Expert Interview with Paul F. Roberts on Cyber Security and Big Data

Paul F. Roberts, founder and editor in chief of The Security Ledger, has a deep passion for cyber security - especially as it relates to the Internet of Things. In fact, he started his independent news site with the goal of exploring in-depth the biggest issues surrounding business and cyber security.

We recently checked in with Paul to learn more about The Security Ledger and get his insight on the biggest cyber security threats facing businesses today, as well as how Big Data is being used to detect potential cyber threats to companies. Here’s what he had to say:

Tell us about The Security Ledger. When and why did you start your site?

I launched The Security Ledger in August 2012 to be an independent security news site that focused on what I saw as the next big conversation in cyber security: securing connected devices and what has become known as the Internet of Things. At the time I started it, I was working as a senior editor at a site called Threatpost.com, a news website that is owned by the antivirus software company Kaspersky Lab. I felt like most of what I wrote about there was more traditional stories about malware for personal computers and perhaps mobile devices. But I was increasingly interested in non-traditional systems, like SCADA and industrial control systems, embedded devices, etc. Security Ledger was a way to double down on that interest and really explore those topics.

What are the biggest headlines in your world today?

Well obviously, cyber security has become a major news story worldwide with the hacking of Sony Pictures Entertainment. That incident has become an “international incident,” literally. Of course, the specter of sophisticated cyber criminal groups or state actors attacking private firms isn’t a new one, but somehow the scope of that attack and its victims (Hollywood celebrities) captured the public’s attention. I’d say that more than ever, the stories that I’ve been writing about for more than a decade are really coming to dominate both headlines and national policy.

What are the biggest cyber threats to business owners right now? What should they be doing to safeguard themselves?

Unfortunately, employees continue to be the biggest vulnerability that business owners have. That’s sobering news, because you can’t “patch” employees or buy software to make them secure. But the truth is that almost every major breach of corporate security begins with some kind of attack on employees, whether they be low level or high level. Phishing e-mail attacks are used to trick those employees into surrendering user names and passwords, or to visit a “drive by download” website that puts data-stealing malicious software on their computers. From there, attackers will move “laterally” within an organization, compromising other users and systems until they find the data they are looking for; whether that is credit card information, customer information, intellectual property, business plans, what have you.

What are the potential uses of Big Data to help businesses protect their assets and their customers’ information?

Big Data and data analysis are really important pieces of the puzzle of corporate (or “enterprise”) security these days. We’re seeing it used in a couple different ways. The most important is for threat detection. In the last 10 years or so, security vendors began to recognize that by aggregating data from across all their customers, they could detect new and emerging threats. Antivirus software vendors started collecting near real-time feeds from their users to identify new variants of malicious software that were spreading.

We’re also seeing the emergence of security “intelligence” firms. These are companies whose business model is really based around the power of Big Data analytics to give companies an edge in fighting sophisticated and malicious cyber actors. So these security firms sell technology that can collect vast pools of data from customers’ infrastructure, such as entries in voluminous log files or warnings from intrusion detection system software. They’re then using data analysis to combine that with third-party “threat intelligence” providers to help them spot the telltale signs of a security breach - kind of like a beat cop noticing the broken basement window or the door that’s ajar.

On the flipside, what are the potential risks of Big Data to business owners?

I think, in the context of security, that companies need to be careful of putting too much faith in any single technology to solve their problems. Most of the problems that get companies hacked are problems that have long been understood and warned about: unpatched systems that are vulnerable to attack; weak passwords or poor password hygiene; improperly configured, public-facing infrastructure; and gullible or unsophisticated employees.

Big Data analytics can do some really cool work at identifying trends or retroactively understanding how an attack played out. The jury is still out on its ability to actually thwart attacks. In the meantime, the things that chief security officers should be investing time and resources in are much more quotidian: employee training, encryption for data at rest and in transit, efficient and effective patch management, strong user authentication, etc.

What excites you about how Big Data can be used by business owners?

Again, I think the application of Big Data analytics to information security is a very promising area; especially when you talk about its potential use in spotting the emergence of new threats or nascent attacks against companies, governments, critical infrastructure, and so on. Most of the security spending that happens these days is on legacy technologies, like anti-virus, intrusion detection, firewalls, etc. I think that in the years to come, some of that spend will start to transition to technologies that make better use of data analysis to protect customers; but it is still the early days.

What innovations or Big Data trends are you following these days?

One of the editorial focuses of The Security Ledger is the Internet of Things, so I’m very interested in how our personal and professional lives will be affected by this population of millions (or billions) of connected and intelligent devices. Big Data analysis is a key part of that whole puzzle. It will be a very powerful tool to extract value out of the Internet of Things, and I think it will really revolutionize the way our world works.

Connect with Paul on Twitter and Facebook.