Media coverage of recent NSA revelations would suggest a direct link between Big Data and national security. But is there a connection between Big Data and cybersecurity in particular, and if so what does that connection look like exactly?
How are cybersecurity and big data linked today, and what might the connection look like in the future? That was the question tackled on Tuesday, 6/3 during a NextGov/Government Executive event designed to to flesh out these questions. The discussion took place at the Ronald Reagan Building in Washington, D.C.
NextGov pulled together an impressive and experienced panel. The participants were:
- Roberta Stempfley, Deputy Assistance Secretary for Cybersecurity Strategy and Emergency Communications, Office of Cybersecurity and Communications, Department of Homeland Security
- Diana Burley, Professor, George Washington University’s Graduate School of Education and Human Development
- Roger Hockenberry, CEO, Cognitio and Former CTO, Central Intelligence Agency
It’s a timely topic to examine. Both terms are broad and have become very “hot,” sometimes meaning different things to different people. The connection between the two feels intuitive, but hard to delineate.
Stempfley talked about the connection in the context of information sharing and collaboration. Historically companies have been very reluctant to share threat and breach information in an open setting. Stempfley talked about a standard DHS is working on called STIX, for Structured Threat Information eXpression. She also stressed that effective information sharing requires quality data.
“Groupthink is not always useful,” Stempfley said. “A trusted place to collaborate, and getting enough smart people around the problem to actually develop insight, is very useful.”
Hockenberry made the point that Big Data doesn’t always equate with useful data, and automation has not reached the point to allow sheer analysis to deter attacks:
“What it really comes down to is your CERT,” or computer emergency response team, said Hockenberry, who also served as a CIA chief for cyber solutions. “All the companies that I see have a very nascent ability to automate response to any kind of attack. It’s still a manual process.”
Professor Burley is the author of a National Academies report published last fall that called cybersecurity too broad and diverse a term to be considered a specific occupation.
“Many aspects of the cybersecurity field are changing rapidly, from new technologies to the types of threats we face to the ways offensive and defensive measures are carried out,” she said.
Collaboration, automation and the changing aspects of cybersecurity – clearly the relationship between Big Data and cybersecurity will continue to be refined. With both so central to today’s information society, these types of events are a helpful step forward.