More Analytics Needed in Cyberdefense by David Stegon.
Before you credit this report too much, consider the following points:
Crunching the Survey Numbers
MeriTalk, on behalf of Splunk, conducted an online survey of 150 Federal and 152 State and Local cyber security pros in March 2015. The report has a margin of error of ±5.6% at a 95% confidence level. (slide 15)
Federal Computer Week has 80,057 subscribers and approximately 21% of them are Senior IT Management. Federal Computer Week (FCW)
That’s 16,812 of the subscriber total and MeriTalk captured opinions from 150 “cyber security pros.”
Roughly that means that MeriTalk obtained opinions from the equivalent of 0.009% of the senior IT management subscribers to Federal Computer Week.
A survey of less than 0.009% of cyber security pros doesn’t fill me with confidence about these survey “results.”
Big Data analytics for Cyberdefense
In addition to being a tiny portion of “cyber security pros,” you have to wonder what “big data” the respondents thought would be analyzed?
OPM wasn’t running any logging on its servers! (The Absence of Proof Against China on OPM Hacks)
Care to wager that other federal agencies and contractors are not running logging on their networks? I didn’t think so.
Big data techniques, properly understood and applied can lead to valuable insights for cybersecurity. But note the qualifiers, “properly understood and applied…”
The first step towards cybersecurity is recognizing when vendors are taking your money and not improving your IT security.