Improper analysis and storage of big data is making businesses around the world more vulnerable to security threats, according to a study released earlier this week by McAfee.
Of the 500 senior IT decision makers that McAfee surveyed in the “Needle in a Haystack” report, 35 percent said that they are able to detect data breaches quickly. More than 22 percent said they would be able to identify a breach in a day, while 5 percent said that the process could take up to a week for their organization. For the average firm, it takes closer to 10 hours for a security breach to be recognized.
“If you’re in a fight, you need to know that while it’s happening, not after the fact,” Mike Fey, executive vice president and worldwide chief technology officer, McAfee said in a statement. “This study has shown what we’ve long suspected — that far too few organizations have real-time access to the simple question ‘am I being breached?’ Only by knowing this, can you stop it from happening.”
Three quarters of respondents reported to be able to access their security status in real-time, and most feel able to identify in real-time insider threats, perimeter threats, zero day malware and compliance controls. Still, of the 58 percent of organizations that said they had suffered a security breach in the last year, only 24 percent were able to recognize it in minutes. Only 14 percent could detect the source of the breach within minutes, while 33 percent said it took a day and for 16 percent, a week.
The findings in this particular report align with its recent Data Breach Investigations report, which found 63 percent of security incidents took weeks or months to be discovered. The data was taken from these organizations within seconds or minutes in 46 percent of the cases.
Average organizations are storing approximately 11-15 terabytes of security data week, a figure that Gartner expects to double annually through 2015. Despite the volume of data being produced and stored on a weekly basis, 58 percent of firms said they only store it for less than three months, which negates “many of the advantages of storing it in the first place,” McAfee says. Enterprises spend a lot of money on data storage, too; according to a recent NaviSite report, enterprises dedicate 25 percent of total IT budgets to storing data.
McAfee concludes that businesses must properly be able to analyze, store and manage big security data by moving from traditional data management architectures to systems purpose-built for handling security data management with APIs.
Organizations should be able to identify threats in real-time and be able to detect long-term trends and patterns, McAfee says. Detecting threats in real-time can be done in a number of ways and through different providers. Web hosts can also offer real-time data backup or disaster recovery as a service, as Latisys and The Host Group have done in recent months.