Can Big Data Ever Be Secure?
Big Data makes for big headlines. We talk about everything from its applications – with more and more companies using it to deliver a better product, or a more effective customer experience – to its potential for misuse and its function as a high value target for attackers.
In a way, it really is a double-edged sword. On the one hand, big data allows companies to effectively anticipate and meet the needs of consumers. Wal Mart uses big data to forecast product demand across their stores, Sears to provide a sophisticated customer loyalty program, Amazon to ensure more efficient customer service, American Express to detect fraudulent transactions. Today, the number of large firms utilizing big data is estimated by various sources at over 50%.
On the other hand, big data has its drawbacks. When one company is collecting the information of millions and sometimes even billions of people – how can users of their products and services be assured that their personal information will not end up being shared and used without their knowledge (aka Facebook and Cambridge Analytica) – or even worse, hacked and sold on the dark web?
Big Data as a Hacker Magnet
Big data has become the world’s most valuable resource – the most valuable asset not only for the organizations that use it to do business – but also to the hackers who see it as the cherry on top of the cake. Remember the Target hack in 2014? Details of 110 million customer accounts wound up for sale on the dark web. The breach cost the company some $202-million, and it ended up paying a settlement of $18.5-million to settle claims made by 47 states. An interesting note – Target actually had an advanced malware detection solution in place, but the solution did not have its full remediation capabilities enabled. And when the solution issued an alert, it was ignored by the security team.
Consumer reporting agency Equifax holds the record for the largest high value information hack of all time. As a repository of information, hackers honed in on the company in 2017, stealing the details of 143-millon people and putting them at risk of identity theft. This included their names, phone numbers, social security numbers, birth information, addresses, driver license numbers and credit card numbers. The Equifax hack was the classic example of hackers gaining entry through an unpatched software vulnerability – one that the company knew about for a full 2-months before the breach.
Target and Equifax are two examples in the long list of news headlining hacks that we’ve all heard of – Yahoo, Ashley Madison, Under Armour, Ebay, LinkedIn, Uber… so how do you know your organization won’t be next, and what can you do to prevent this?
Big Data as Part of the Solution
As more and more companies rely on digital information to carry out their day-to-day business, organizations will increasingly find themselves at risk of cyber attack. And as business continues to move to the cloud, mobile and BYOD, the security perimeter will continue evolving. Big data analytics is part of the solution, using patterns in activity to look for anomalies, identifying true threats while giving security teams real insight, both on an actionable level, and for later forensic investigation. And big data hacks serve as lessons for us all: there is no room for human error when it comes to securing your organization. Detecting and remediating threats requires an intelligent, holistic solution – one that can see the big picture, cut out the noise, hone in on the threat, and most importantly, provide an automated method of rapid response once a threat is found.