Protecting data is essential and requires full executive support and comprehensive policies. Big data and cloud data must be secured through strong access controls, encryption, firewalls, and anti-malware detection. A layered security approach is needed including physical security, forensics capabilities, and innovation to stay ahead of evolving threats. Cutting costs on data protection risks losing customers, reputation and intellectual property.

1. Protect The Data
Big Data and Cloud Data
You Must Protect the Data
(Caveat: Slide set geared toward Executive managers & non-experts)
http://patrick642.wordpress.com from strategy, intelligence, innovation, leadership to improvements
http://patrick642nu.wordpress.com from cyber security, strategy, innovation, Intel & Intelligence to leadership
Patrick A. -- MScIA MBA CISSP-ISSEP
Intelligence Officer/Analyst – Cyber security/InfoSec SME
May 25, 2014

2. Champions
 Prior to anything else, you absolutely must have on your
side, on board and in agreement for your Data / Network
Protection efforts
 CEO
 Chairman of the Board
 President
 If these individuals are unwilling to Champion or Sponsor
‘necessary’ security efforts – you may as well stop here
 If they are on board, they should see clear cut reasons &
benefits behind protecting the data, because it means
keeping:
 The company Brand/Reputation intact AND enhancing it
 Customers happy, knowing their data is being protected
 Investors happy – some of whom are altruistic and desire more than just
profits…

3. Policies
 You must have Policies in place to go along with your
other efforts with executive management signing off
on them
 Without Policies for your management, staff,
partners & vendors, you have no leg to stand on
 Computer Use Policy
 Internet Use Policy
 Telecommunicating Policy (Work from home)
 Non-Disclosure Agreement (NDA)/Policy
 As well as other needed policies
 Policy enforcement – you actually need to do this…

4. Invaders
 Your data is what the ‘invaders’ want
 They will do whatever they can to get at it
 Hackers Hacktivists Terrorists Nation states and well, even friends sometimes (allegedly)… NSA

5. Big Data and Cloud Data
(basics) (1 of 4)

6.  Big Data
 Unstructured and/or structured info your firm
receives and/or collects – multiple sources
 Big Data uses algorithms and analytics to filter
through all the forms of data collected to data mine
and analyze for required results
 The data  PDFs, Images (ie - JPEGs, TIFs), Word &
Excel, Word Perfect, Google Docs, email (professional,
commercial (ie Hotmail)), HTML, HTML5, XML, Database,
Video, etc.
Big Data and Cloud Data (basics)
(2 of 4)

7.  Cloud Data
 Info in the “Cloud”
 The “Cloud” is nothing more than
 Big Data or specific data sent to/from networks
 Cloud – a network comprised of a number of servers
with multiple CPUs and multiple attached storage
devices at some location on the planet, for parallel
processing or not – think of the early ‘94 Beowulf
network (Becker, D.J. and Sterling, T. and Savarese, D. and Dorband, J.E. and Ranawak, U.A. and
Packer, C.V. www.phy.duke.edu/~rgb/brahma/Resources/beowulf/papers/ICPP95/icpp95.html)
 Grid computing, which is similar, is the collection of computer
resources from multiple locations to reach a common goal
Big Data and Cloud Data (basics)
(3 of 4)

8.  Cloud Data
 Service Level Agreements (SLA)
 Ensure SLA explicitly covers:
 Protection partnership between you & Cloud provider (you are both
responsible); anti-malware, encryption, VPN access, liability, forensics
for any breach, disaster recovery (provider – fire, earthquake, etc.)
 Who at your firm:
 Has Admin rights to the data for any kind of admin work
 Can access the Cloud data (staff, partners, vendors)
 Who at Cloud provider can:
 Access your data for replication/back up purposes & troubleshooting ‘only’ without
rights to perform any reading, data manipulation, copying or printing
Big Data and Cloud Data (basics)
(4 of 4)

9. Access to Data
 Passwords - Complex & Encrypted – Yes, painful, annoying &
necessary
 Better than losing $xxx,000+ of R&D data due to weak
passwords (i.e. no more short 8-10 character passwords)
 Must move to better authentication (who’s who)
 2-factor – token & pin, smartcard & pin
 Biometrics – retina, fingerprint
 Provide “only” needed access (authorization) to data people
need to do their job well (and protecting against insider threats)
 i.e. – Are USB ports, DVD/CD writing capabilities necessary –
for everyone…?
 Sys Admins do not require access to all (i.e. – Snowden)

10. Encryption
 Network & VPN
 AES-192 or AES-256
 Wi-Fi
 No WEP or WPA  At minimum use WPA2
 Make use of security mechanisms in:
 IPv6, IPSec & DNSSec
 Application layer to Application layer
 Where possible, not just endpoint endpoint
 Data At Rest
 Servers, SANs/NAS, PCs, Laptops, Smartphones (containers)

11. CPUs
Because of encryption & authentication, you need devices
capable of higher processing demands
 Laptops, PCs, Servers
 Do not forget smartphones & tablets too…
 Many CPU cores as possible
 Highest GHz possible for:
 Encrypting & decrypting data
 Preventing latency & lag times
 Users will not like it and ‘will’ become unproductive if they
have to wait on decrypt/encrypt & transmission times

12. Wi-Fi Access Points (1 of 2)
 For firms, the more APs, the better

13. Wi-Fi Access Points (2 of 2)
 Strong Passwords & SSIDs
 No default passwords or Descriptive SSIDs
 Multiple APs & multiple SSIDs
 Limit rights & access through the APs - Guests, Admins,
Staff, Partners, Vendors
 Coverage – roaming, fewer dropped connections
 Scan for rogue APs
 Periodically & Randomly – remove & enforce policies
 Directional antennas on peripheries
 Max power for APs – No
 Are people outside the bldg using your Wi-Fi…

14. VPN
 If you care about:
 Who remotely accesses your network
 Productivity of remote staff
1) Obtain a strong VPN package
 Excellent admin features such as
 A dashboard for drilling down to granular levels and
 Includes analytics for “what if” and other scenarios
2) It will be Fast AND User friendly for your staff
3) One of the best of breed VPNs
4) Scalable to grow with you
 No barebones VPN
 You will pay more later if you do to gain needed
features

15. Network Speeds (1 of 2)
 Today, it is necessary for your network to have
the best throughput possible & for tomorrows’
growth
 Very, very minimal latency – Staff is more productive
 Latency – Staff and Management wait and they become bored…
and/or annoyed…

16. Network Speeds (2 of 2)
 You need more:
 Bandwidth into & out of your network
 Throughput across your network
 You will need both to handle growing
 Increased speeds: Router, VPN, Switch, Wi-Fi AP & Server
 10 – 100Mbps no longer cuts it for tomorrow when we will have
 4K HDTV
 More holographic conference calls (i.e. Cisco Telepresence)
 Smartphone to Desk phone video calls
 1 Tbps traffic – yes, 1 Tbps (BT & Alcatel-Lucent proved this new protocol
[Flexigrid] works – over “existing” hardware & fiber optics @ 1.4Tbps)

17. Anti-Malware (1 of 2)
 Anti-Virus (AV) is no longer good enough, you need
a suite of detective and mitigating anti-malware
software, capable of working from the physical
layer up to the application layer.
 The suite must be capable of working on and at
various points throughout your network.
 Detect, Correlate, Prevent, Mitigate & Report malicious
activity
 Work in conjunction with IDS/IPS/Firewalls

18. Anti-Malware (2 of 2)
 Intelligent, best of breed
 Layered – to cover multiple avenues of attack
 No one vendors’ product captures all malware
 If possible, obtain a second best of breed suite to run in parallel
 Or, use a vendor who does this in the Cloud with multiple anti-malware
engines for real-time protection
 Very fast processing capabilities
 If possible, software should use:
 Artificial Intelligence, Heuristics, Expert Logic or Fuzzy Logic

19. IDS/IPS & Firewalls
 Even anti-malware is not enough by itself. You must
detect & prevent as much malware (or hackers) as
possible, as soon as possible, every place possible
 Needed for infiltration into and exfiltration of data
out of the network
 Intrusion Detection Systems & Intrusion Protection
Systems
 NIDS – for the network, on the periphery & internally
 HIDS – for servers, PCs, laptops
 Firewalls
 High throughput
 Very fast processing
 With extremely low latency & extremely low drops & false positives

20. Forensics
 You will need forensics software (not barebones) to do
multiple levels of forensics if you have an incident
 High to Low level (think deep dive)
 After an incident, you will need to do various forms
of forensics
 Financial & Auditing
 Network
 To see where infiltrated, how, when and what damage was done
 Enough varied reporting capabilities for most
situations allowing for detailed content
 Look out for Anti-Forensics attempts…

21. Physical Security
 This goes without saying, we still need Physical
Security
 Must work with Cyber Security staff & vice versa
 Physical security should have a good level of cyber security
training
 Your buildings need better than just good
physical security, for:
 Doors (all doors) Windows (all windows) Fences
 Badge Access system (with a chip, no magnetic stripe)
 Cameras
(with great zoom & resolution & tracking & recording & storage & retrieval capabilities)
 Random (and tested) physical sweeps

22. Innovation & Creativity
 We are at the point where we need more Innovation
and Creativity to protect the data, engage your:
 Techie staff for ideas they know or have heard of
 Non-techie staff for divergent ideas, which could prove
valuable
 Quantum Computing is growing and that, along with
Quantum Cryptography will make current cyber
security efforts, obsolete
 Think, Think, Think… and Adapt, rapidly
 You and your firm cannot afford to go partially into
Protecting The Data, skimping on cost – from this
point on, this is an “all in” situation!