In Canada’s public sector, the rise of Big Data has meant a new era of data-based decision making for policymakers at all levels. From the economy to labour, transit, healthcare, demographics and state security, data holds the key to smart policy decision.
But data isn’t without danger. Think of the U.S. Justice Department’s claim of Chinese attacks that made headlines earlier this year. Or the news of a Justice Canada phishing scam affecting 5,000 employees earlier this summer. The fact is, as the world becomes more connected and we increasingly have access to all kinds of data, connectivity always comes at the cost of a possible breach.
Put up a wall
Traditionally, data and network security has focused on firewalls, intrusion detection and intrusion prevention. The metaphor of a firewall essentially sums up this approach: focus on making sure no one gains access to the network by putting up a barrier.
Increasingly, however, security specialists are beginning to realize that putting up a barrier doesn’t always work. As fast as experts put up a firewall, savvy hackers find a way around it – or through it. Since the employees working behind a network firewall are human, there’s always going to be a level of human error to consider when approaching security solutions.
The idea is simple: a hacker reaches out to someone via email, offering them a deal or pretending to be someone else, and if they open the email, a surreptitious code gives access to the machine. Now the hacker has breached the firewall barrier by exploiting a simple human misunderstanding. Once given access to the machine, which is on the network, the firewall is now useless.
While firewalls and barriers are helpful in the fight for cyber security, they can only be so effective. Luckily, the very data we put behind firewalls is proving to be the key to better security.
It used to be that the more data you had, the larger the liability it was. Data was expensive to collect and it only became valuable when analyzed, which happened over a long period of time. Then, on top of everything else, you had to protect the data, often with nothing more than flimsy security software.
Today, with the explosion of advanced and high speed analytics technologies, the mountains of Big Data companies and governments are collecting every day can be analyzed instantly. The analytics processes that used to take days or weeks, now take seconds or minutes, providing valuable insights in near-real time. For public and private sector organizations, this has meant the ability to make an informed decision in the moment, using real time data.
It turns out the key to stopping hackers in their tracks is data – lots and lots of data. Public and private sector organizations all over the world are starting to use something called cyber analytics to defend their systems.
They are taking internal and external information – from firewall data and behavioural profiles, to cyber threat intelligence and fraud alerts – analyzing it in real time, and identifying anomalous patterns of activity that in the past would have gone undetected. What used to be a liability is now an asset, as data becomes the key to recognizing threats before they materialize and identifying clandestine activity before it becomes a breach. Now government organizations can spot potential hacks and prevent them from occurring.
The fact is, big data isn’t going away any time soon. Populations are growing, online activity is increasing and organizational efficiencies in all sectors are being improved because of the volume of data being collected. The vision of a world in which data helps improve everything from urban infrastructure to healthcare delivery in rural communities is no longer the talk of techno revolutionaries or futurist dreamers.
We are currently on the brink of the Internet of Things that will bring new ways to view and measure all aspects of a state on the micro and macro levels, helping policymakers make decisions with a level of accuracy never dreamed of in the past. But while policy moves to catch up with the unprecedented opportunities for data collection and analyses that the Internet of Things will bring, security cannot lag behind. Cyber analytics will be the only true way to ensure Canadian government agencies, at all levels, can remain secure in a connected world.