Why we need an open source approach to data management
U.S. companies are subject to more than 90 million different cyber-related incidents each year, with each event costing a company an average of $15 million in damages. Even more staggering, a billion data records are compromised annually in the U.S., making our country an unfortunate leader in cybercrime generation. Modern security in today’s Internet-based environment is no longer an option—it is an absolute must.
Organizations looking to improve their security operations are struggling with data management. While there are thousands of tools that address niche aspects of the cybersecurity challenge, these tools require IT and information security analysts to use data spread across dozens of different silos. Data management doesn’t have a one-size-fits-all solution.
Every security department has its own distinct notification and management patterns based around business requirements. Many businesses rely on emails to manage alert notifications, leaving their networks susceptible to overlooked incidents, and their IT teams prone to alert fatigue and knowledge drain.
There is currently no “playbook” for data management. Security professionals can’t easily find step-by-step instructions on how to triage security alerts. Precedent exists, nonetheless, for open source communities centralizing and improving approaches and solutions within entire industries. The Linux community has transformed technology, and makes it easy for developers and system administrators to navigate the operating system. But historically there hasn’t been a community around data management to centralize the approach and solutions, as there has been in other industries. There should be.
Open source communities that form around common challenges allow large groups of individuals to gain knowledge on really complicated aspects of their business and industry, expanding communal learning and continually advancing a topic along the way. Open sourcing a framework that enables data management and is supported by a community of information security professionals provides them with the tools and capabilities necessary in today’s cybersecurity environment, including:
Open source or community edition security tools are numerous. If data management tools open their source code then businesses large and small can benefit. Leveling the playing field in this way helps improve overall security—even small businesses will have access to the best tools and threat intelligence.
An open source community involves thousands of developers having access to solutions’ source code. These developers are constantly at work advancing the capabilities available to all defenders, and fixing bugs and security issues. This type of innovation is not possible in a proprietary framework with a limited number of developers and the bureaucracy common in closed environments. With an open source framework to data management, everyone can collaborate and learn from each incident, not just analysts and security executives, but the C-suite as well. And not just within one company, but across the entire community.
With the open source community hard at work on data management solutions, analysts aren’t stuck waiting for updates to proprietary systems. They can work more efficiently because incidents can be remediated more quickly, saving time and money while sacred security resources can be freed to address other issues.
Security data comes in many forms and from many sources. With an open framework, data management solutions and processes can integrate with each other, as well as other enterprise functions and tools.
With businesses handling more transactions and sharing more data online, the need for cybersecurity has never been greater. But in the absence of a clear data management process in place today, small- and medium-sized organizations lack the resources they need for effective and efficient security operations. The growing threat to data and other digital assets demands a new kind of protection.
Data management needs more open source tools and a dedicated community to ensure that security will continue to improve as threats evolve and increase. Open source frameworks have simplified and driven innovation across the IT function, and can do the same for data management. An open approach to centralizing actionable security events can help to streamline the management of threats and offer collaboration as a community.
Organizations that have yet to define a data management process can benefit from the open source community. There is a low cost of entry and almost limitless capabilities on an open source framework. The open source framework will drive innovation in data management, while making the same tools and capabilities available to an organization of any size. Open sourcing data management would improve security not just for one business, or one community, but it will make the U.S. as a whole more secure.