Is predictive analytics really a game changer?
Connecting state and local government leaders
It may be too soon to tell, but predictive analytics offers agencies hope that they can get ahead of the threat rather than just cleaning up after the fact.
A recent report painted a curious picture of the state of federal government’s cybersecurity stance a year after the attack on the Office of Personnel Management, and its massive breach of government employee data, was revealed.
The report, by the non-profit industry group (ISC)2, suggested overall that government is still struggling with cybersecurity and how to effectively protect its networks, systems and data. Critical offices in many agencies, which by now should understand security imperatives, still aren’t on board.
However, what the report indicated for one key security tool may be the most interesting part.
When it comes to the technologies agencies can use to improve security, a large wedge of those security and IT professionals surveyed said they are looking to predictive analytics as the most significant and “game-changing” solution available to them. Predictive analytics received over 40 percent of the votes, against just single-digit tips for other solutions such as next-generation, identity-based distributed firewalls.
The report itself pointed out that the predictive analytics hype generated by the security industry could be behind that response. No security solution today is complete without at least some mention of a powerful analytics engine at the heart of it that will help the user get ahead of the bad guys and the threats they pose.
Analytics, as in being able to sift through vast amounts of data and flag potential dangers, certainly is a vital tool for security organizations. It provides a way to automate threat detection and allows organizations to more quickly respond to threats and intrusions, which in itself can significantly limit the impact of cyberattacks.
Predictive analytics, on the other hand, promise those organizations an ability that’s a step or two beyond that. As one of the respondents to the (ISC)2 report said, although “the jury is still out,” it’s a key component in getting ahead of the threat and preventing malicious activity rather than just cleaning up after the fact. The verdict on these predictive tools “is coming soon,” this former federal CISO said.
The Department of Homeland Security, for one, certainly seems convinced of the potential. In its fiscal 2016 performance plan, the DHS Office of Inspector General put predictive analytics front and center in preventing terrorism and enhancing security.
It’s not just security that can benefit. Other industries, such as healthcare, also see enormous potential in predictive analytics, and it’s apparently already driving a transformation in the way medical professionals assess their patients’ risk of contracting various diseases and conditions.
There’s no question that big data (itself once a much-hyped term) and analytics are becoming a large part of how organizations set themselves up to respond to cybersecurity threats, particularly as the black hats continue to design more sophisticated threats. Gartner, for example, has regularly projected their uptake by companies over the past few years.
When it comes to predictive analytics, however, some Gartner analysts are less sanguine. The results of predictive analytics don’t make for a convincing argument so far, though there’s always hope.
To be fair, the (ISC)2 report also makes that uncertainty clear. Another respondent to the survey noted that while predictive analytics may help, they can’t be considered a silver bullet because bad guys these days work very hard to mask their activities and to make themselves look like routine users of the network.
So is predictive analytics really the game changer many seem to think it is, or at least could be? It seems likely to be a part of the security toolkit, and possibly even a vital part. But given the way the threat industry has managed to twist and morph itself around defenses so far, it’s unlikely to be the answer.
Unfortunately, even for it to get that far, government organizations need to get much more serious about their security overall. On that issue, at least, the (ISC)2 report seems to be certain: The situation is depressingly bad.