Data Deluge - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Data Deluge

Security systems generate an overload of information. New tools help manage it all more effectively.

It isn't good news when Mike Engle's pager goes off in the middle of the night. Not long ago, the 2 a.m. warnings didn't necessarily signal bad news, either--and that was a problem. All too often, the VP of information security at Lehman Brothers Holdings Inc. would rise, bleary-eyed, ready to confront an attack that never existed. He'd discover the alarm was a false positive only after combing through a myriad of firewall and intrusion-detection system logs.

Determined to defend their networks from hackers, cybercriminals, disgruntled employees, or the next sophisticated "blended threat," security pros such as Engle have taken to heart the Boy Scout motto of always being prepared. They've locked down their networks by installing antivirus software, firewalls, and intrusion-detection and content-filtering systems. Those efforts have become even more important as businesses ratchet up their defenses against the threat of cyberterrorism.

But companies are finding they've exchanged one problem for a new one. They've gone from not having enough information about potential problems to having too much, from too many sources. "The amount of data we're collecting is huge," Engle says. "This is a huge challenge." The next generation of tools to manage security, due in coming weeks from market-leading security vendors Computer Associates, Internet Security Systems, and Symantec, aims to help companies better deal with the slew of information their security systems generate.

Security-event management systems from more than a dozen small vendors already help some companies tackle these problems, collecting data from agents or log files and sending it to a central database. The systems analyze and correlate the millions of lines of data that security systems generate each day and bring confirmed problems to the fore in near real time via a central console.

The promise of CA's eTrust Security Command Center, ISS's enhanced RealSecure Site Protector, and Symantec's Security Management System is that business-technology executives will have access not only to this intelligence, but also to tools that defend against attacks, all from a single console. The centralized control and efficiency of such systems may increase the chances of averting a potentially costly breach.

"There's a tremendous need for companies to be able to get meaning out of security events occurring throughout their organizations in real time," says Russ Artzt, who heads up the eTrust unit at CA. Businesses lose $6.6 million on average each time proprietary information is stolen (including costs of research and development and branding), and anywhere from $1,000 to $9 million per virus attack, according to the 2002 Computer Security Institute/FBI Computer Crime and Security Survey.

Chris Leach -- photo by Jim Callaway

Security-event managers help companies get a near-real-time view of how well-protected--or threatened--they are, says Bank One chief technology officer Leach.
With 1,800 U.S. branches and activities in about a dozen countries, Bank One Corp. doesn't want to risk its IT systems falling prey to security breaches, including events such as a Nimdalike blended threat--a combination worm/ virus that infects a system from multiple points. The bank is assessing Symantec's Security Management System. One hope is that if a threat is observed in one part of the world where Bank One has operations, information about it will be quickly fed back to Symantec's central console, allowing the company to take immediate action to protect its other operations before the worm can strike those locations.

Without a security-event management tool, it's impossible to get a near-real-time view of how well-protected--or threatened--a company is from an attack, says Chris Leach, Bank One's chief technology officer. "It's an enormous effort to analyze firewall, intrusion-detection systems, and antivirus logs just to get a view of your situation," he says. With the new software, Bank One can assess how to respond quickly and know what's happening at a particular time. The labor-savings potential is huge, says Leach, who hopes the system will eliminate the need to pay separate administrators to monitor firewalls, intrusion-detection systems, and antivirus software.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 3
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
IT Careers: Top 10 US Cities for Tech Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/14/2020
Predictions for Cloud Computing in 2020
James Kobielus, Research Director, Futurum,  1/9/2020
What's Next: AI and Data Trends for 2020 and Beyond
Jessica Davis, Senior Editor, Enterprise Apps,  12/30/2019
Register for InformationWeek Newsletters
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll