Isc(2) eastbay-lenin aboagye
•Download as PPTX, PDF•
0 likes•45 views
Big Data: The Forgotten Security Landmine
Recommended
Recommended
More Related Content
What's hot
What's hot (19)
Similar to Isc(2) eastbay-lenin aboagye
Similar to Isc(2) eastbay-lenin aboagye (20)
Recently uploaded
Recently uploaded (20)
Isc(2) eastbay-lenin aboagye
- 1. Title Text Body Level One • Body Level Two • Body Level Three • Body Level Four • Body Level Five Big Data : The Forgotten Security Landmine By: Lenin Aboagye, Security Executive lenin@kogni.io
- 3. Traditionally Data has been stored in File systems, Databases, Network Shares, Emails etc.. Most of the Data generated was structured data and stored in Databases 01 Where did we start from - and fast forward to today? Today , App Developer Magazine reports that more data was created in 2017 than in the previous 5,000 years of humanity, and Gartner estimates that nearly 80 percent of this data is unstructured, meaning it lives in formats like PDFs, images and videos. The process of managing, structuring and deriving value from this growing cache of information is challenging, time-consuming and expensive — if it happens at all
- 4. • Paperless: Every organization is going Digital.. Grocery Chains, Digital Notary, Digital Banking, Digital Lending Processes(scanning everything), Esign(DocuSign) • Ease of Content Creation : Social Media, Business Apps • Mobile Capture : Every second we capture and send Data • IOT: Connected anywhere and everywhere(Thermostat, TV, Cars, Planes, Product tracking etc..), Data Center Sensors 01 How and where is this Data coming from? Media Web Cloud IOT Databases
- 5. 01 Where is this data being stored and processed and why?
- 6. • Rapidly adopted technology, Capability before Security • Multiple sources of data, different Varieties of data, Volume, Velocity • No one really knows what data is being put into big data lakes • Security Governance Gaps..bulk of your data is no longer in your databases • There are not many security Data Scientist and Data Scientist do not want to deal with security 01 Why Important for business but security Forgotten? Source: CA Study on big data
- 7. Data is harder to track now01
- 8. • No Natively Defined Security: Encryption, Policy Management, Compliance & Risk Management • Anonymity and Privacy: User identity, behaviors etc.. • Varied and Complex: Data structure: Structured, Semi- Structured and Unstructured Data Sources: Server data, email data, cloud apps and mobile device data Data consumers: High-level executive, B2B, B2C 01 What is the GAP and how do we bridge it? • Goldmine for PII Reams of data all flowing into centralized system • Few security people have big data experience • Data Brokers-e.g Cambridge Analytica • Current Security Solutions simply do not work..DLP, Data Activity Monitoring Tools, Database Encryption • Lack of products on market
- 9. 01 What is the GAP and how do we bridge it?
- 10. • Extend best practices in structured Data to Big Data • Know your Data: Data Discovery, Data Cataloging, reduce number of sensitive data locations • Protect your Data: Encryption, Redaction, Tokenization, Authorization • Monitor, Monitor, Monitor • Watch out for Anomalies, User and System activity monitoring, Policy violations and build predictive models with Big Data • Build a data centric security and risk model 01 Solve the Big Data Conundrum
- 11. 01 When it comes to Big Data
- 12. Thank you!! THE WHY | DATA SECURITY01
Editor's Notes
- Databases: Traditional and modern databases(MSSQL, NOSQL) IOT: Data from Interconnected devices Web: Data publicly available on web, social media ,etc.. Cloud: Public, Private Media: Images, Videos, Social Media, Audio, podcasts
- Databases: Traditional and modern databases(MSSQL, NOSQL) IOT: Data from Interconnected devices Web: Data publicly available on web, social media ,etc.. Cloud: Public, Private Media: Images, Videos, Social Media, Audio, podcasts
- http://www.datacenterknowledge.com/archives/2015/06/16/study-identifies-common-pain-points-in-big-data-projects
- https://www.privacyrights.org/data-breaches?title=&taxonomy_vocabulary_11_tid%5B%5D=2436&taxonomy_vocabulary_11_tid%5B%5D=2434\ https://informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-static/ GDPR regulation is a way government is forcing the organizations to do the right thing Very soon we will be seeing similar regulations coming up in US
- Cambridge Analytica..23 million, 83 million
- Databases: Traditional and modern databases(MSSQL, NOSQL) IOT: Data from Interconnected devices Web: Data publicly available on web, social media ,etc.. Cloud: Public, Private Media: Images, Videos, Social Media, Audio, podcasts
- there is no insitituinal kbowkedge of what data is stored in a datastore…equifax and scotttrade breach example… you do not not where your sensitive data is stored [notes, image, chat text, app logs] the answer keeps changing you do not not who has access to your sensitive data [temp tables with wide-open access, text data with wide-open access] the answer keeps changing since the answer keeps changing you need an alerting system, not merely a reporting system As big data gets bigger and cloud usage increases, governing sensitive data and managing digital risk at an enterprise level are daunting challenges. Non-production databases are a goldmine of sensitive data and are regularly used in application development and testing. Too many data sources [prod, dev, qa] [on-premises, cloud] [file serves, nosql, hadoop, rdbms] [image, text, csv] can get overwhelmed by the sheer number of data sources that need to be monitored examples text doctor's notes has patient's sensitive data (PHI) [Healthcare] counselor notes has student's sensitive data (FERPA) [Education] rep's notes has customer's credit card number (PCI) [E-Commerce and Retail] chat text has customer's sensitive data developer is writing SSN, credit card, to a log file. How do you know he is not? a temporary table containing sensitive data gets created [dev forgets to delete it] [wide-open access]