For security analytics, collect and analyze everything
In a recent Enterprise Strategy Group (ESG) survey, technology professionals were asked to identify the most important data for use in malware detection and analysis. According to ESG Senior Analyst Jon Oltsik, 42% of security professionals said firewall logs, 28% said IDS/IPS alerts and 27% said PC/laptop forensic data. IP packet capture and server logs also made the list. While Oltsik says he understands the historical perspective of their answers, he believes this is the wrong way to approach security analytics. His approach? Collect and analyze everything. With the advent of mobility and the cloud, firewalls don't have the capabilities to control things that are not in a set physical location. Oltsik says you don't need to worry about storing all of the data, but you should be scanning all of it.
What CISOs look for when debating security budgets
Making the case for an increased security budget is a perennial problem, says Paula Musich, a Current Analysis senior analyst. Although research by PricewaterhouseCoopers Global Information Security—which surveyed 9,600 executives-- shows a 51% increase in security budgets, it is still important to communicate the need for more funding. Musich says that creativity is key. When it comes to presenting your case for a budget increase, Musich suggests hiring a professional graphic design team to display important metrics in a way that is easy for senior executives to understand. Using red, yellow and green colors, to show security risk levels, is also effective. Using headlines to illustrate stories about big breaches, a chart reflecting the previous year's spend and stats measuring compliance and benchmarking against peers are also suggestions that Musich says will help get CISOs' attention.
Working for a Big Four accounting company
Virtualized Geek blogger Keith Townsend writes that IT pros who want to exploit their knowledge of technology might want to entertain the notion of working for a Big Four accounting firm. The Big Four: PriceWaterhouseCoopers , Ernst & Young ), Deloitte and KPMG. If you decide to go in this direction, Townsend says that you should be prepared to work on a project for months and have one hour to present everything you gathered to a single executive. Another note from Townsend: With a Big Four company, your career success will be based on the impact you had on the company, not on your knowledge of technology. Townsend says that if you are interested in the business side of technology, a Big Four company could be the right move for you.
Advanced operational analytics, assessing big data
Enterprise Management blogger Dennis Drogseth advocates for advanced operational analytics (AOA) as a tool to gather and assess big data. Drogseth explains that AOA can boil down information gathered from several sources. It can also do the same amount of work that an analyst could do for half the cost. While AOA comes at a cost, Drogseth says that it's possible that it could pay for itself within months or even weeks. Drogseth lists several reasons why AOA is not the "beast" that many people think of when they hear "big data analytics". AOA, he writes, can pinpoint normal behavior and alert relevant IT professionals of potential issues before things get out of control. AOA tools can be optimized to feed off trusted sources through layered processes that can help with efficiency. Drogseth says that AOA is not for everyone, but it can be beneficial to some when evaluating data.
Dig Deeper on Network Security Best Practices and Products