Bookmark and Share

Big Data – Buzz Word or Way of Life?

More than just a buzz word, Big Data is quickly becoming a way of life as companies seek to leverage the tremendous amount of data to find hidden meanings and uncover relationships that one normally wouldn’t find.

While Big Data unquestionably has its value, it also presents security executives with a number of challenges:

  • Data Retention - Motivated by the possibility of finding another use for the data in the future, companies are looking to keep the data longer. This in turn drives the need for data retention policies.  
  • Data Overload – For many information security departments, the analysis of Big Data presents the challenge of where to start. When performing trend analysis, one recommendation is to establish a baseline and then look for deviations.
  • Ease of Analysis – Pages and pages of rows and columns present a sea of numbers that is hard to analyze. As a result, there is a growing need for visualization tools that will allow analysts to easily make sense of the data.
  • Responsibility to Take Action – With knowledge comes responsibility. Data analysis has the potential to provide information security practitioners with alerts and details that were previous unavailable. As a result, security teams must determine how they will respond. Establish a 24/7 Response Team? Address the alert later? Once a response policy is established, security teams must respond consistently.
  • Engagement with Business Units – Data analysis may lead business units to launch projects in regions that may pose a security risk. Because the activity may throw off the security alarms and cause security teams to respond to something benign, it is therefore expected that behavior analysis will drive security teams to develop a tighter relationship with business units to understand what they are doing with their projects.
  • Privacy Implications – The privacy implications are unclear. In the past, it was very clear that a Social Security Number is PII and must be treated with care. However, if an organization is able to gather three or four different pieces of information that are not PII, but once assembled, lead to the same conclusion – is that OK?  What will be the rules and laws governing privacy implications of Big Data?
  • Trust in Results – How can one trust the data that analytic tools provide? Often, security analysts can eyeball results and know if it looks right or not. Once the volume data grows so large that no one human can look at it and make sense of it, will eyeballing the results still be possible? Or will security teams be placed in the position of making security decisions on the results of Big Data analysis?