SAS: Cyber-Analytics for Network Situational Awareness
Posted: 8 August 2011 | Source: SAS
The United States would lose a cyberwar today, according to a former director of national intelligence, but the US government is already engaged in a cyberwar.
Reported cyberattacks against the federal government increased by more than 200 percent during fiscal years 2006-2008, and the trend lines of threats and attacks by foreign governments, terrorists and criminal organizations, as well as hackers and insiders, continued rising sharply upward in volume, as well as in sophistication and agility. Meanwhile, the amount of government data that must be protected is growing daily by terabytes.
Yet, cyber defenders are inundated with masses of unconnected and uncorrelated data from hundreds or thousands of security systems and devices, while fragmented government IT infrastructures make it practically impossible to gain a holistic view of an agency’s networks and associated devices. As a result, cyber-situational awareness – and the analytical tools and capabilities to achieve it – are limited or nonexistent, despite growing calls and requirements for tools and processes that can correlate data, provide analysis and warning capabilities and improve situational awareness.
Government agencies can achieve significant progress in acquiring these capabilities and in achieving enhanced cyber-situational awareness by using SAS® for Cyber Security, which is currently being successfully employed by a US military cyber defense organization. SAS provides complementary technologies that help overcome the challenges of data crunch, data inconsistency, data sense and data visibility to create a common operating picture across the enterprise.