Big Data Opportunities Need Big Data Security

The adoption of big data analytics is rapidly growing. If you don’t get ahead of the curve, there’s big potential for big problems; but if you do plan ahead, there are big opportunities to successfully enable the business.

You might be wondering what the big deal is — and what makes big data special and more challenging. The trouble is that big data analytics platforms are fueled by huge volumes of often sensitive customer, product, partner, patient and other data — which usually have insufficient data security and represent low-hanging fruit for cybercriminals.

A Closer Look at Big Data Challenges

Big data analytics create significant opportunities. However, organizations must come to terms with the security challenges they introduce, for example:

  • Big data analytics focuses on finding key insights to move the business forward. Those insights are generally derived from sensitive data that’s aggregated in the big data repository.
  • The nature of big data — high volume, variety and velocity — makes it difficult to ensure data integrity.
  • Schema-less distributed environments, where data from multiple sources can be joined and aggregated in arbitrary ways, make it challenging to establish access controls.
  • Big data repositories present another data source to secure, and most existing data protection and compliance approaches will not scale.

Big data analytics create significant opportunities. However, organizations must come to terms with the security challenges they introduce.

Big Data Security Has Big Implications

Big data environments allow organizations to aggregate more and more data, largely consisting of financial, personal, intellectual property, proprietary or otherwise sensitive data. Most of this data is subject to compliance regulations such as the Sarbanes–Oxley Act (Sarbox), the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS), the Federal Information Security Management Act (FISMA) and the EU Data Privacy Directive.

This data is a primary target for hackers. Data security professionals need to take an active role as soon as possible. The reality is that pressure to make quick business decisions can result in security professionals being left out of key decisions or being seen as inhibitors of business growth. However, the risk of lax data protection is well known and documented, and it’s possible to be an enabler rather than an obstacle.

Corporations and their officers may face fines from $5,000 to $1,000,000 per day and possible jail time if data is misused. According to the “2015 Cost of Data Breach Study” conducted by the Ponemon Institute, the average organizational cost of a data breach is $3.8 million. In this year’s global study, the average per capita cost of data breach increased from $145 to $154. Hard penalties are only one example of how organizations can be harmed; other negative impacts resulting from a data breach include share-price erosion and negative publicity resulting in irreparable brand damage.

No Opportunities Without Security

At this time, an increasing number of businesses are adopting big data environments. The time is ripe to make sure security teams are included in these decisions and deployments, particularly since big data environments — which don’t include comprehensive data protection capabilities — represent low-hanging fruit for hackers since they hold so much potentially valuable sensitive data.

Data security is a detailed, continuous responsibility that needs to become part of business as usual for big data environments. Securing data requires a holistic approach to protect organizations from a complex threat landscape across diverse systems.

Data security must complement other security measures such as endpoint security, network security, application security, physical site security and more to create an in-depth approach. By planning ahead and being prepared for the introduction of big data analytics in your organization, you will be able to help your organization meet its objectives securely.

Read the white paper: Finding the path to security in the big data landscape

Share this Article:
Leslie Wiggins

Portfolio Marketing Manager, IBM

Leslie Wiggins is part of the portfolio marketing group within the IBM Security business unit, and she is responsible for IBM Security Guardium. Leslie joined IBM in 2002, and has held product management and product marketing roles within the WebSphere, Information Management, and Analytics business unit: Until recently, Leslie was focused on marketing for the InfoSphere Information Integration portfolio with a focus on Big Data Integration. Leslie holds an M.B.A from Georgetown University and a B.A. from the University of Virginia.