Big data: How to Understand Data and the Associate Risks
In the late 19th and early 20th century, villagers Melanesians were accustomed to build false highways ritually because they thought they would favour the magical appearance of “cargo” of great value. These practices are now called “cargo cult”, a phenomenon that closely resembles the craze of recent years for Big Data that can store an infinite number of data in a digital database.
This concept involves taking large amounts of data, putting them in a “pool” in the hope that immense value emerges. However, because of their incredible volume, this unfortunately leads organizations to look only at the results without taking into account the risks inherent and present in this database. At present, only informed companies are interested both in the purpose and the risks that accompany each case of exploitation of this information.
Big Data, what kind of vulnerability?
First of all, the fact that many organizations choose to save their data in a single location and accessible via an analysis interface offers the hacker a point of attack, and therefore very it is critical for the companies concerned. In addition, from a compliance point of view, beyond the concentration of information in one place, the challenge is not only to look at the stored data, but also to consider the risk of data correlation.
Take the example of the US National Defense Forces, which at one time considered their payroll database as a document of critically low importance. They gave him less security. Imagine that this logic is applied to other cases, and that wage levels reflect the level of critical importance. If we take the example of a soldier’s salary, we could conclude his rank according to the amount he receives. A high income could then mean that it belongs to a special service unit. Depending on this amount and any bonuses received, we could also deduct his rank as well as a possible deployment in a country at war; this would potentially lead to the conclusion that the soldier in question is still there during the mission.
This is a perfect illustration of the kind of threats that correlation of certain data can represent for an organization; and it’s also a chronic problem with Big Data. Indeed, with sufficiently large amounts of information, their anonymization can be ineffective, most of the time because the models of certain data are easily traceable to an individual. This is particularly related to the fact that the more they are, the more the risk that they are correlated increases, and therefore, more hackers have data to de-anonymize. An endless cycle if we do not see what’s in the database because to properly and efficiently secure an infrastructure, you must be able to see what is there.
However, companies do not always have the time and resources to see in detail all the data traffic that passes through their network. To solve this, they can rely on the metadata that allows them to benefit from a more precise context around the data. This allows them to better identify potential problems and report any discrepancies by forwarding these details to security information and event management (SIEM), forensic and other Big Data security analysis tools. These will take over and will be able to identify an anomaly more quickly, keeping the example of SIEM, which involves reviewing, from a single console, the corporate security data generated in many points of the system.
Big Data and Compliance
There are some regulations in this context of profusion of data, for example, the General Data Protection Regulation (GDPR). But this regulation seems to raise a real problem. It is difficult to imagine how an organization with a database, even anonymous, can objectively meet the requirements of this regulation, in such a short time. For example, in case of a cyber-attack, companies only have 72 hours to report a flaw, they will probably not be able to identify as quickly the damage caused by hacking, the impacted data, or the consequences on third parties – that is, the risk that a hacker could have correlated all their data.
In summary, organizations accumulate vast amounts of data in the hope that future business value will emerge. This remains a risky bet without the prior implementation of a security strategy and full visibility on networks. And in the case of Big Data, a clear view of the content of the database will be the best way to ensure the most optimal data management, but also the risks associated with the reconciliation of information that can serve the malicious interests of a hacker.
