In the age of Big Data risks are big too

Big Data means increased risks: a large-scale leak may lead to tremendous reputational damages, so cyber-resilience is extremely important.

Our Big Data Week, a series of posts dedicated to usage and security of larger amounts of data, continues

Published so far:

And it will be continued.

Everyone remembers a big hoopsie of Sony PlayStation Network in 2011, but it’s long overshadowed by leaks from eBay and Adobe with, respectively, 152 and 145 million user records leaking away. It even dwarved Target’s tragic losses.


In the age of Big Data losses are big, too. Especially when they are not prevented in a timely manner.

Actually, these millions of records aren’t that big when expressed in “absolute figures” – i.e. in bytes: troves of personal and/or payment data make up, perhaps, several hundred megabytes or a few gigabytes. We’ve probably yet to see the petabyte-scale leaks in the near (or not so near) future: for now it’s clearly a problem of Web bandwidth capacity. 

However, it’s quite logical to assume that potential perpetrators are more interested in the already filtered information – results of the analysis, and not the raw data, that requires computation power to deal with. So, the question of securing Big Data is closely related to security of cloud (which is already a less exotic matter than it was a few years ago).

Two years ago, for instance, Cloud Security Alliance released a white paper entitled Top Ten Bg Data Security and Privacy Challenges. They are:

1. Secure computations in distributed programming frameworks

2. Security best practices for non-relational data stores

3. Secure data storage and transactions logs

4. End-point input validation/filtering

5. Real-time security/compliance monitoring

6. Scalable and composable privacy-preserving data mining and analytics

7. Cryptographically enforced access control and secure communication

8. Granular access control

9. Granular audits

10. Data provenance

Familiar topics, most of them, aren’t they? 

Mentioned above, Steve Durbin quotes Information Security Forum’s (ISF’s) January 2012 report, “Cyber Security Strategies: Achieving Cyber Resilience,” stating that “today’s cyber criminals are better organized, more professional and have access to powerful tools and capabilities, which they use to identify, target and attack. When things go wrong, they can go wrong big time for an organization. It’s not the one-off data breaches or hacker attacks stories that hit the headlines, but those with far-reaching consequences that can mean reputational damage, legal liability and even financial ruin. Cyber resilience and preparedness strategies are crucial for big data.

To be continued.

Big Data Week

<< Previous Post | Final Post >>