Strap yourself into your seat for the big data security analytics show, for it’s coming to a town near you. Carnival barkers from every walk of life will want you to come into their tents to see the latest and greatest show on earth: the big data security analytics show.
You will want to understand why using evolution charts, Venn diagrams, Pareto charts, and Pivot tables can or will help. You’ll want to see what association rules, clustering, decision trees, and forecasting can do for you. And you will want to understand the difference between analysis and knowledge, as it’s applied to security.
You will also want to make the distinction between whether you have to hire a data scientist or not and whether this will solve your immediate problems. You will also want to consider which approaches you could take that will produce the most value in the short, medium, and long term for your company and career.
To be useful, security analytics must take the large volume of data that can be collected and take three actions with the data, as follows:
- Reduce voluminous data and identify the pattern that matters,
- Use the information to enable a timely and appropriate in-situ response, and,
- Use the data to make adjustments – after the fact.
Mocana began as a technology provider of embedded systems security in 2004. Over the years Mocana has broadened its scope and identified two potential markets to address: one, the need to protect mobile devices and, two, to protect apps and the data on them. Mocana launched its Mobile Application Protection platform in 2011 with support for Android apps, and added iOS app support in 2012.
In 2012 Mocana raised $25 million in Series D funding, bringing total investment to $47 million, to expand its opportunity around its Mobile App Protection software. Trident Capital led the round, joined by existing investors Intel Capital, Shasta Ventures, Southern Cross Venture Partners and Symantec.
Mocana’s nearly two-year partnership with SAP, launched in May 2013, has taken a back seat to SAP’s single-minded focus on promoting its HANA platform. However, over the past twenty months, Mocana Atlas has emerged as a leading platform for delivering secure, high-productivity mobile integration with SAP solutions.
Mocana recently commissioned a research study designed to validate its economic benefit and now stakes a claim to user productivity improvements leading to improved application time to market and and cost savings resulting from that.
According to Ranjeet Vidwans, vice president of marketing at Continue reading
Privacy – or the lack of it – is a fact of life on the Internet today. Between big banks, healthcare, and insurance companies being infiltrated, and national governments getting into the act with rumors of proxies and direct involvement, the stakes and consequences involving identity data are becoming higher. Whether the raw data of identity is being harvested by mobile telecommunication operators, big Internet search and online advertising companies, large online ecommerce houses, via shadowy browser fingerprinting, or by stealth from government agencies and cyber-criminals, identity is big business – valued in excess of hundreds of billions annually – and will likely remain this way.
With almost 7.3 billion people on the earth today, only 32.7 bits of information about someone is required to uniquely identify a single person living on the earth. It does not take much information about someone to get close to 33 bits of information: it can be assembled from small pieces of data about people. If you assemble and add enough small bit of information to someone’s bit-profile, you can quickly approach the one in 7.3 billion chance of uniquely identifying a person by rapidly aggregating 33 bits about a person. And, although not able to uniquely identify a person by itself, when surreptitious browser fingerprinting and geo-location are mated to an email address, a Facebook account, a Google+ account, etc., the combination makes it possible to uniquely identify almost anyone. Continue reading
Adoption of Cloud-based solutions is expanding across enterprises and across business departments within enterprises. Saugatuck’s on-going surveys and discussions with IT executives indicate that significant expansion of Cloud usage will continue over the next two years. However, as experience grows, IT management teams are learning the “realities” of Cloud IT. In a recently published Strategic Perspective, Saugatuck reviews four reality areas discussed by an expert panel and audience of IT executives at Saugatuck’s recent Cloud Business Summit (CBS2014) conference in New York City. The four reality areas are characterized by the following questions posed to initiate the panel discussions: Continue reading
As we close out every year, especially in periods of rapid and accelerating change, looking back to interesting and compelling events becomes a de rigueur part of blogging and analysis.
One of the more digital business interesting developments affecting enterprise CIOs in recent weeks was Twitter’s late October announcement of its “Fabric” software development platform for mobile apps. Fabric enables Twitter to create its own new digital business, while enabling enterprises and IT services providers to do the same. Since the announcement, I’ve researched it in more detail, spoken with a handful of experienced developers, and played a bit with the thing myself.
Here’s a year-end update on what Fabric is, how it can enable and challenge enterprise Marketing and other aspects of Digital Business, and how it in turn changes and challenges the role(s) of the enterprise CIO.
Fabric is a free extension with three SDKs that can be added to existing iOS and Android development environments. It enables very simple and straightforward, with drop-down menus for adding Twitter functions, analytics, and ads to applications. Developers select Continue reading
Security is a “hot topic.” The news coverage for security is unrelenting with Edward Snowden, JP Morgan Chase, Russian state agents, Chinese army militias, NSA, Target, Home Depot, Chip and Pin, OpenSSL, and Regin among some of the many stories capturing headlines and the imagination of people around the world.
News coverage continues to veer from one extreme to another, from utilities being invaded by state-sponsored hackers, to simplistic software coding mistakes not uncovered for years, to websites targeting mobile phones, and to stealthy cyberwar-craft malware lying at the ready for its owners to call. Continue reading
Public Cloud providers, such as Amazon Web Services (AWS) and Google, promote their offerings as the best choices for most IT situations. Given the broad and sometimes contradictory messages ranging across the spectrum of Cloud offerings from Private to Public to Hybrid, it is not surprising that selection can be challenging. In a recently published Strategic Perspective, Saugatuck offers guidance to any Enterprise IT organization considering a Public Cloud offering.
Saugatuck characterizes Public Cloud benefits in the following areas: Continue reading
What is Happening?
Spending on security is always a low priority. After all, it’s not visible and when nothing’s occurring it’s easy to assume the budget for security can be reduced. Until after it becomes visible when something goes awry. And when things go wrong, spending on security escalates in response to everything hitting the proverbial wall.
The research shows average spend on security is a pitifully low, less than one-quarter of one percent of revenue or operating budget. Although sending is low, the risks are high, as much as 14 percent of revenue with a 1-in-20 to 1-in-40 chance (or better) of being struck by cyber-crime or cyber-espionage.
These are some of the key findings found in a new 16-page Saugatuck Strategic Report (SSR) published earlier today entitled “Cyber Risk and Spend on Security: How Do You Compare?” The research summarizes our insight and recommendations regarding: Continue reading
As a result of ongoing discussions with IT managers and providers, Saugatuck has identified the increasing popularity of Private Clouds particularly among large enterprise IT organizations. In a recently published Strategic Perspective, Saugatuck offers guidance to any Enterprise IT organization considering a Private Cloud. Assessments are provided for areas of comparison between Private Clouds and infrastructure virtualization.
Saugatuck characterizes two basic factors to that make Private Cloud attractive to typical enterprise IT organizations: Continue reading
What is Happening?
The recent leak of 7 million Dropbox passwords has raised the inevitable blog posts and questions regarding Cloud security. It’s another round of questions including “Can the Cloud be secured?” and “Will advances in security technology protect our data?”
Saugatuck’s take, with apologies to the classic science fiction film “Soylent Green,” is this: ”Cloud security is people!”
While technologically, Cloud-based resources remain more secure than most enterprise data centers, the widespread, boundary-free utilization of Cloud-provided IT and business resources increases the likelihood of human error because it removes traditional boundaries in IT and business. Initiatives such as Cisco’s Intercloud, and similar Cloud aggregation / integration efforts by HP, IBM, Microsoft and others, extend the range and scope of not only Clouds and everything linked to them, but of the number and type of people using, managing, and connecting through them.
When more resources are used by more entities, some of which may be unknown, more of which are removed from any centralized or fixed environment, and many of which are used sometimes in new and innovative ways, the potential risk for security failures increases dramatically because human involvement increases. Technology won’t save us when the people using and managing the technology fail to use and manage it correctly. Continue reading