The Target breach - too much data, not enough intelligence

Big data is not intelligence. Analytics is not intelligence.

Business process is not intelligence.

Intelligence comes from people, and only from people. Especially the actionable kind. Maybe one day it will come from machines too, but despite impressive recent advances in AI, we're still pretty far away from that. Would you have Siri make decisions about how to respond to a massive DOS or APT attack on your network? I didn't think so.

We're always going to need smart, qualified, professional analysts to intelligently interpret and act upon that flood of data which is already coming in from devices everywhere, and which is going to become a torrent any time now. In fact, today we need them more than ever, and tomorrow we'll need them more than today. People who say jobs are going to be eliminated by technology are wrong.

It's emerged that Target's monitoring systems did, in fact, detect that something was amiss when the breach was going on. Their FireEye installation picked it up, and their security team was notified. The only problem was, that information was buried in an ocean of alerts to the extent that it was merely part of the noise level. It didn't pop out as something significant and urgent, and apparently there was no escalation process in place and/or there was, but nobody there who knew what to look for.  So the significant, urgent information about the attack was ignored. It was an electronic version of The Boy Who Cried 'Wolf".

The takeaway? Yes we're going to need better analytical tools and business processes to improve the signal-to-noise ratio of big data.  But more than anything, we're going to need well-trained analysts in place who can sort out the sheep from the goats. If you're just getting started and are looking for a good career choice, data science  is definitely one I'd that I'd recommend you take a close look at.