, process management, data visualization, collaboration, and monitoring. We have to be able to manage the data waterfall otherwise it is just useless disparate information.”

Ty Richmond takes the security element a step further. He feels that from a pure security operations standpoint, a security operations center (SOC) can become a potential fusion hub that feeds a constant stream of information and intelligence related to access control/video technology; global risk intelligence; emergency workflow for crisis management, business continuity, facility safety; and traveler monitoring/security.

“Those are only a few of the operational pillars of big data that can drive the need for actionable knowledge. Add cybersecurity and the maturity of the information/intelligence flow in that arena and it would appear to me that Big Data is far from being over-hyped,” Richmond says. “Big Data is upon us and will continue to grow and become more complicated. We as a profession needs to acquire the skill sets and tools to monitor, collect, analyze and drive security and risk mitigation programs, processes and initiatives. The leaders who learn and adapt to this will be more successful over time.”