NAB Collaborates with Databricks to Revolutionize SIEM Design

NAB Teams Up with Databricks for SIEM Development

National Australia Bank (NAB) has made a pivotal advancement in the cybersecurity field as one of the five design partners for Databricks’ new security information and event management (SIEM) platform, Lakewatch. This partnership denotes Databricks’ first step into the security industry, generating significant excitement within the technology community.

Lakewatch: A New Era in Security

Lakewatch is now in a “private preview” stage, with details regarding its public launch still undisclosed. NAB’s chief security officer, Sandro Bucchianeri, emphasized the bank’s daily processing of over 30TB of security data, conveying a goal to merge these signals with larger enterprise datasets to enhance its cybersecurity framework.

Utilizing Current Infrastructure

NAB already employs Databricks on AWS as a fundamental aspect of its enterprise data platform, Ada. The existing partnership between NAB and Databricks sparked conversations about extending Databricks technology into security solutions, which led to NAB’s role in the design of Lakewatch.

The Future of Cybersecurity

Bucchianeri expressed enthusiasm for the collaboration, mentioning, “Collaborating with Databricks to shape a product tailored to the needs of cyber defenders moving forward … is exciting for us.” The platform is designed to address both present and future security requirements.

Integration and Advancement

Databricks has disclosed that Lakewatch will facilitate data integration from 15 security vendors, offering an “agentic” SIEM where customized security agents can be created for incident detection and resolution. This adaptability is a crucial advantage for organizations seeking bespoke security solutions.

Conclusion

NAB’s alliance with Databricks to create Lakewatch represents a significant development in the cybersecurity landscape. By harnessing Databricks’ technological expertise and NAB’s substantial data capabilities, this collaboration promises to deliver a powerful SIEM platform. With its ability to integrate extensive security data and provide customizable security agents, Lakewatch stands as a promising asset for future cybersecurity efforts.

Q&A Section

Q: What is Lakewatch?

A: Lakewatch is an emerging security information and event management (SIEM) platform under development by Databricks, with NAB serving as a primary design partner.

Q: Why is NAB participating in this initiative?

A: NAB aims to unify its vast daily security data with larger datasets to strengthen its cybersecurity capabilities, utilizing its existing partnership with Databricks.

Q: What distinguishes Lakewatch from other SIEM offerings?

A: Lakewatch is promoted as an “agentic” SIEM, permitting the creation of custom security agents for incident detection and response, offering enhanced flexibility in security operations.

Q: When will Lakewatch be publicly available?

A: Lakewatch is currently in a private preview phase, with no definitive date established for its general release.

Q: How many other organizations are participating in the co-development of Lakewatch?

A: NAB is among five design partners; however, the names of the other four have not been revealed.

Q: Does Databricks have prior experience in the security domain?

A: Lakewatch signifies Databricks’ initial entry into the security market, broadening its scope from data management to cybersecurity.