Song and Goldberg, in an interview with Information Security Media Group, cite research that contends it takes an average of 229 days for organizations to detect a breach.
"Can you image the amount of damage that could have done in that amount of time?" asks Song, senior vice president of security markets at Splunk. "The speed to detect ... and the speed to understand what got compromised is even more important. And that's where big data comes into play. You need a lot of data to make those decisions and you need the speed to process all of that data accurately to make the right decisions. So speed comes into play in fraud detection - for understanding what happens and who's at fault."
Song says breaches typically have an impact on at least 40 systems. "The speed to find out what happened to each and every one of them and do remediation is very important," she says.
Goldberg says analyzing logs and data on systems should help reduce fraud. "If you could do correlations across the machine data that have the patterns of fraud you can identify, you could be able to identify fraud to take actions to remediate it fast," says Goldberg, Splunk's chief security evangelist.
In the interview, conducted at the recent Infosecurity Europe 2014 conference in London, Song and Goldberg discuss:
- Employing big data to identify fraud. "The patterns of fraud are going to be in machine data," Goldberg says. "Maybe the patterns of fraud are being detected by our authentication systems, by our Web processes, by our billing systems. They're all there."
- How boards of directors are becoming more involved in IT security, including giving chief information security officers more clout. "They read USA Today, they read the Wall Street Journal; they do not want see their companies right on the front page," Goldberg says. "Losing customers, your brand being hurt, your reputation being hurt, no board wants to be in the headlines. So they're putting a lot of emphasis on security and elevating the power of the CISO."
As vice president of security markets, Song is responsible for driving Splunk's marketing strategy. Goldberg, as chief security evangelist, is responsible for technical product marketing and evangelism for security and compliance use cases.