Security Analytics Pitfalls: Customisation vs. Off-the-Shelf

Share with your network!

Security analytics can be a valuable source of innovation, but before results can be realised, there are key commitments and costs to consider.

Organisations around the world and in every industry are facing daunting information security challenges today, and many are starting to leverage big data analytics to help detect and stop attacks before they become major problems.

While the effective use of advanced analytics can certainly help companies bolster their security posture, they first need to understand and address the key challenges involved in using analytics as a security tool.

Big data’s value—and challenges

Analysing huge volumes of security data can be enticing to many organisations, and with good reason. Big data and analytics can provide an effective way to identify the latest and most sophisticated attacks.

By leveraging the latest analytical tools, enterprises can detect patterns that indicate malicious or questionable activities on the network or within individual systems.

But the use of these resources comes with two main challenges, and companies need to deal with these as they evaluate making an investment in predictive analytics for cyber security. It is vital for organisations to anticipate the depth of resources they will need to meet their expectations for big data security analytics.

Hidden complexities and costs

The first challenge involves the hidden complexities and costs of security analytics software. New security analytics solutions are often marketed as magical security tools that will provide managers with immediate insights to boost their organisation’s security posture. In this case, the promise and reality are separated by a chasm of integration, tuning, highly specialised skillset, and other costly steps.

Security analytics pitfalls, quick patch or long term solution

In fact, a number of prerequisites must first be fulfilled. These include appointing one or two “champions” dedicated to installing and operating the solution in your environment; connecting each relevant data source; building rules and filters to reduce noise and increase the signal of threats relevant to your business; and hiring a data scientist to organise and manage the data inflows, structure and presentation of findings.

Many organisations might lack the infrastructure or volume of data needed to derive the insight showcased during the initial security analytics sales pitch.

Shortage of skills

The second key challenge is the skilled security staffing shortage. Research by Enterprise Strategy Group has shown that 25% of all organisations surveyed say they have “problematic shortage” of information security skills at their organisations.

Not only is there already a skills shortage to deal with the tools, technologies and threats of today, but the shortage can be far worse for industries and organisations that do not have sufficient budgets to pay top dollar for talent.

The shortage of available talent is particularly concerning when you consider the use of new security technologies such as security analytics. There’s a good chance many companies won’t be able to hire enough skilled people to properly implement or use these new technologies.

Steps to take

Fortunately, there are a number of steps organisations can take to address both of these challenges as they prepare to invest in security analytics software solutions.

The steps are highlighted in a Proofpoint white paper, which describes why security teams need to understand the potential pitfalls of jumping into security analytics solutions without adequate preparation.

Learn More