James Hodge at Splunk argues that new defences against cyber-criminals are needed and that federated analytics tools are central to that
The battle with cyber-criminals is constantly evolving. In tandem, the team at the heart of your security operations centre (SOC) is evolving the way it protects against bad actors. New defences are needed; ones that are robust and vigilant around the clock. It’s time to harness the power of federated analytics, a powerful new tool in the SOC’s smart arsenal.
A newer way
Traditional centralised data management systems present certain challenges. They require moving large amounts of data to a central location for analysis, which can be time-consuming, costly, and presents risk. Such systems can also lead to bottlenecks, slowing down the analysis process and delaying threat detection and response.
Federated analytics refers to a method of performing local data analytics on non-central devices, connected data sources, and in the cloud, rather than moving data to a central location for analysis. This helps overcome a range of major operational and security issues.
One of the primary benefits is enhanced data privacy. By analysing data where it lives, federated analytics ensures that sensitive information stays on local servers, eliminating the need for active collaboration between devices. This reduces the risk of data breaches as there is no transfer of sensitive data to a central location.
Additionally, since data does not need to be moved or copied, federated analytics helps maintain the integrity and accuracy of data, reducing the risk of manipulation or corruption.
Another advantage of this approach is its scalability. Federated analytics, done right, holds the potential to seamlessly scale across an organisation’s entire data landscape, enabling users to retrieve information from multiple systems as if they were integrated. This not only speeds up access but also enhances the ability to handle large volumes of data from multiple sources.
This capability is particularly valuable for analysing and detecting sophisticated cyber-threats that may be spread across different networks or systems. This helps businesses focus on deriving insights and creating value from their data and can leverage cloud economics to decouple storage and computing, better enabling IT departments to plan capacity growth.
Real-time threat detection
The ability of federated analytics to support real-time analysis of data from multiple sources is a game-changer. It can identify and mitigate cyber-threats more quickly and effectively than many conventional threat detection tools.
It also enables different organisations to collaborate in detecting and mitigating cyber-threats, without sharing sensitive data, leading to a more effective and coordinated defence against cyber-criminals. Machine learning and artificial intelligence (AI) technologies can be used to identify patterns and anomalies that indicate potential cyber-threats, helping to predict and prevent cyber-attacks.
Keeping sensitive data on local servers also means organisations can comply with stringent data privacy regulations such as GDPR and CCPA.
A future-proofed approach
As global privacy regulations become stricter, more organisations are likely to adopt federated analytics to investigate data while remaining compliant. The rapid growth in data volumes demands more efficient, effective and scalable tools, making federated analytics a highly attractive proposition.
The integration of AI and machine learning will further enhance its sophistication and capabilities, making it a key tool in future cyber-security strategies.
In fact, Market.us, predicts the global federated learning market is set to surge from USD 133.1 million to USD 311.4 million by 2032. This significant expansion reflects a growing consensus amongst organisations to adopt federated analytics to keep pace with the evolving landscape of cyber-security threats and data privacy requirements.
Another driver will be edge computing, which processes data closer to its source. Federated analytics enables the secure and efficient analyse of data from multiple edge devices.
Answering a growing need
As more organisations see the benefits of federated analytics, its presence will be felt across a growing number of industries, especially in areas such as healthcare where privacy and security of sensitive data is of utmost importance. As its adoption grows, so will the need for real-time and collaborative data analysis.
Bringing all this together can be complicated. A successful implementation has clear operational and security benefits, but any missteps could prove costly. It’s important to note that federated analytics isn’t a fire-and-forget data management strategy. Proper governance and adherence to best practices are essential for success.
The value of data, and the need to protect it, sit at the heart of modern business operations.
Organisations should therefore only work with technology partners who have a proven record in implementing and scaling federated analytics at an enterprise level.
A deep dive into the lake
Our own approach to federated analytics starts with Amazon Security Lake, which automatically consolidates an organisation’s security data from Amazon Web Services (AWS) environments, leading SaaS providers, on-premises environments and cloud sources. This ensures that customers can directly analyse data where it resides, enabling users to efficiently detect and investigate security incidents without the need to relocate data.
This supports SOC use cases, including monitoring and threat hunting, all through a unified search interface and customisable dashboards.
Pulling your SOCs up
From a defence perspective, you can’t secure what you can’t see. As cyber-threats evolve by the minute, relying on outdated, centralised data management is no longer an option.
Federated analytics is the key to staying ahead, providing the speed, security and scalability needed to defend against sophisticated attacks, transforming your SOC into an agile, proactive force.
James Hodge is GVP and Chief Strategy Advisor at Splunk
Main image courtesy of iStockPhoto.com and Khanchit Khirisutchalual
© 2025, Lyonsdown Limited. Business Reporter® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543