Australian businesses are drowning in a deluge of cyber security data, causing genuine threats to get lost in a sea of false positives, a top executive at multibillion-dollar business intelligence, analytics and data management firm SAS has warned.
In Melbourne last week to visit Australian clients, SAS cyber security vice-president Stewart Bradley said his company had joined the pantheon of vendors selling security services, as it believed greater use of analytics was required to analyse the unfathomable amount of threat data being generated.
“Organisations have largely tackled the security challenge through many different solutions that solve only small fractions of the problems they face,” Mr Bradley said.
“They have created a patchwork quilt of solutions … now they’re trying to get a better understanding of where their greatest risks are, and need a holistic view.”
Mr Bradley has spearheaded the growth of SAS’ cyber security division since it launched its first cyber security software suite in November last year.
SAS is one of the world’s largest private software firms and dedicates about a quarter of its $4.1 billion of revenue to research and development. It is poised to start offering its cyber security technology in Australia for the first time at the end of the year.
Its technology works by analysing how a machine should behave, thereby more accurately detecting significant security threats, even when the attack uses new security flaws or methods.
SAS will be targeting its Australian financial services clients, including the big banks, which already use SAS’ fraud detection software.
Mr Bradley said that in the past five years the threat to banks had transformed from one where individuals’ accounts were being fraudulently taken over, to mass compromises of user information and the sale of that on the dark web.
“The ecosystem of fraud and cyber has converged over the last five years. Now we’re seeing cyber events … where the ultimate monetisation of the breach is fraud,” he said.
“One of the biggest issues is that the environment is changing so rapidly from an attack perspective. All organisations are struggling to keep up … and the proliferation of bring-your-own-devices and the internet of things is eliminating the perimeter that was around organisations.”
Already the big four banks are said to be spending up to $100 million on cyber security measures each year and late last year Commonwealth Bank of Australia director Harrison Young said there was “approximately no chance that banks or even armies could keep hackers out of their systems”.
Mr Bradley said businesses would always be behind the cyber criminals, but by changing the approach to detecting cyber criminals to one that was less reliant on humans and more driven by computer analytics, it was possible to minimise their head start.
“We’ll always be in a situation where we’re trying to keep up with the cyber criminals. That’s the reality of the game we’re playing,” he said.
“Historically the protection of an organisation’s corporate assets has been focused on building a thicker and wider moat, but that’s no longer valid with the connectedness we have through the internet of things. It is shifting what organisations are doing from protection, to detection and response.”
The cyber security sector has become a hot spot for investors in recent times, leading to the creation of numerous players in the space.
Mr Bradley said that in 2015 more than 125 new cyber security vendors entered the market, and he tipped a consolidation of the sector.
“When the older players in the market are developing enterprise security platforms that allow integration across an organisation’s ecosystem, that’s what will drive vendor consolidation,” he said.
“Our role is to be the analytics fabric that can support the integrated security platforms to be able to make sense of the data that is being shared.”
By: Yolanda Redrup
Brisbane Hosting & Website Hosting’s products and services include Website Hosting, Domain Names, DNS Services, Website Development, Website Design, Website Revamps, Website Maintenance, Social Media Campaigns and more.