The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider
Upcoming SlideShare
Loading in...5
×
 

The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider

on

  • 1,897 views

Presented at InnoTech Austin 2013. All rights reserved.

Presented at InnoTech Austin 2013. All rights reserved.

Statistics

Views

Total Views
1,897
Views on SlideShare
1,897
Embed Views
0

Actions

Likes
1
Downloads
12
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

 The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider Document Transcript

  • 10/21/2013 The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider We are living in an age where the velocity of information growth has reached new speeds, the volume of information that we keep and use is exploding, and the increasing variety of information sources is creating a new demand to expand our definition of security. No longer is it just security in our enterprise, but across an expanded infrastructure and an ever-expanding collection of devices. This talk will explore this changing universe, the emerging paradigms, the impacts on security and suggestions on how to manage the risk. Key Takeaways •A future view of where Cloud Computing and Bid Data are headed •How these futures and new paradigm will impact security •What we need to do to meet the new needs The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider David Smith President dsmith@socialcare.com linkedin.com/in/davidsmithaustin 1
  • 10/21/2013  Cyberspace will become orders of magnitude more complex and confused very quickly  Overall this is a very positive development and will enrich human society  It will be messy but need not be chaotic!  Cyber security research and practice are loosing ground  VOLUME / VELOCITY / VARIETY Change everything  The Internet of Things will Change it all 3 Origin of the term “Cloud Computing” • “Comes from the early days of the Internet where we drew the network as a cloud… we didn’t care where the messages went… the cloud hid it from us” – Kevin Marks, Google • First cloud around networking (TCP/IP abstraction) • Second cloud around documents (WWW data abstraction) • The emerging cloud abstracts infrastructure complexities of servers, applications, data, and heterogeneous platforms – (“muck” as Amazon’s CEO Jeff Bezos calls it) 2
  • 10/21/2013 Industry Trends Leading to Cloud Computing A “cloud” is an IT service delivered to users that has: • A user interface that makes the infrastructure underlying the service transparent to the user • Near-zero incremental management costs when additional IT resources are added • A service management platform 2010 2000 Cloud Computing 1998 Software as a Service 1990 • Next-Generation Utility Computing Internet computing • Network-based Grid Computing subscriptions to • Offering computing • Next-Generation applications • Solving large resources as a Data Centers problems with metered service • Gained momentum parallel computing in 2001 • Introduced in late • Made mainstream by 1990s Globus Alliance Even as clouds take hold, the IT landscape is changing rapidly… Technology is rapidly being commoditized Businesses are more willing and able to shop for IT services In-house IT infrastructure is increasingly seen as complex and rigid Unstructured data is the new gold © Harvard Business Review 3
  • 10/21/2013 Cloud Computing 'Platform as a service' (PaaS) Infrastructure as a Service (IaaS) Software as a service (SaaS)  Public Clouds  Application-centric cloud platforms  Public clouds reduce corporate IT jobs and spend. CIOs lead the charge. Private clouds become THE strategic decision for enterprise IT  Private Clouds  enterprise owned or leased  Hybrid cloud  composition of two or more clouds  Community cloud  shared infrastructure for specific community Copyright, 2010 © HBMG, Inc A Crisis of Complexity. The Need for Progress is Clear. 1.5x Explosion of information driving 54% growth in storage shipments every year. 70¢ per $1 70% on average is spent on maintaining current IT infrastructures versus adding new capabilities. 85% idle In distributed computing environments, up to 85% of computing capacity sits idle. 70%+ Never recover Howard Levenson, IBM Of business never recover from a major data disaster. 4
  • 10/21/2013 Users Wait Too Long For New Servers Requester Submit Request Requester Acquire HW & SW Install & Config. HW Install & Config SW Deploy Server Three to six months to provision a new server! Howard Levenson, IBM From http://geekandpoke.typepad.com 5
  • 10/21/2013 Cloud Computing Delivery Models Flexible Delivery Models Public … Private … •Access by Service provider  owned and managed. •subscription. •Delivers select set of  standardized business process,  application and/or  infrastructure services on a  flexible price per use basis. .…Standardization, capital  preservation, flexibility and  time to  deploy   ORGANIZATION •Privately owned and  managed. •Access limited to client  and its partner network. •Drives efficiency,  standardization and best  practices while retaining  greater customization and  control Cloud Services  Cloud Computing  Model Hybrid … •Access to client, partner  network, and third party  resources CULTURE .… Customization, efficiency,  availability, resiliency, security  and privacy  GOVERNANCE ...service sourcing and service value Growth of Data 6
  • 10/21/2013 Virtualization for Client Computing Hosted Virtual Desktops Architectural equivalent of the blade PC Full "thick-client" image, thin-client delivery model Application Application Application PC OS PC OS PC OS VMM Server Hardware Portable Personalities • Carry the bubble, not the hardware • Portable media, stored on the network • Bubbles of various sizes: some with OS, some without . Source: Matthew Gardiner, Computer Associates 7
  • 10/21/2013 Big Data Numbers How many data in the world? – 800 Terabytes, 2000 – 160 Exabytes, 2006 – 500 Exabytes(Internet), 2009 – 2.7 Zettabytes, 2012 – 35 Zettabytes by 2020 How many data generated ONE day? – 7 TB, Twitter Big data: The next frontier for innovation, competition, and productivity McKinsey Global Institute 2011 – 10 TB, Facebook Tapping into the Data • • • • Data Storage Reporting Analytics Advanced Analytics – Computing with big datasets is a fundamentally different challenge than doing “big compute” over a small dataset Utilized data Unutilized data that can be available to business 8
  • 10/21/2013 Business, Knowledge, and Innovation Landscape • Typically 80% of the key knowledge (and value) is held by 20% of the people – we need to get it to the right people • Only 20% of the knowledge in an organization is typically used (the rest being undiscovered or underutilized) • 80-90% of the products and services today will be obsolete in 10 years – companies need to innovate & invent faster Copyright 2012@ HBMG Inc. Computer generated data  Application server logs (web sites, games)  Sensor data (weather, water, smart grids)  Images/videos (traffic, security cameras) Human generated data  Twitter “Firehose” (50 mil tweets/day 1,400% growth per year)  Blogs/Reviews/Emails/Pictures Social graphs  Facebook, linked-in, contacts Device generated data – ………….. 9
  • 10/21/2013 “Big Data” and it’s close relatives “Cloud Computing”, “Social Media” and "Mobile" are the new frontier of innovation. Driven by Advance Analytics Big Data and It’s Brothers Volume Variety Velocity ……….. 10
  • 10/21/2013 Volume Volume is increasing at incredible rates. With more people using high speed internet connections than ever, plus these people becoming more proficient at creating content and just more people in general contributing information are combined forces that are causing this tremendous increase in Volume. Variety Next in breaking down Big Data into easily digestible bite-size chunks is the concept of Variety. Take your personal experience and think about how much information you create and contribute in your daily routine. Your voicemails, your e-mails, your file shares, your TV viewing habits, your Facebook updates, your LinkedIn activity, your credit card transactions, etc. Whether you consciously think about it or not the Variety of information you personally create on a daily basis which is being collected and analyzed is simply overwhelming. 11
  • 10/21/2013 Velocity The speed at which data enters organizations these days is absolutely amazing. With mega internet bandwidth nearly being common place anymore in conjunction with the proliferation of mobile devices, this simply gives people more opportunity than ever to contribute content to storage systems. VELOCITY Worldwide digital content will double in 18 months, and every 18 months thereafter. IDC Mobile Inventory Emails Planning GPS CRM Data Demand The Economist Speed Opportunities Things Service Calls In 2005, humankind created 150 exabytes of information. In 2011, over 1,200 exabytes was created. Velocity Customer Transactions Sales Orders Instant Messages Tweets VOLUME VARIETY 80% of enterprise data will be unstructured, spanning traditional and non traditional sources. Gartner 12
  • 10/21/2013 But I Believe there are Four V4 Clouds and Crowds Interactive Cloud Analytic Cloud People Cloud Transactional systems Data entry … + Sensors (physical & software) … + Web 2.0 Get and Put Map Reduce Parallel DBMS Stream Processing … + Collaborative Structures (e.g., Mechanical Turk, Intelligence Markets) Data Model Records Numbers, Media … + Text, Media, Natural Language Response Time Seconds Hours/Days … +Continuous Data Acquisition Computation The Future Cloud will be a Hybrid of These. . 13
  • 10/21/2013 As the world gets smarter, infrastructure demands will grow Smart traffic systems Smart Smart oil food field technologies systems Smart water management Smart supply chains Smart healthcare Smart retail Smart weather Smart countries Smart energy grids Smart regions Smart cities . 14
  • 10/21/2013 The Threat Landscape Has Evolved… CYBERCRIMINALS FINANCIALLY MOTIVATED Ransom & fraud DDOS Defacement ATA/APT GRADE BAD DATA STUFF IN THEFT GOOD STUFF MALWARE OUT HACKTIVISTS POLITICALLY MOTIVATED NATIONALISTICALLY MOTIVATED Public data leakage STATESPONSORED ATTACKERS Gov’t, enterprise & infrastructure targets 29 The Malware Problem – Overwhelming Odds 1/3 85% of malware is customized (no signature available at time of exploit) of breaches took weeks or more to discover (+6%) of organizations believe exploits bypassing their IDS and AV systems (VzB, 2012) (VzB, 2012) (Ponemon) 91% 30 15
  • 10/21/2013 Why is Security Hard? No system can be 100% secure – Reality is risk mitigation, not risk avoidance Difficult to prove good security – Bad security gets proven for us! Good security and no security can look the same – How does one know how secure they are? Many things to secure – People, equipment, OS, network, Application Servers, applications, phones, and databases Balancing the Business Usability Add Devices and Thing to Things and it gets very BAD x Security Performance 16
  • 10/21/2013 Mobile Devices Mobile computers: – Mainly smartphones, tablets – Sensors: GPS, camera, accelerometer, etc. – Computation: powerful CPUs (≥ 1 GHz, multicore) – Communication: cellular/4G, Wi-Fi, near field communication (NFC), etc. Many connect to cellular networks: billing system Cisco: 7 billion mobile devices will have been sold by 2012 Organization Data Mining as a Threat to Security Data mining gives us “facts” that are not obvious to human analysts of the data Enables inspection and analysis of huge amounts of data Possible threats: – Predict information about classified work from correlation with unclassified work (e.g. budgets, staffing) – Detect “hidden” information based on “conspicuous” lack of information – Mining “Open Source” data to determine predictive events (e.g., Pizza deliveries to the Pentagon) It isn’t the data we want to protect, but correlations among data items Published in Chris Clifton and Don Marks, “Security and Privacy Implications of Data Mining”, Proceedings of the ACM SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery 17
  • 10/21/2013 Challenges in the 21st century Safety & Security Information Explosion Knowledge Economy Globalization Accelerating Change International Partnerships Complex Technologies Finite Resources Diverse Workforce Life-Long Learning Citizen Engagement Sustainable Development Mega Trends to Consider… • Digitization of all content (listening = getting!) • Distribution is the default (just having a network won’t be enough) • Virtualization (location matters less and less) • Niche-ization of content & lifestyles • Mass-Personalization of media will become standard • Democratization of creation, & peer production • Amateurization of the entire value chain (but NOT to the detriment of experts) • “Godzilla-zation” of users/consumers 18
  • 10/21/2013 Growth at the Edge of the Network 4,000 Petabytes/Day Global 3,500 • Mobile • Device to Device • Sensors • Entertainment • Smart Home • Distributed Industrial • Autos/Trucks • Smart Toys 3,000 2,500 2,000 1,500 Converged Content 1,000 500 Traditional Computation 0 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 Year 19
  • 10/21/2013 Internet of Things • a system . . . that would be able to instantaneously identify any kind of object. • network of objects . . • one major next step in this development of the Internet, which is is to progressively evolve from a network of interconnected computers to a network of interconnected objects … • from communicating people (Internet) ... to communicating items … • from human triggered communication … • ... to event triggered communication 20
  • 10/21/2013 Tomorrow’s ubiquitous world of tags, sensors and smart systems 21
  • 10/21/2013 Sensor Data Volume How do we handle all this data? “Rebalancing Collection & PED may be Necessary” The “Fat Pipe” 22
  • 10/21/2013 Data Desktop AMP: Algorithms, Machines, People Adaptive/Active Machine Learning and Analytics Massive and Diverse Data CrowdSourcing Cloud Computing 23
  • 10/21/2013 Characteristics of Agents Agents dynamically adapt to and learn about their environment Intelligent Agents Adaptive Autonomous Agents are goal directed and act on their own performing tasks on your behalf Agents coordinate and negotiate to achieve common goals Cooperative Mobile Agents move to where they are needed Social Personality Information Agents Interoperate Agents interoperate with humans, other, legacy systems, and information sources . 24
  • 10/21/2013 Embeddedness The Invisible Computer EmbeddednessDigital convergence technologies will “form the invisible technical infrastructure for human actionanalogous to the visible infrastructure provided by buildings and cities.” Embeddedness is driven by cost-effective computing, Moore’s Law, miniaturization, ubiquitous communication, and advanced materials and sensing devices. In 2000, 98% of computing devices sold are embedded in products and are not apparent to the product’s user. SOA Reference Architecture Channel Web Applications Portals / Websites ASP JSP HTML CSS Voice/XML User Interface User Interactions Business Process Messaging Service Mediation, Routing, Logging, Auditing Management Identity Policy Enforcement “Service Registry” Network Voice IVR IPhone Service Transformations “Enterprise Service Bus” Platform Browsers Cell Phone Orchestrated Web Services Service Discovery Service Management Web Services PDA Authentication Single Sign-On Atomic Composite Data Access Federated Mainframe UNIX Windows .NET Java J2EE COBOL CICS Firewalls Routers XML Accelerators Proxy Servers TCP/IP Business Logic/Rules System Administration Network Administration Security, Operations, & Governance Access Points PC Policy, Process, Monitoring, Reporting, Usage Tracking Users 50 25
  • 10/21/2013 Emerging Technology Sequence Emerging Technology Vectors Cellular Array Defect Tolerant Biologically Inspired 1-D Structures Resonant Tunneling Floating Body DRAM Nano FG UTB Single Gate FET Source/Drain Engineered FET SET Quantum Computing Molecular Insulator SET Resistance Change QCA Molecular UTB Multiple Gate FET Biological Based Architecture Spin Transistor Logic Quantum Quasi Ballistic FET DNA Memory Hybrid Non-Classical CMOS Risk Source: Technology Futures, Inc. Risk Management And Needed Security Unacceptable Risk Impact to business Business defines impact High Low Risk management drives risk to an acceptable level Acceptable Risk Probability of exploit High Security engineering defines probability 26
  • 10/21/2013 Cyber Security is all about tradeoffs Productivity Security Let’s build it Cash out the benefits Next generation can secure it Let’s not build it Let’s bake in super-security to make it unusable/unaffordable Let’s sell unproven solutions There is a middle ground We don’t know how to predictably find it 53 Exposures 1. Increased Dependency on Complex Technologies and Business Processes 2. Steep Decline of Barriers to Trade 3. Speed of Transactions 4. The Death of Distance 5. The Adoption of Advanced Communications 6. Consolidation/Transformation of Traditional Industries 7. The Internet and the Abundance of Information 8. Infrastructure 9. Overcommitted Agencies 10. Changing Social Constructs 11. The Device to Device Computing Growth 27
  • 10/21/2013 Top 5 Most Appreciated Technologies Microwave Oven Universal Remote Control Garage Door Opener Telephone Answering Machine (For Home) Ear Thermometer 77.3% 66.6% 64.6% 61.7% 59.5% 28
  • 10/21/2013 Big Data “85% of eBay’s analytic workload is new and unknown. We are architected for the unknown.” Oliver Ratzesberger, eBay Data exploration – data as the new oil     The exploration for data, rather than the exploration of data Uncovering pockets of untapped data Processing the whole data set, without sampling eBay’s Singularity platform combines transactional data with behavioral data, enabled identification of top sellers, driving increased revenue from those sellers 57 29
  • 10/21/2013  Cyberspace will become orders of magnitude more complex and confused very quickly  Overall this is a very positive development and will enrich human society  It will be messy but need not be chaotic!  Cyber security research and practice are loosing ground  VOLUME / VELOCITY / VARIETY Change everything  The Internet of Things will Change it all 59 In Parting: Be Paranoid “Sooner or later, something fundamental in your business world will change.”  Andrew S. Grove, Founder, Intel “Only the Paranoid Survive” 30