Big Data Intelligence Driven Security at RSAC

A constant theme from this year’s RSA Conference Europe, is the idea of security intelligence collaboration, namely the capture, sharing and data mining of “Big Data’, to detect and prevent security incidents and attacks, but will it ever take off?

The concept of gathering and using big data is nothing new, from Google to your supermarket loyalty card; big data mining has been very successfully used commercially for at least a decade, not to mention the alleged big data mining said to be conducted by the NSA.

This collaborative led intelligence approach has potential and I believe it could be effective if conceived and built smartly, however I fear the issue will be with the data sharing. Most of the existing big data models in use are covert, and organisations aren’t collaborating, so they do not share their big data analytics. This is a fairly obvious approach, as the whole idea of mining big data in their case is for commercial advantage and gain. So I imagine there aren’t many examples of big data collating and sharing models for the security sector to build a system upon.

Who are we going to trust to manage the security big data? A vendor, a government department? Who has access to the data? Can that body use the data for their own commercial gain?  Trust is a huge real issue in building any security big data model.

Within Europe the potential of sharing any personal data under a security umbrella cause will be highly unpalatable, especially to an EU parliament seemly bent on an online privacy revolution. Then there is a growing number of EU citizens, who in the backwash of the Snowden and Wikileaks, are increasingly becoming apathetic about what they are seeing as an Owellenian big brother online society. We’ll see what plays out, as usual this is my two (euro) cents.