InfoSecFail: The Problem With Big Data Is Little Data
(on my iPhone while my girls shop…)
While virtualization and cloud security concerns continue to catch the imaginative pause of pundits everywhere as they focus on how roles and technology morph yet again, a key perspective is often missing.
The emergence (or more specifically the renewed focus and prominent feature) of “big data” means that we are at yet another phase shift on the Hamster Security Sine Wave of Pain: The return of Information Centric Security.
(It never really went away, it’s just a long term problem)
Breach after breach featuring larger amounts of exfiltrated information shows we have huge issues with application security and even larger issues identifying, monitoring and protecting information (which I define as data with value) across it’s lifecycle.
This will bring about a resurgence of DLP and monitoring tools using a variety of deployment methodologies via virtualization and cloud that was at first seen as a hinderance but will now be an incredible boon.
As Big Data and the databases/datastores it lives in interact with then proliferation of PaaS and SaaS offers, we have an opportunity to explore better ways of dealing with these problems — this is the benefit of mass centralization of information.
Of course there is an equal and opposite reaction to the “data gravity” property: mobility…and the replication (in chunks) and re-use of the same information across multiple devices.
This is when Big Data becomes Small Data and the ability to protect it gets even harder.
Do you see new and innovative information protection capabilities emerging today? What form do they take?
Hoff
While I agree that there needs to be a shift, I disagree for two reasons.
A) Not everyone cares about appsec, nor datasec, nor even infosec or risk/fraud management
B) Those who are shifting are not following your or any “sine wave” or pattern for correction of controls
If anything, appsec controls are only recently being applied to the data/information flows by the risks to those segregated data/information stores. In the past, there was no analysis of appsec controls. In the past, system/network controls were applied by risks to systems alone. In the past, segregation was rarely present, especially due to monitoring control planes — at best there was segmentation.