Getting to grips with Big Data security
Davey Winder asked the big security questions about Big Data and has found experts with the answers...
"In 2005 there were an estimated 1.3 billion RFID tags used in numerous businesses to monitor assets, as of last year this has risen to over 30 billion all of which are generating data points," Jopling says.
With such a huge increase in instrumented devices, this results in great potential attack vectors with the emergence of greater and more sensitive data from devices such as smartphones.
"As a further example, in 2012 there was a 19 per cent increase in attack tools for mobile devices with over 4400 new security vulnerabilities across all spectrums according to the IBM 2012 X Force Trend & Risk Report," he adds.
Where Big Data really becomes a problem for the enterprise is when it is unstructured. Take, for example, anything on the desktop or shared areas such as SharePoint where the data is best described as being freeform in nature. The enterprise just doesn't have any way of knowing the value of this data, compared to structured systems such as SAP or a payroll system where decisions can be taken sensibly, and securely, as there is access to the data that is involved.
"The problem is that people focus on the big easily understandable systems, forget that a lot of the valuable stuff is unstructured and go ahead using a one size fits all policy," warns Martin Sugden, CEO of data security software firm Boldon James.
So what are the specific security challenges that Big Data brings to the enterprise? Lior Arbel, CTO at Performanta, thinks of these in terms of the 'Three V's' namely: Volume, Variety and Velocity.
"The volume of data an organisation needs to manage poses the risk that data will end up where it shouldn't, and the greater the amount of data the less visibility the user has of where it goes," Arbel says.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"The variety of data that an organisation deals with demands complex systems of organisation with a flexible system of control to comply with regulations, and to securely protect intellectual properties and finally the velocity (or demand for data) knows no bounds as patience no longer exists in the digital world with data needing to be available at any moment."
Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.
Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.
You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.