Guest Post by Neill Occhiogrosso
In looking for new opportunities in security and many other sectors, we look for the echoes of the current IT mega-trends: cloud, mobile, big data. These trends, and especially the interactions between them, are dramatically changing security needs. Add to that the changing profile of would-be hackers — now a frightening mix of international organized crime and employees of enemy governments — and we see the potential for several new solutions that can each be the foundation of one or more successful companies.
The first is the application of big data technologies to produce security insights. This is a classic example of “Applied Big Data,” the application of new analytic technologies to a current business problem. Security professionals are drowning in log files, vulnerability scan reports, alerts, reports, and more, but the data is not actionable.
This isn’t an idle observation: Several high-profile breaches happened through vulnerabilities that had been documented months or sometimes years prior. The future lies in analyzing this data to give security professionals a comprehensive view of their security posture. Tell them what is at risk, how severe the risk, how important the asset is, and how to fix it. We see tremendous promise in Risk I/O’s approach to this problem, and we’re proud to have led their most recent investment.
Another area for exploration is security solutions that follow assets to protect them wherever they are. With cloud infrastructures (both public and private) and bring-your-own-device mobile enterprises, there is no perimeter and every layer of the stack is dynamic. Security professionals need to be able to apply security policies to applications, data, and users wherever they are, and those policies need to adapt based on the changing context.
There’s an increasingly popular saying that there are two types of organizations now: those that have been breached, and those that just don’t know it yet. As attacks have become too sophisticated for signature-based detection, there is a need for solutions that quickly notice anomalous and potentially dangerous behavior (likely leveraging machine learning) to prevent breaches or — failing that — detect malicious behavior once a breach has occurred, and minimize its impact.
Guardian Analytics, another Costanoa investment, applies behavioral analytics to data already resident in online banking platforms to prevent a broad range of fraudulent activity. This is just one example of applying data science to existing data sets to address more nebulous threats. There will be more opportunities looking at different applications and different types of attacks.
Finally, there is also the need for efficient data capture and analysis that can look broadly and historically across an infrastructure, sometimes trailing several months, to see when and how a breach occurred, and what the consequences were. This is a prototypical big data problem. It involves great volume, variety, and velocity of data. It now may be tractable, and we are on the lookout for solutions.
We live in an exciting time, but unfortunately in the case of security, that is a double-edged sword. New technologies present new opportunities for criminals. We are optimistic that great new companies are emerging to rise to the challenge.
This post originally appeared on TechCrunch.