The below article is authored by Chetan Anand, Associate Vice President – Information Security and CISO, Profinch Solutions, and ISACA Global Mentor
The growing trust of big data and the interconnection of devices through the Internet of Things (IoT) has created a broader scope for hackers to exploit. This means that businesses have an even wider surface to protect when it comes to their big data. While new technologies bring new security risks, there’s also business benefit in embracing those that help to combat big data breaches.
Big data and big data analytics
Big data usually includes data sets with sizes beyond the ability of commonly used software tools to capture, curate, manage and process data within a tolerable elapsed time. Parallel computing tools are needed to handle this type of data. The big data age is characterized for businesses by risks and opportunities. The explosion in data traffic, considering the evolution of internet use and computing power, offers a rich source of insights to improve decisions, but also creates challenges for organizations in how they process big data that includes storing, managing, and analysing the data.
Data is meaningless unless it is analysed. For example, it is not sufficient to just implement a firewall. The logs generated by firewalls need to be analysed. Big data analytics entails the use of advanced analytic techniques against very large, diverse big data sets that include structured, semistructured and unstructured data, from different sources, and in different sizes from terabytes to zettabytes. It can help businesses achieve faster, better decision making, cost reduction and operational efficiency, and a more data-driven go to market approach.
Big data breach and big data security
When looking at big data, businesses must also look at the potential for breaches, given that the volume and complexity of cyber-attacks have significantly increased over the years. With data breaches, stolen data may involve sensitive, proprietary, or confidential information such as credit card numbers, customer data, trade secrets, or theft of Intellectual property.
Most data breaches are caused due to unplugged vulnerabilities, hacking or malware attacks, and primarily result in loss of confidentiality of the information. For big data, ensuring security and confidentiality of business data and customers’ sensitive information are the main security issues.
As part of big data security, businesses must implement measures and tools to guard both the data and analytics processes from attacks, theft, or other malicious activities that could harm or negatively affect them. This includes improving their system’s cyberattack resilience level, configuring automated data cleaning, data masking, and document sanitization tools, establishing mandatory authorization for employees, and adjusting continual monitoring of the system’s state.
Big data security use cases
Big data security comes into play with firewalls and security applications, which commonly generate thousands of alerts per day. It is practically impossible to manually review these alerts and form meaningful associations and conclusions from this volume of data. However, businesses need to assess information security events and decide if they are to be categorized as information security incidents and need to have a process to help detect a big data breach based on the alerts generated. A centralized logging facility to capture all security events could be utilized to relate certain types of events and assist in drawing conclusions to determine appropriate follow-up actions.
Another use case for big data security is fraud analysis of large volumes of transactional data. Using predefined criteria determined in collaboration with other departments, the big data patterns could flag specific transactions out of a large population of data to investigate for potential instances of fraud.
How do big data security advances help in combating big data breaches?
By analysing big data, businesses can predict possible future attacks and come up with effective controls to prevent them. For example, if a business is a victim of a big data breach, carrying out a thorough root cause analysis of the events leading to the big data breach can help identify the patterns followed by the hackers before they gained successful entry into the network. The knowledge gained from big data breaches should be used to strengthen and improve the business’ information security controls.
On the other hand, if a business has never been attacked, it can use current and historical industry data to identify strategies used by hackers to attack other entities. Information relating to information security threats should be collected and analysed to produce threat intelligence and then facilitate informed actions to prevent the threats from causing harm to the organization and reduce the impact of such threats.
Although businesses use their big data platform to detect intrusion anomalies, that big data platform is just as vulnerable to malware and intrusion as any stored data. No matter how many new technologies come into the market that help to combat big data security breaches, it is everyone’s responsibility in the business to secure big data and be aware of the business’ security policies, procedures and controls.