Big data analytics tools and distributed databases may offer a lot of potential to change the way security monitoring and investigation is done. But these innovative ways of concentrating security data stores and accelerating analysis bring with them some unwanted baggage.
Not only are these tools and services harder to bake into processes than vendors market them, but they’re also introducing a lot of risk to security organizations that use them uncritically, warned security researcher H.D. Moore, chief research officer at Rapid7, at the UNITED Security Conference earlier this week in Boston.
According to Moore, big data holds the potential to “start changing the mathematics for both attackers and defenders.” However, organizations beware, because there are some pretty inconvenient truths about big data that Moore laid out in his conference session at the show.