Your SlideShare is downloading. ×
Big data security   the perfect storm
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Big data security the perfect storm


Published on

Published in: Technology

  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide
  • IBM BD usage GBE03519USEN.pdf
  • IBM BD usage GBE03519USEN.pdf
  • Incidents Over Time
  • Transcript

    • 1. Big Data Security - The Perfect Storm
    • 2. The Perfect Storm 1991 It was the storm of the century, boasting waves over one hundred feet high a tempest created by so rare a combination of factors that meteorologists deemed it "the perfect storm." When it struck in October 1991, there was virtually no warning.*:
    • 3. The Perfect Storm Increased profits Customer Regulations Support & Breaches Increased profits Social Media Big Data Sales & Business Marketing Improvement Increased profits Increased Customer Security profits Profiles Analysis Increased Increased profits profits3
    • 4. Perfect storm Increased Breach or WeakerMore Data Regulations Audit Fail Security ($$$)4
    • 5. The Perfect Storm Big Data is a Time Bomb based on how things are coming together Big Data deployment is growing fast, rushing into it • ROI in focus • Security is not part of Strategy Shortage in Big Data skills • People don’t know what they are doing Big Data Security solutions are not effective General shortage in Security skills5
    • 6. Mankind Created Data Data 40000 (exabyte) 35000 30000 25000 20000 15000 10000 5000 0 2005 2010 2015 2020 YearSource: IBM 6
    • 7. What is Big Data?7
    • 8. What is Big Data?Source: IBM 0307_Guardium_Final-.pdf 8
    • 9. What Happens in an Internet Minute?Source: Intel 9
    • 10. Four Dimensions of Big DataSource: IBM 0307_Guardium_Final-.pdf 10
    • 11. Big Data SourcesSource: IBM 11
    • 12. Business-driven OutcomesSource: IBM 12
    • 13. How is Big Data Different?13
    • 14. How is Big Data Different? Why It’s Different Architecturally: • Shared’ data • Inter-node communication • No separate archive – all data is online • No Security – breaches go undetected Why It’s Different Operationally: • Insider data access • Authentication of applications and nodes • Audit and loggingSource: Securosis SecuringBigData_FINAL.pdf14
    • 15. What is The Problem Big Data Security?15
    • 16. Big Data and The Insider Threat16
    • 17. 17
    • 18. Many Ways to Hack Big Data ETL Tools BI Reporting RDBMS Hackers Pig (Data Flow) Hive (SQL) Sqoop Unvetted Avro (Serialization) Applications (Coordination) MapReduce Or Zookeeper (Job Scheduling/Execution System) Ad Hoc Processes Hbase (Column DB) Privileged HDFS Users (Hadoop Distributed File System)Source: 18
    • 19. The Big Data platform may not be secure, but your Information can be secure.19
    • 20. A Changing Threat Landscape20
    • 21. New York Times about China Attack on US21
    • 22. One Single Sample: The Chinese APT1 group Compromised 141 companies in 20 industries Stole hundreds of terabytes of data Technology blueprints, Proprietary manufacturing processes, Test results, Business plans, Pricing documents, Partnership agreements, Emails*:
    • 23. Dominating “hacktivism” Attacks by Anonymous include • 2012: CIA and Interpol • 2011: Sony, Stratfor and HBGary Federal Source:,
    • 24.
    • 25. DataLossBD - Incidents Over Time - Increasing
    • 26. Breakout of Security Incidents by Country26
    • 27. Ranking Volume and Type of Security Incidents**: % of Escalated Alerts
    • 28. Security Incidents - Malicious Code* *: % of Escalated Alerts28
    • 29. What is the Cost of A Breach?29
    • 30. Cost of Data Breach per Record Independently Conducted by Ponemon Institute LLC March 2012
    • 31. How are Breaches Discovered? Notified by law enforcement Third-party fraud detection (e.g., CPP) Reported by customer/partner affected Brag or blackmail by perpetrator Unknown Witnessed and/or reported by employee Other(s) Internal fraud detection mechanism Financial audit and reconciliation process Log analysis and/or review process Unusual system behavior or performance 0 10 20 30 40 50 60 70 % By percent of breaches . Source: 2012,
    • 32. What is the Trend in Regulations?32
    • 33. Regulations: Be Proactive in Protecting Data33
    • 34. HIPAA Omnibus - Penalties if PHI isn’t encrypted
    • 35. Regulations: Be Proactive in Protecting Data Big Data must prepare for the changing landscape • Trend: Encryption requirements are increasing PCI DSS, US State Laws Health Data Regulations • Need for Data Segmentation (tokenization, encryption or masking) • Extra Sensitive Data (drug abuse, HIV codes, sex abuse and more) Ponemon Institute “Big Data Analytics in Cyber Defense” • 61 percent will solve pressing security issues • Only 35 percent currently have security solutions35
    • 36. Balancing security and data insight Tug of war between security and data insight Big Data is designed for access, not security Privacy regulations require de-identification which creates problems with privileged users in an access control security model Only way to truly protect data is to provide data- level protection Traditional means of security don’t offer granular protection that allows for seamless data use36
    • 37. The Solution is Finally Here37
    • 38. The Solution - Preventing Misuse of Data Attackers User Hackers Application Unvetted Applications Data Misuse Prevention Ad Hoc Data Processes Protection Policy Privileged Users Administrators Selective Data Protection Issued Patents38
    • 39. Support Business Applications 4 digits clear 90% 98 % Application transparent 6 digits clear 8% 6 digits encoded 2% 2 % Application changes PAN39
    • 40. How can we handle the Risk with Big Data? Risk High Traditional Access Control Creativity Happens At the edge Low Data Tokens Access I I Right Level Less More Small Data Big Data40
    • 41. Securing the Data Flow ETL Tools BI Reporting RDBMS Pig (Data Flow) Hive (SQL) Sqoop MapReduce (Job Scheduling/Execution System) Hbase (Column DB) HDFS (Hadoop Distributed File System) Legacy Systems Big Data Legacy Systems41
    • 42. Support Data Classification and Analytics Application Data in Clear Encrypted File Secured Data Fields (encoded)42
    • 43. The Process of Automating Security for Big Data Discover sensitive data Understand Control usage of Implement Monitor Big Data Integrate Solution sensitive data Secure Lock down sensitive data43
    • 44. SUMMARY44
    • 45. Big Data Security Problem - Summary Traditional security solutions cannot bridge the gaps between 1. Data breach protection and compliance 2. Provide powerful analysis and data insight 3. Utilize the power of a big data environment.45
    • 46. Proactive Data Protection for Big Data Know your data flow • Protect the data flow - including legacy systems Protecting your data now could save big time and $ in retroactive security later • Breaches and audits are on the rise – Organizations that fail to act now risk losing their hard earned investments. Granular data protection is cost effective • Addressing regulations and data breaches • Data available for analytics and other usage • Provide separation of duties for administrative functions Catch abnormal access to data • Including (compromised) insider accounts46