Website security has slowly become more and more important over the last couple of years, with attacks developing in sophistication and obtaining more and more resources.
The money involved in breaching a website’s security can be staggering. In 2006, hackers based in the Netherlands and California found a breach in the Heartland Payment Systems website. The company subsequently lost more than $12.6 million through a series of SQL injection assaults. Other attack forms, such as DDoS and brute force assaults, have continued to develop over the years.
Sadly, there seems to be little prospect of the threats reducing over time. Indeed, the recent 2013 Internet Security Threat Report presented a number of worrying statistics, including the 42% in targeted attacks during 2012, a waterhole attack that had infected 500 different organizations in one day and 5,291 new vulnerabilities being discovered during the last year.
If these statistics indicate anything, it’s that web security is now a non-negotiable essential.
Big data, and how it can help
Within the last couple of years, ‘big data’ has become a bit of a buzzword. Essentially, it’s a term used for a collection of data sets that are too large to be comfortably dealt with using traditional data software.
Fortunately, in addition to its obvious marketing appeal, big data has also begun to have a positive impact on the web security landscape. This scale of data can be leveraged to
provide a huge amount of information regarding different threats, legitimate traffic patterns and user behavior.
What’s more exciting about big data is that it offers standard businesses the opportunity to relate to the cyber security landscape in a way that they’ve never really done before. Big data can mean obtaining solid facts about web security, facts that can be easily understood.
This include metrics such as the forms of attack that are most commonly deployed, which brands are being targeted the most and which sectors have been hit the hardest? What’s more, it allows business owners and security managers to directly relate by emphasizing their key concern: the negative impact attacks can have on public perception, revenues, stock prices, sales and customer loyalty.
But how does it really work?
A good example of big data security utilization comes from DDoS protection firm Incapsula, that has just released a new security dashboard which provides an excellent example of just how data can be used in an effective and actionable manner. The dashboard is able to operate in real-time , broadcasting live statistics and enabling customer to access immediate, up-to-date information about how their website is operating. These include visitor geo-locations and IP data, as well as server availability and response times.
This data also means that a more tactical approach can be taken in terms of mitigation.
The impact of every new tactic used to help with DDoS protection and mitigate threats will display real-time results, enabling companies to be pro-active in their approach rather than simply relying on what’s worked before. This can be incredibly useful when dealing with more complex, application layer threats that continually develop different approaches and techniques.