Summary: This study explained how information security related key risk indicators depend on heterogeneous data sources, high data volumes and high data velocity, and how large organizations with international presence and with combined internal and outsourced IT services are challenged with balancing risk monitoring scope with related costs. The case study presented a possible approach to cost optimization by using combined proprietary and open-source software solutions for big data analytics using commodity hardware. It also explored how some challenges such as finding and hiring people with right skills, establishing partnerships and collaboration are important.

Outline:

  • Bridge the gap between tactical and strategic risk management
  • Strategic level: Building risk intelligence capacity:
 - Assembling risk relevant information sources
 - Performing risk data analytics 
    * Risk profiling, clustering risk factors
    * InfoSec – business risk mapping
    * Identifying anomalies
    * Threats data feedback; Reports; Dashboards; Alarms
  • Building risk management knowledge creation engine based on Apache Spark and Tableau for data visualization
  • Spark: Applying machine learning:
 - Principal Component Analysis
 - Local Outlier Factor
 - k-Means analysis
  • Behavior analytics: more examples
  • Next step: Augmented Risk Preparedness - risk contextualization
  • Challenges:

- Develop tools and processes that efficiently address data velocity within lag time

- Effectively address source data quality

- Find and retain people with right skills

- Improve analytical methodologies (try new, test, simulate, peer review,…)

- Be ready for black swan events (foreseen but unexpected)

Presentation slides: Using Big Data Analytics for Information Security Risk Management Decision Support