Blog | 24By7Security

The value of data analytics in the future of cybersecurity

Written by Gail Blount | March, 2 2021

The Value of Data Analytics In The Future of Cybersecurity

We live and work in the Information Age, sometimes called the Digital or Computer Age. With the Information Revolution of the 1960s and 70s, our society transitioned from the Industrial Era, in which machines enabled mass-scale manufacturing of goods, to the Information Age, in which computers enabled mass-scale processing of data. We moved from a production economy to a service economy.

The Information Age has been characterized by our collection, storage, retrieval, transmission, sharing, analysis, and use of data on an increasingly grand scale. In many industries and organizations, we are now dealing with enormous masses of data, known as “big data.”

 

Data Analytics Overview

In the Information Age, data is a primary resource and invaluable asset to businesses of all types and sizes.

Information is power, and decisions large and small are based on information. More specifically, they are based on the analysis of information, which helps businesses make decisions more scientifically. This is often referred to as data-driven decision-making.

Data analytics is the science of analyzing massive volumes of raw data in order to enable sound conclusions to be drawn from that information.

Most data analytics techniques integrate machine learning algorithms and automation that can manipulate and model masses of raw data and transform it for human understanding. Not surprisingly, artificial intelligence is finding growing popularity in the realm of big data analytics.

Data analytics techniques can reveal trends, patterns, and metrics that would otherwise be hidden in infinite forests of information. These insights can then be used to benefit businesses in many ways.

 

Benefits to Business

Among the benefits for businesses who employ data analytics techniques are better decisions, business improvements, reduced costs, and competitive advantages.

In addition to more scientific decision-making, data analytics can enable more effective marketing, more responsive customer service, and more efficient operations across an organization. All of these benefits can translate to reduced costs for businesses.

Data analytics can be applied to any type of information in order to reveal insights that can be used to improve a process, system, machine, product, or service. The use of data analytics can provide a competitive edge for businesses who employ these techniques.

 

Four Types of Data Analytics

Data analytics can be classified by four primary purposes, as outlined below. These categories also represent the sequence in which most organizations adopt the analytic techniques as they seek to discover keener insights and obtain greater value from their data.

  1. Descriptive analytics help to interpret historical data in order to understand the changes that have occurred in a business in a specified period of time. They look at past performance to discover successes and failures in order to understand that performance. They answer the question “What happened?”
  2. Diagnostic analytics reduce unintentional bias in data analysis and the tendency to misinterpret correlation as causation, or to think that X caused Y, when in reality X and Y are merely related. Diagnostic analytics help uncover the reasons behind the results, and answer the question “Why did this happen?”
  3. Predictive analytics aid in making predictions about the future based on existing data, such as what a consumer can be expected to do in a specific situation, based on what they have done in similar situations in the past. They may also integrate demographic and other customer data as they work to answer the question “What is most likely to happen?”
  4. Prescriptive analytics are the most advanced technique and are used to identify and prescribe the best course of action in a given scenario based on the available data. In being prescriptive they can be most valuable to an organization, as they answer the question “What should we do?”

Practical Uses of Data Analytics

Data analytics are used by businesses in a wide range of industries for a wide variety of purposes. Below are just a handful of practical uses, based on real-life examples.

  • Financial Services. Many financial institutions offer services like banking, investing, and payment processing through the use of application software. This enables them to process massive volumes of financial transactions quickly and efficiently. But they also need a scientific way to detect fraudulent transactions and prevent them from being processed. They use data analytics to model all valid transactions, enabling them to easily spot anomalous, potentially fraudulent ones and remove them from the processing stream. By preventing fraud, they are able to reduce their risk and avoid unnecessary costs.
  • Clothing stores present previous website visitors with clothing options they are most likely to find attractive. Bookstores display book titles that are most likely to be of interest to a particular consumer. An energy company offers recommendations that match customers to new energy products or services. In these three cases and countless similar ones, data analytics drives the offers most likely to appeal.
  • Many airlines (as well as rental car agencies and hotels) use dynamic pricing algorithms to display their rates, which vary based on changes in supply, demand, competitor pricing, even expected weather or time factors. Their objective is to maximize expected revenue from each individual customer by realistically estimating the top price each is willing to pay for a specific flight. If you’ve ever researched flights on an airline website and noticed that the price of the same flight increased while you were on the site, you have seen this technique in action.
  • Universities use data analytics to combine data from transcripts, standardized test scores, demographics, and other facts about students to identify those who may be at risk of dropping out. The analytics provide a graduation risk score, which the universities use to identify at-risk students more quickly and accurately so they can reach out to those students and proactively guide them toward graduation.

Data analytics have their place in the field of cybersecurity and information security as well. They hold exciting promise as drivers of improvements in securing data and thwarting cyberattacks.

 

Sources of Cybersecurity Data

In most organizations, volumes of data are available related to cybersecurity, cyberthreats, and cyberattacks. The larger the organization, the greater the amount of available data. However, even smaller businesses collect this type of data in their firewalls and basic security systems.

Any company employing electronic safeguards is able to collect masses of raw data about attempts to breach their defenses by various unauthorized sources. Firewalls, intrusion detection and prevention devices, identity access systems, and similar tools gather data continuously, from log files to packet inspections data to access records and more.

End-user software installed on PCs and laptops, such as ad blocker, privacy, and security software, also gathers data.

In addition, security risk assessments use vulnerability and penetration testing and network scans to collect raw data regarding system weaknesses and intrusion attempts at various points on the attack surface. Web application testing, for example, may be used to identify threats that can affect the continuous availability of vital applications, jeopardizing data as well as user access.

Over several decades, tools have evolved that make it easier to analyze the meaning of security-related data. However, the sheer volume of data being collected by IT hardware and software is overwhelming.

In fact, the volumes are so enormous that often there is no effective way to separate noteworthy events from background noise. It’s become increasingly easy for cybersecurity professionals, suffering from alert overload, to overlook events they’ve been alerted to or to improperly prioritize events requiring attention.

Fortunately, the use of data analytics in cybersecurity is beginning to help make sense of all the noise—taking the analysis of huge volumes of data to new levels and bringing enormous value to the results.

 

Use of Data Analytics in Cybersecurity

Now that we understand the types of data analytics and their purposes, and how cybersecurity data is collected, it’s exciting to consider some of the applications for cybersecurity. While we are in the early stages of leveraging data analytics techniques to improve cybersecurity, the potential is significant and extremely promising.

Following are a few ways we can imagine data analytics being able to help IT teams strengthen cybersecurity in their organizations and ultimately reduce, or even prevent, cyberattacks and data breaches.

Fine-Tuning Intrusion Detection. Data analytics can be applied to analyze historical data and current data, such as the cybersecurity data collected above. This may also include information gathered during forensic investigations of data breaches. Running this data through machine learning algorithms can yield predictions, based on facts, that can anticipate worms, viruses, malware and other cyberattacks. These predictions can be leveraged to fine-tune a company’s intrusion detection and prevention system, which helps to strengthen their overall cybersecurity posture.

Correlating Disparate Information. Data analytics can be used to analyze millions of threat types, bad actors, and attack vectors against the security controls a business has in place in order to reveal weak or missing controls. One of the most compelling features of data analytics is the ability to correlate enormous volumes of information from multiple sources—which has been a show-stopping challenge for current systems and conventional programs.

Discovering Breaches Faster. Data analytics can be used to discover data breaches in close to real time, which is vitally important in containing damages. In 2018, for example, companies took an average of 196 days to realize that a data breach had occurred, and another 69 days to mitigate the incident. In numerous documented cases, hackers have installed malware and viruses that have resided in company networks undetected for months, and even years, stealing or manipulating data at will.

Monitoring Workflows. Data analytics can also be used by organizations to monitor and automate workflows that rely heavily on the intervention of multiple human beings. Employees are the weakest link in the security chain—but can be removed from many data touchpoints when workflows are automated. And as those automated workflows are monitored, data can be quickly analyzed to identify insider improprieties that may jeopardize information security.

Leveraging Real Experiences. With data analytics, real-life examples of previous attacks and breaches, and how the company responded to them, can be extracted from historical data. The ability to effectively review and understand factual experiences provides IT teams with clear views of the information security environment. In doing so, it enables organizations to improve their cybersecurity based on facts, rather than on assumptions.  

Protecting Data More Effectively. Security measures and protocols have continued to evolve in response to emerging threats. The widespread use of two-factor authentication, encryption, complex passwords, and countless other safeguards have helped thwart intrusion attempts. By leveraging advanced machine learning algorithms, data analytics can effectively reinforce these traditional measures and render them even more effective. It can also lead to advances in the tools themselves.

 

Summary

Data analytics are currently used by a number of organizations across industries. They enable businesses to make more objective, scientific decisions and reduce their reliance on strategic assumptions based on limited available facts. Descriptive, diagnostic, predictive, and prescriptive data analytics are useful in answering the central decision-making questions of what happened, why it happened, what is likely to happen next, and what can be done.

Among the benefits to business are the ability to make better decisions, improve business functions, reduce costs, and gain competitive advantages.

While just beginning to gain traction in the field of cybersecurity, data analytics holds great promise in spurring advances in cybersecurity tools and enabling IT teams to strengthen cybersecurity in their organizations. Ultimately, the use of data analytics techniques in cybersecurity will enable businesses to reduce, and even prevent, costly cyberattacks and data breaches.