Cybersecurity, Data Analytics, and Vulnerability
Written by: Chris Greco
There are a number of “V’s” that are associated with big data; they include volume, variety, variability, and verification, but one that is often missing despite it being a major part of cybersecurity is vulnerability. It would seem that this “v” is the missing link between data analytics and cybersecurity. Why would cybersecurity professionals care about data analytics when their primary responsibility is preventing unwanted access to systems they supervise? Let’s see what we can discover.
Determining Vulnerability
The question of vulnerability has plagued cybersecurity specialists since the mainframe era. How can you determine the vulnerability of a system while simultaneously determining the risk of using the system? Lucky for us cybersecurity geeks, the National Institute of Standards and Technology (NIST) has developed the National Vulnerability Database (NVD), which contains various tools for determining vulnerability.
Calculating Vulnerability
One of the more useful NVD tools is the Common Vulnerability Scoring System (CVSS), which employs a series of formulary evaluations, including a calculator that rates vulnerability on a scale of zero to ten, with ten being the most vulnerable. CVSS provides standards related to low, medium, high, or critical scores. As the score increases, so do the vulnerability risks. Although IT professionals enjoy scoring their systems, the true benefit is that the resulting scores are used by the NVD to determine the sensitivity to vulnerabilities for some of the most critical systems. This data can also be used to determine historical system vulnerability.
Vulnerability Data
The NIST’s Common Platform Enumeration (CPE) identifies systems undergoing evaluation and publishes related data so that analysts can see growth. But more than that, NIST’s National Vulnerability Database contains searchable product vulnerability data that can be used for elemental, statistical, advanced, regression, and time-series analyses.
Data Visualization
Fortunately, data visualizations you may be looking for have already been developed by previous users. For example, when I searched for “trojan” statistics, the results revealed the following charts that illustrate how often “trojan” has been matched with vulnerabilities.
Search Term: Trojan
The chart on the left shows that the number of trojan-related vulnerabilities increased in 2010, 2012, and 2017 and decreased in subsequent years. The chart on the right shows the percentage of trojan-related vulnerabilities per year. Although it does not show causation, this visualization does suggest that trojans are no longer the tool of choice to exploit vulnerabilities.
Search Term: Password
Now, let’s search for “password.” As expected, the charts show that the prevalence of “password” vulnerabilities is far more than “trojan.”
Vulnerability Statistics
The real value of these statistics is the percentage of match for each term. In both cases, word choice analysis helped to determine the value of each search term. We can discern trends by just glancing at the data visualizations. And both sets of charts show how useful data analysis can be to cybersecurity professionals. In fact, I dare say that data analytics is as valuable to cybersecurity as project management and finance.
Management Concepts offers comprehensive certifications training in cybersecurity management & administration. Learn more about our programs today!