The evolution of (security) data: new governance and technology models
23/05/2018 13:20 - 13:40
The demand for security event data across the enterprise is evolving.
The Security Team is no longer the only consumer. Risk Functions, Internal Audit, Network Analytics, Digital Forensics, Marketing and even External Auditors are regularly digesting security event data.
These new array of stakeholders consistently request similar data from the same sources but for different purposes: SOX, NERC CIP, ISO or PCI compliance, SIEM correlation, User Behavior Analytics (for Marketing or Security reasons), proactive Fraud detection, system performance monitoring, risk quantification, etc.
Data sources are increasing in volume too, particularly with IoT devices coming into the frame. The coexistence of structured and unstructured data is an ongoing issue for many enterprises.
At the same time, from a technology view point, we see traditional Security Incident and Event Management (SIEM) vendors having to reinvent themselves to compete with next generation solutions; Big Data platforms are applied to security; niche players focused solely on User and Entity Behavior Analytics (UEBA) as a service; or eDiscovery tools applied to other use cases.