Security Analytics Get 'Edge' on Attackers


(Image: Henrik5000/iStockphoto)

(Image: Henrik5000/iStockphoto)

Last month I addressed the benefits of analytics on the edge -- of how more powerful local analytics hardware could benefit all sorts of industries and usher in a new age of improved privacy, reduced latency, and smarter offline services. But one key area, which perhaps stands to benefit the most, is security.

At a time where DDOS attacks are becoming more commonplace and larger in scale, where even some of the biggest companies seem unable to stop nefarious actors from gaining access to sensitive customer information, security is more important than ever. Most importantly, a speedy response to those security problems, and that's where analytics and inference on the edge can really come into play.

As more information is collected on systems to improve their efficiency over time and protect against possible hackers and malware attacks, sifting through that information in a timely manner has become a real priority. Sending that information to a powerful cloud storage or processing platform is one option, but not always ideal. That's because moving that information to remote storage creates new attack vectors. Plus, moving the information can take time in and of itself.

Analyzing the data locally can mean a much faster and secure response to a potential problem.

Detecting security anomalies in real time can make a big impact on how swiftly and effectively security experts can respond, and that goes doubly so for decentralized internet-of-things devices. These devices have proven to have not only some of the weakest security in recent years, but are a common attack avenue for those looking to create large scale botnets for DDOS attacks. Building in some measure of analytics- and inference-driven security into the device itself could make it much easier to keep out those who would look to subvert the device's purpose.

Even adding error-checking analytics to something as simple as a factory sensor can help protect a system from outside and inside actors. Should a sensor fail in a complicated manufacturing line, the consequences could be dire. However, should those sensors have their own automated security and reporting functions, even if someone is able to obstruct their operation, the response to the problem problem can be much faster than if those checks are carried out remotely.

A great example of this in action (thanks CSOOnline) is in General Electric's Evolution Series Tier 4 trains. Each locomotive is fitted with as many as 200 sensors that each process more than one billion data points per second. Just as with the need for analytics on the edge for safety and control features in automated vehicles, rail safely is greatly improved by these sensors having the local hardware to analyze the masses of recorded data within the locomotives themselves.

Those sensors can then provide feedback into the system with adjustments and recommendations to improve the train's efficiency and overall security. If that data had to be transmitted, it would not only require local infrastructure to be in place for the secure and speedy transmission of that data, but would also increase the latency of response, too. Latency, in this case, could be a huge drawback.

While this won't always be the case for every analytics situation and with every IoT device, the uses for analytics on the edge are growing, and those use cases just increase with security applications, too.

Are there any key instances where you believe security could be improved with edge analytics?

Jon Martindale, Technology Journalist

Jon Martindale is a technology journalist and hardware reviewer, having been covering new developments in the field for most of his professional career. In that time he's tested the latest and greatest releases from the big hardware companies of the world, as well as writing about new software releases, industry movements,and Internet activism.

Brexit Negotiations Drive Analytics Growth

Could Britain's exit from the EU drive a new wave of analytics investment and growth? Here's a closer look.

Vocal Commands Arrive for Analytics

Voice interfaces may give many more users access to self-service analytics. Here's a closer look.


Re: Moving quickly when under attack
  • 7/31/2017 9:18:32 PM
NO RATINGS

Is that company a publicly traded company? NO matter ... everyone involved should be fired. It's come to that, I think. If individuals are that stupid --- and there's no other word for it --- than there has to be consequences. Employees will learn quickly what behavior to model, just like employees learned quickly that it ain't kosher to view porn at work.

Re: Moving quickly when under attack
  • 7/31/2017 10:30:21 AM
NO RATINGS

Ugh.

Often, the human element is the weakest link. And the best way I know of to combat this is to have proactive attacks at your own employees. This will better train everyone on what to look for and how to be skeptical.

I'd be less worried about the head of HR (should have known better) and more worried about the lower level employees who's whole job is providing what the customer needs.

Re: Moving quickly when under attack
  • 7/30/2017 11:47:51 PM
NO RATINGS

A company that shall not be named had a data breach.  Human Resources received an email from someone claiming to be the CEO (wrong email address) requesting copies of every employees W2.   The head of H.R. approved it and off it went. 

I think where analytics comes in, what it might do is help us not to become our own worst enimies and prevent us from making mistakes.   Such as pointing out what my be a weak point or a juicy target.

 

 

Re: Moving quickly when under attack
  • 7/17/2017 8:40:33 PM
NO RATINGS

Yes it does seem that surely management would determine the cost of security measures vs. the expected losses with and without changes. And of course one would have to estimate the odds of actually encountering a security issue for the particular company. That might be a bit hard to pin down but would be an important value to consider.

Re: Security that looks ahead
  • 7/10/2017 5:18:39 PM
NO RATINGS

It would seem correct as noted that "Building in some measure of analytics- and inference-driven security into the device," would help to ensure security better in future IoT devices. The example of the GE sensors for trains seems a good one but makes me wonder about the recent frequency of derailments we're seeing reported in the news. I wonder i any of those were fitted with sensors?

Re: Moving quickly when under attack
  • 7/10/2017 4:39:29 PM
NO RATINGS

..

SaneIT writes " I suspect more companies have not adopted more advanced logging and notifications because they operate hoping believing that no one is going to attack them."

Probably true, but I also wonder whether some companies and organizations weigh the cost of effective security vs. their estimate of the cost of an attack, and figure they can absorb the cost of an attack and recover. If so, they will probably learn the folly of this, but it's also their clients and consumers who will really suffer.

..

Re: Security that looks ahead
  • 7/9/2017 5:43:40 PM
NO RATINGS

We'll call it "The Great IoT Inflation". I'm not looking forward to even higher appliance prices to cover security... I hope there are dumb versions even in the connected future.

Re: Security that looks ahead
  • 7/7/2017 10:26:46 PM
NO RATINGS

In re "I can imagine the sticker price of, say, an average new refrigerator climbing higher and higher as IoT becomes a necessity and then an adequate analytics-based security system to try to protect it all"...

Exactly, Lyndon... just as we do with our Internet-connected thermostats and printers now.

"Convenience! Connectivity! Risk! Now all wrapped together in a single package!"

Re: Security that looks ahead
  • 7/7/2017 10:20:11 PM
NO RATINGS

..

In his blog post, Jon writes 

Detecting security anomalies in real time can make a big impact on how swiftly and effectively security experts can respond, and that goes doubly so for decentralized internet-of-things devices. These devices have proven to have not only some of the weakest security in recent years, but are a common attack avenue for those looking to create large scale botnets for DDOS attacks. Building in some measure of analytics- and inference-driven security into the device itself could make it much easier to keep out those who would look to subvert the device's purpose.

I can imagine the sticker price of, say, an average new refrigerator climbing higher and higher as IoT becomes a necessity and then an adequate analytics-based security system to try to protect it all.

..

Security that looks ahead
  • 7/6/2017 6:03:25 PM
NO RATINGS

Analytics can indeed improve security... but predictive analytics is a long way from helping IT security professionals and executives, according to a group of vendors, customers and service providers at the RSA conference in San Francisco earlier this year. What a huge opportunity for the analytics industry!

Page 1 / 2   >   >>
INFORMATION RESOURCES
ANALYTICS IN ACTION
CARTERTOONS
VIEW ALL +
QUICK POLL
VIEW ALL +