A new International Business Machines Corp. security tool uses Big Data to help CIOs detect internal and external security threats in new ways—and can even scan email and social media to flag apparently “disgruntled” employees who might be inclined to reveal company secrets, according to Sandy Bird, chief technology officer of IBM’s security systems division.
The new tool, called IBM Security Intelligence with Big Data, is designed to crunch decades worth of emails, financial transactions and website traffic, to detect patterns of security threats and fraud. Beyond its more conventional threat prevention applications, the new platform, based on Hadoop, a framework that processes data-intensive queries across clusters of computers, will allow CIOs to conduct sentiment analysis on employee emails to determine which employees are likely to leak company data, Mr. Bird said. That capability will look at the difference between how an employee talks about work with a colleague and how that employee discusses work on public social media platforms, flagging workers who may be nursing grudges and are more likely to divulge company information. “By analyzing email you can say this guy is a disgruntled employee and the chance that he would be leaking data would be greater,” Mr. Bird said of IBM’s new tool.
For example, a company could analyze employee emails that express a positive sentiment to a manager at work, but detect “when he’s talking to a peer or someone outside the company, the sentiment comes out a little different,” Mr. Bird said. Such a pattern, combined with other factors, could cause an employee to be flagged for more investigation by an IT team. Sentiment analysis works by parsing patterns in words and phrases that signify whether the intent behind a message is likely positive, negative or neutral.
The platform also helps companies protect against hacker attacks and fraud by allowing security personnel to look for patterns in past attacks — like the time or location of attempted intrusions, and the applications that have been targeted.
As corporate fears about data leakage and hacker attacks rise, CIOs are being called on to quickly defend against intrusions of increasing sophistication. More and more companies are using Big Data to discover the pattern of security lapses as they struggle to keep up with emerging threats.
An early user of the tool, Mark Clancy, chief information security officer for Depository Trust & Clearing Corp., says he does not plan to use the tool’s sentiment analysis capability. Instead, he plans to run queries that use other kinds of analytics, utilizing large stores of transactional data, emails, and travel records, to detect more granular patterns of improper file transfers.
source: The Wall Street Journal | Joel Schectman