Big data security the perfect storm


Published on

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • IBM BD usage GBE03519USEN.pdf
  • IBM BD usage GBE03519USEN.pdf
  • Incidents Over Time
  • Big data security the perfect storm

    1. 1. Big Data Security - The Perfect Storm
    2. 2. The Perfect Storm 1991 It was the storm of the century, boasting waves over one hundred feet high a tempest created by so rare a combination of factors that meteorologists deemed it "the perfect storm." When it struck in October 1991, there was virtually no warning.*:
    3. 3. The Perfect Storm Increased profits Customer Regulations Support & Breaches Increased profits Social Media Big Data Sales & Business Marketing Improvement Increased profits Increased Customer Security profits Profiles Analysis Increased Increased profits profits3
    4. 4. Perfect storm Increased Breach or WeakerMore Data Regulations Audit Fail Security ($$$)4
    5. 5. The Perfect Storm Big Data is a Time Bomb based on how things are coming together Big Data deployment is growing fast, rushing into it • ROI in focus • Security is not part of Strategy Shortage in Big Data skills • People don’t know what they are doing Big Data Security solutions are not effective General shortage in Security skills5
    6. 6. Mankind Created Data Data 40000 (exabyte) 35000 30000 25000 20000 15000 10000 5000 0 2005 2010 2015 2020 YearSource: IBM 6
    7. 7. What is Big Data?7
    8. 8. What is Big Data?Source: IBM 0307_Guardium_Final-.pdf 8
    9. 9. What Happens in an Internet Minute?Source: Intel 9
    10. 10. Four Dimensions of Big DataSource: IBM 0307_Guardium_Final-.pdf 10
    11. 11. Big Data SourcesSource: IBM 11
    12. 12. Business-driven OutcomesSource: IBM 12
    13. 13. How is Big Data Different?13
    14. 14. How is Big Data Different? Why It’s Different Architecturally: • Shared’ data • Inter-node communication • No separate archive – all data is online • No Security – breaches go undetected Why It’s Different Operationally: • Insider data access • Authentication of applications and nodes • Audit and loggingSource: Securosis SecuringBigData_FINAL.pdf14
    15. 15. What is The Problem Big Data Security?15
    16. 16. Big Data and The Insider Threat16
    17. 17. 17
    18. 18. Many Ways to Hack Big Data ETL Tools BI Reporting RDBMS Hackers Pig (Data Flow) Hive (SQL) Sqoop Unvetted Avro (Serialization) Applications (Coordination) MapReduce Or Zookeeper (Job Scheduling/Execution System) Ad Hoc Processes Hbase (Column DB) Privileged HDFS Users (Hadoop Distributed File System)Source: 18
    19. 19. The Big Data platform may not be secure, but your Information can be secure.19
    20. 20. A Changing Threat Landscape20
    21. 21. New York Times about China Attack on US21
    22. 22. One Single Sample: The Chinese APT1 group Compromised 141 companies in 20 industries Stole hundreds of terabytes of data Technology blueprints, Proprietary manufacturing processes, Test results, Business plans, Pricing documents, Partnership agreements, Emails*:
    23. 23. Dominating “hacktivism” Attacks by Anonymous include • 2012: CIA and Interpol • 2011: Sony, Stratfor and HBGary Federal Source:,
    24. 24.
    25. 25. DataLossBD - Incidents Over Time - Increasing
    26. 26. Breakout of Security Incidents by Country26
    27. 27. Ranking Volume and Type of Security Incidents**: % of Escalated Alerts
    28. 28. Security Incidents - Malicious Code* *: % of Escalated Alerts28
    29. 29. What is the Cost of A Breach?29
    30. 30. Cost of Data Breach per Record Independently Conducted by Ponemon Institute LLC March 2012
    31. 31. How are Breaches Discovered? Notified by law enforcement Third-party fraud detection (e.g., CPP) Reported by customer/partner affected Brag or blackmail by perpetrator Unknown Witnessed and/or reported by employee Other(s) Internal fraud detection mechanism Financial audit and reconciliation process Log analysis and/or review process Unusual system behavior or performance 0 10 20 30 40 50 60 70 % By percent of breaches . Source: 2012,
    32. 32. What is the Trend in Regulations?32
    33. 33. Regulations: Be Proactive in Protecting Data33
    34. 34. HIPAA Omnibus - Penalties if PHI isn’t encrypted
    35. 35. Regulations: Be Proactive in Protecting Data Big Data must prepare for the changing landscape • Trend: Encryption requirements are increasing PCI DSS, US State Laws Health Data Regulations • Need for Data Segmentation (tokenization, encryption or masking) • Extra Sensitive Data (drug abuse, HIV codes, sex abuse and more) Ponemon Institute “Big Data Analytics in Cyber Defense” • 61 percent will solve pressing security issues • Only 35 percent currently have security solutions35
    36. 36. Balancing security and data insight Tug of war between security and data insight Big Data is designed for access, not security Privacy regulations require de-identification which creates problems with privileged users in an access control security model Only way to truly protect data is to provide data- level protection Traditional means of security don’t offer granular protection that allows for seamless data use36
    37. 37. The Solution is Finally Here37
    38. 38. The Solution - Preventing Misuse of Data Attackers User Hackers Application Unvetted Applications Data Misuse Prevention Ad Hoc Data Processes Protection Policy Privileged Users Administrators Selective Data Protection Issued Patents38
    39. 39. Support Business Applications 4 digits clear 90% 98 % Application transparent 6 digits clear 8% 6 digits encoded 2% 2 % Application changes PAN39
    40. 40. How can we handle the Risk with Big Data? Risk High Traditional Access Control Creativity Happens At the edge Low Data Tokens Access I I Right Level Less More Small Data Big Data40
    41. 41. Securing the Data Flow ETL Tools BI Reporting RDBMS Pig (Data Flow) Hive (SQL) Sqoop MapReduce (Job Scheduling/Execution System) Hbase (Column DB) HDFS (Hadoop Distributed File System) Legacy Systems Big Data Legacy Systems41
    42. 42. Support Data Classification and Analytics Application Data in Clear Encrypted File Secured Data Fields (encoded)42
    43. 43. The Process of Automating Security for Big Data Discover sensitive data Understand Control usage of Implement Monitor Big Data Integrate Solution sensitive data Secure Lock down sensitive data43
    44. 44. SUMMARY44
    45. 45. Big Data Security Problem - Summary Traditional security solutions cannot bridge the gaps between 1. Data breach protection and compliance 2. Provide powerful analysis and data insight 3. Utilize the power of a big data environment.45
    46. 46. Proactive Data Protection for Big Data Know your data flow • Protect the data flow - including legacy systems Protecting your data now could save big time and $ in retroactive security later • Breaches and audits are on the rise – Organizations that fail to act now risk losing their hard earned investments. Granular data protection is cost effective • Addressing regulations and data breaches • Data available for analytics and other usage • Provide separation of duties for administrative functions Catch abnormal access to data • Including (compromised) insider accounts46