It's one thing to aggregate data. It's another thing entirely to make sense of it, he said. In the end the key to situational awareness are the correlation rules and processes that a company has in place for analyzing the data and acting upon it in an efficient manner.
"The big data challenge is to derive actionable information," said Andrew Wild, chief security officer at Qualys. The issue that many enterprises face is not so much a lack of data but rather how to use it in a manner that is useful from a security perspective, he said.
"The network is highly aware, the routers are aware the switches are aware. They know the packets that are flowing through the network." The problem is that all the data exists in different repositories that are not integrated at all, he said.
The tools individually are unable to provide much information, so the Big Data challenge is to find a way to aggregate the data and extract useful information from it. "Big Data is a big challenge when it comes to security," Jerry Sto. Tomas, director of global information security at Allergan, said in a panel discussion at the conference.
A lot of the log data that companies collect exist in silos, he said. And often the data that is college is "garbage data" from a security standpoint, Tomas said.
Sign up for CIO Asia eNewsletters.