Big Data – Buzz Word or Way of Life?
The one thing that all can agree on regarding Big Data is that there are many questions and not enough answers. The general consensus around Big Data is that it’s not new and that it’s more a matter of the tools being used to put data together that drives the concept of Big Data. Organizations are looking to leverage Big Data to gain a competitive business advantage, especially in the financial services and healthcare industries. In addition, organizations are more and more looking to use Big Data for security purposes, including threat analytics that incorporate threat intelligence correlated with SOC data and log files.
While there are benefits to be gained, there are various operational and security-related issues that must be addressed:
- Data protection. Security leaders are concerned about the lack of the ability to control Big Data and are in general agreement that the same controls used over the last decade are insufficient and ineffective to protect the Big Data of today. Big Data stored in a central warehouse becomes a prime target for cyber criminals, and could represent the breach of the century should it get exfiltrated. Further, the standards and policies also require modernization.
- Data control. Security executives are faced with the question of who has the right to access the data. Identity and access control therefore becomes an issue when dealing with Big Data. One method of control involves managing to least privilege access.
- Data integrity. Does the information being exchanged make sense?
- Data consolidation. It’s believed that the tools necessary to consolidate the data are in the nascent stages.
- Data analysis. Security teams lack the skills and knowledge to effectively analyze Big Data. Organizations are concluding that what is needed is a data scientist who knows how to use the tools, can build the schemes and is able to ask the right questions. The challenge is that there is a lack of data scientist talent.
- Data residency and regulations. Security executives face global data residency issues and must be mindful of regulations and compliance issues surrounding the storage and movement of Big Data.
- Data life cycle and retention. Big Data gets created, moved, accessed and changed. Does it ever get destroyed? Security executives and business unit leaders are advised to work together to determine an ‘end of life’ policy for records retention.
|