Strength in Numbers: Why Consider Open Source Cybersecurity Analytics

By Rob Kent, Vice President of Marketing at Cybraics

Competition is widely considered to be a healthy and positive thing, traditionally viewed as providing options for customers and fueling innovation. In the world of cybersecurity there is no shortage of competition, in fact cybersecurity is one of the most crowded and fast-growing areas of technology. The problem is, with so much competition, are we losing sight of the real goal: protecting our customers against the adversary? With so much focus on competing and winning customers, are we negating one of the most fundamental advantages that we could have in the fight against cybercrime? Cooperation. Our adversaries are not shy about working together… the community is strong and growing, and while there is no doubt some healthy competition, the sharing of tools and techniques is certainly far more common than in the commercial world. Like Open Source software, security can only benefit and grow through peer-reviewed submissions. Citing Linus Law by Eric S. Raymond from his book The Cathedral and the Bazaar, “Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix will be obvious to someone.”

This, of course, is not new information. People have been pointing this out for years. What is encouraging is that a few organizations are finally stepping up to the plate to try and change this paradigm in cybersecurity. When it comes to cybersecurity, many have touted big data analytics as one of the key initiatives to combat adversaries. The problem is that big data in itself has its own set of challenges, one of the issues is that it is often looked at as a costly problem to store and scale as opposed to being used as another tool in an organization’s arsenal. Apache Spot, a project pioneered by Intel and Cloudera, is aiming to fix this problem.

By creating an open source community, the hope is that identifying security threats within large data sets will become a manageable task for all organizations, despite their size or scale. Organizations overwhelmed with their data or those that aren’t seeing results will have a community to turn to along with a common reference to compare results. By working together on Apache Spot, organizations will be able to share their experiences on how they’ve tackled or how they need to tackle these issues with a common system to reference. Data is never going to get smaller across organizations’ core systems, so in many ways an organization just now beginning to dig into their data stores is basically starting from scratch. Having the ability to reference an open common model gives the opportunity for both those starting out and those seasoned, to have an open exchange of varying knowledge.

By supporting Apache Spot, Cybraics is hoping to learn as much as we contribute while we collaborate and take part in this Open Source Initiative. With the end result a set of guidelines for organizations to deploy a data analytics platform to find threats within their ecosystem, and a community that will share their experiences with the next generation of data and security professionals, perhaps we can all start actually working together to start leveling the playing field.