Big 'Bad Wolf' Data

As these stories often go, a friend who was starting a new job recently asked me if I had any specific thoughts when dealing with security of “Big Data”. My first thought was to some extent, big data is more buzzword than anything. Big data is just more data, so it faces the same types of issues as any data, right?

But the more I thought of it, the more I think that is an over simplification of the issues. To some extent, managing big data is kind of like having kids. Two kids are not twice as much work as one kid – it is more like an exponential relationship, so two kids is work X work, not work + work. As your big data store grows, do the potential control issues grow at least as fast?

Obviously “sizing” is the big issue, but beyond just “more”, you have to appreciate that not only means more data, but it means more complicated data, more sensitive data, and a related chance for exposure due to errors, or vulnerabilities. It also means exposing more data to internal mis-use or accidental exposure, and exposing more data to an attacker who succeeds in penetrating your perimeter. At a very basic level, if a potential attacker knows that you have large volumes of high quality data, it may very well elevate your attack profile, since you are more likely to be viewed as an attractive target. You are accounting for that when you do your organizational risk analysis, right?

But, when we talk about big data we are not really just talking about volume or quantity.

Read the rest of the article at SecurityWeek.