Evolution of Analytics


Evolution of Analytics

Let’s begin by taking a look at the evolution of analytics, which spans numerous areas—from data
mining and data monitoring to forecasting and machine learning. Analytics is “the scientific process of transforming data into insight
for making better decisions.” In the security world, this definition can be expanded to mean the
collection and interpretation of security event data from multiple sources and in different formats for
the purpose of identifying threat characteristics and improving protection, detection, and correction.
The science of analytics has undergone a transformation in a relatively short period of time:

Analytics 1.0: In the early stages, data statisticians spent their time dissecting internally
sourced structured data sets, most often in reaction to a specific problem. This type of
analytics was descriptive and diagnostic, answering the questions “What happened?”
and “Why did it happen?” Most vendors are extremely competent in this area, applying
the knowledge they gather to rule sets and decision trees. In fact, it’s imperative for
vendors to continually react, respond, and learn through this type of analysis, which,
along with a layered approach, is vital for truly effective security coverage.

Analytics 2.0: In the era of Big Data, connectivity, and microprocessors, the quantity of
security data, which is being culled from both internal and external sources, has been
growing in volume and complexity. Vendors have become adept at the very essential
task of churning through mountains of information and making sense of it, though the
emphasis has been on descriptive and diagnostic analytics.

Analytics 3.0: Security vendors are now beginning to move in the direction of predictive
and prescriptive analytics, which enables accelerated and proactive discovery and
insights. Machine learning applied to Big Data utilizing deep learning methodologies
(which may include cognitive computing) is the foundational technology. Predictive
solutions for current threats—such as ransomware, advanced malware, and botnets—are
already being rolled out

Comments