In a 2014 study of 700 consumers about brand reputation by Experian and the Ponemon Institute, data breaches were reported as the most damaging occurrence to brand reputation, exceeding environmental disasters and poor customer service. With the ever-growing volume of cyber-attacks on organizations, security analysts require effective visual interfaces and interaction techniques to detect security breaches and, equally importantly, to efficiently share threat information.
In particular, security analysts' at large organizations require effective systems, interfaces, and techniques for conducting data security intelligence, which is a key area at the intersection of big data and cybersecurity analytics.
To support large organizations who manage thousands to tens of thousands of databases, Hadoop, and cloud applications in their environment, security intelligence applications, such as Informatica's Secure@Source, allows information security teams to discover sensitive data across all these disparate data stores, define hierarchies, and provide logical organization (e.g., classification policies, data store groups, departments, locations, etc.) for measuring the risk associated with the sensitive data discovered.
Given the large amount of data in distributed databases and the variety of data and policies that govern each data store, data security analysts face the technical challenge of not being able to measure or quantify what sensitive data is most in need of security protection, what protections would have the greatest impact on enterprise security, and what type of protection schemes and mechanisms would be most effective in improving enterprise security. For example, data stored in a first store of a network database may have completely different data fields, data attributes, and governing security policies than a second store in the network database. This problem grows exponentially in network databases with hundreds or thousands of data stores and data types.
Data security analysts lack tools that will aid in the determination of what data in a distributed network database should be protected and the determination of how best to implement protection schemes on sensitive data. In particular, security analysts do not possess any tools capable of analyzing data stored across numerous data stores in distributed databases and providing guidance regarding the most vulnerable data and data stores, the most effective protection mechanisms for addressing security vulnerabilities or for complying with particular security policies, and the most effective use of existing resources to address vulnerabilities.
Consequently, improvements are needed in systems for data security intelligence assessment in distributed network databases.