'Analytics key to stopping cyber attacks' - Websense's Alex Watson

By Danny Palmer
19 Feb 2014 View Comments

Organisations should employ big data and analytics in the fight against cyber crime in order to remain as secure against hackers and other cyber criminals as possible, a security expert has told Computing.

Alex Watson (pictured), director of security research for Websense, also warned that human error is still responsible for a significant proportion of cyber security breaches.

Further reading

"The technological approach that security is taking to detect these threats needs to change," he said, "I think the key to stopping these targeted attacks is by using analytics and searching for anomalies,"

Watson suggested that intelligent systems could draw on their power to calculate what's going on within the network, enabling the early detection of cyber threats by alerting users to abnormalities, even if the issue is a previously undetected, completely new type of malware.

"You don't exactly know what it is at first, but increasingly intelligent systems can put together the fact we saw a possible exploit attempt, a bunch of application crashes happening on a network.

"So putting together these different risk indicators to build a picture of an attack is really how the next generation of security systems will function," Watson explained.

Fundamentally, the process would involve detecting unknown cyber criminal activity through the digital fingerprints left on the system, with big data enabling organisations to analyse information in order to determine potential threats.

And while Watson acknowledges the process could be difficult for some organisations to adopt, he argues that analytics will be an essential tool in the fight against cyber crime.

"It's a very tricky process but very necessary. It's something that's critical to organisations, especially once they're likely to be targeted," he said, adding that high profile cyber attacks - like that against US retailer Target - demonstrate how vital it is to improve cyber defences.

Watson added that as much as organisations can protect themselves against outside threats, human error within a company - such as an employee visiting a malware-infected link in a phishing email - still represents one of the most significant threats. As a result, he argued, rigorous training needs to be put in place. 

"The human factor often ends up being the most readily exploitable part of a network structure, so I think awareness and training are an important first step," Watson said. 

"The reason those exploits are successful and are still successfully exploiting the human factor, is that security systems right now are built around protecting the perimeter with boundary-based defences.

"So when someone inside the trusted network clicks a link in an email, basically what they're allowing are the attackers to completely bypass that," he concluded.

Reader comments
blog comments powered by Disqus
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

36 %
34 %
11 %
19 %