SlideShare a Scribd company logo

Big data security in the cloud: Buzzword Bingo!

Spiceworks Ziff Davis
Spiceworks Ziff Davis

Big data security in the cloud poses challenges for organizations. While new technologies like big data analytics promise improved threat detection, they also have limitations and skills gaps. All organizations face a variety of cybersecurity threats, from state-sponsored actors to competitors to insiders, and prevention through approaches like signatures, rules, and threat intelligence can only do so much. Effectively leveraging security tools and sharing intelligence is needed to tackle evolving threats in an efficient manner.

TechnologyBusiness
1 of 38
Download to read offline
Big data security in the cloud BUZZWORD BINGO? Andrew Stock Head of Applied Research, BAE Systems Applied Intelligence
Why are we here? Unless we can leverage synergies and address organisational wastage we’re uplifting the adversary
Why are we here? Unless everyone can tackle cybersecurity efficiently we’re wasting money and helping the bad guys
It’s  a  big  business  problem  
76%of small businesses had a malicious security incident in 2012
threats
State sponsored / APT Debuzzed: •  Does represent a real threat to organisations •  Smaller organisations at threat as part of supply chain •  Not necessarily advanced in techniques
Supply chain Debuzzed: •  Attackers increasingly using weaker supply chain to get to hard targets •  Consider all inbound and outbound connections carefully
Insider Debuzzed: •  All companies run the risk of an insider attack •  Can only lock down the environment so much before you affect the business •  Will often know how to work around prevention measures
Competitors Debuzzed: •  There are companies out there that will hack for money •  There are competitors who will pay for that advantage •  Vulnerability will depend on your company’s markets
Vandals Debuzzed: •  Sometimes difficult to predict, other times they advertise •  Main goal likely to be publicity so risk depends on prominence
Organised crime Debuzzed: •  Probably not targeting companies directly •  Plenty of opportunity to cause problems though
Threats State sponsored •  Does represent a threat to some organisations Organised crime •  Not necessarily targeting companies, but can cause issues Competitors •  Does happen, but will depend on geography Insider •  Everyone at risk – balance with need to work Vandals •  Likelihood of attack varies with prominence Supply chain •  Consider all inbound and outbound connections carefully
detection
Framing the problem “…as we know, there are known knowns; there are things that we know that we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns, the ones we don't know we don't know”
Known knowns
Prevention is better than cure
Signatures Debuzzed: •  Worth looking for things you already know about – cheap and effective •  Not a universal solution •  Limited capability to detect targeted attacks
Known unknowns
Rule-based detection Debuzzed: •  More flexible than signatures allowing better detection •  False positives are likely to increase as well •  Still limited to specific details of an attack
Threat intelligence Debuzzed: •  Only as useful as your ability to do something about it •  Very wide range of prices… and quality •  Storing and sharing it is hard in a company
Unknown unknowns
Security analytics Debuzzed: •  Lots of odd patterns exist •  False positives are inevitable •  Beware too good to be true claims
“Big data is like teenage sex: everyone talks about it, nobody really knows how to do it, everyone thinks everyone else is doing it, so everyone claims they are doing it...” Dan Ariely
Big data Debuzzed: •  Handling large data sets isn’t new •  New technology has changed the economics •  Not a single technology or application •  Big skills gap in most organisations
The elephant in the room Debuzzed: •  Actually a collection of software tools rather than a single product •  No out-of-the-box capability •  Varying levels of maturity across the tools •  Vendor integrations are variable in how they embrace “the Hadoop way”
Big data and NoSQL Debuzzed: •  Lots of tools to choose from •  All have different advantages and compromises •  Don’t get help out of the box •  Consider using hosted services to reduce administration complexity
Detection roundup Known knowns •  Cheap and effective to look for known threats •  Only provides partial protection Known unknowns •  Rules provide greater detection with increased false positives •  Need to use threat intelligence effectively to inform rules Unknown unknowns •  New technologies are helpful but not the full answer •  Beware promises of perfect detection
resources
There is an I in team. Because I am the team. Debuzzed: •  Community is important •  Needs to be external for most smaller organisations
Why are we here? Unless everyone can tackle cybersecurity efficiently we’re wasting money and helping the bad guys
Big data security in the cloud: Buzzword Bingo!
Big data security in the cloud: Buzzword Bingo!

Recommended

Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber Shocks
Phil Huggins FBCS CITP
 
Deral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail LaterDeral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail Later
centralohioissa
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond Cyber
Phil Huggins FBCS CITP
 
Resilience is the new cyber security
Resilience is the new cyber securityResilience is the new cyber security
Resilience is the new cyber security
Phil Huggins FBCS CITP
 
Tre Smith - From Decision to Implementation: Who's On First?
Tre Smith - From Decision to Implementation: Who's On First?Tre Smith - From Decision to Implementation: Who's On First?
Tre Smith - From Decision to Implementation: Who's On First?
centralohioissa
 
Managing Insider Risk
Managing Insider RiskManaging Insider Risk
Managing Insider Risk
Phil Huggins FBCS CITP
 
Pitfalls of Cyber Data
Pitfalls of Cyber DataPitfalls of Cyber Data
Pitfalls of Cyber Data
Phil Huggins FBCS CITP
 
Cybersecurity Solutions
Cybersecurity SolutionsCybersecurity Solutions
Cybersecurity Solutions
Erin Planting
 

Recommended

Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber Shocks
Phil Huggins FBCS CITP
 
Deral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail LaterDeral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail Later
centralohioissa
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond Cyber
Phil Huggins FBCS CITP
 
Resilience is the new cyber security
Resilience is the new cyber securityResilience is the new cyber security
Resilience is the new cyber security
Phil Huggins FBCS CITP
 
Tre Smith - From Decision to Implementation: Who's On First?
Tre Smith - From Decision to Implementation: Who's On First?Tre Smith - From Decision to Implementation: Who's On First?
Tre Smith - From Decision to Implementation: Who's On First?
centralohioissa
 
Managing Insider Risk
Managing Insider RiskManaging Insider Risk
Managing Insider Risk
Phil Huggins FBCS CITP
 
Pitfalls of Cyber Data
Pitfalls of Cyber DataPitfalls of Cyber Data
Pitfalls of Cyber Data
Phil Huggins FBCS CITP
 
Cybersecurity Solutions
Cybersecurity SolutionsCybersecurity Solutions
Cybersecurity Solutions
Erin Planting
 
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
South Tyrol Free Software Conference
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital Presence
SurfWatch Labs
 
Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015
Matthew Rosenquist
 
Why cyber-threats could kill your business transformation
Why cyber-threats could kill your business transformation Why cyber-threats could kill your business transformation
Why cyber-threats could kill your business transformation
Digital Transformation EXPO Event Series
 
MT118 Risk Intelligence - Making the Right Choices in Cybersecurity
MT118 Risk Intelligence - Making the Right Choices in CybersecurityMT118 Risk Intelligence - Making the Right Choices in Cybersecurity
MT118 Risk Intelligence - Making the Right Choices in Cybersecurity
Dell EMC World
 
Duncan hine input2_ irm_and_outsourcing
Duncan hine input2_ irm_and_outsourcingDuncan hine input2_ irm_and_outsourcing
Duncan hine input2_ irm_and_outsourcing
E-Government Center Moldova
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomware
marketingunitrends
 
Using the Threat Agent Library to improve threat modeling
Using the Threat Agent Library to improve threat modelingUsing the Threat Agent Library to improve threat modeling
Using the Threat Agent Library to improve threat modeling
Eric Jernigan MSIA, CISSP, CISM, CRISC
 
Cyber risk-overview-wtw (1)
Cyber risk-overview-wtw (1)Cyber risk-overview-wtw (1)
Cyber risk-overview-wtw (1)
Alex Yates
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test Professionals
TechWell
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Pro Mrkt
 
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost AlertsHexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cyber Solutions
 
comesa cybersecurity
comesa cybersecuritycomesa cybersecurity
comesa cybersecurity
Cade Zvavanjanja
 
Grc t17
Grc t17Grc t17
Grc t17
SelectedPresentations
 
Cyber Security 2016 Cade Zvavanjanja1
Cyber Security 2016 Cade Zvavanjanja1Cyber Security 2016 Cade Zvavanjanja1
Cyber Security 2016 Cade Zvavanjanja1
Cade Zvavanjanja
 
Applying intelligent deception to detect sophisticated cyber attacks
Applying intelligent deception to detect sophisticated cyber attacksApplying intelligent deception to detect sophisticated cyber attacks
Applying intelligent deception to detect sophisticated cyber attacks
Fidelis Cybersecurity
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence Webinar
ThreatConnect
 
CNCERT International Partnership in Emergency Response Conference: Cooperatio...
CNCERT International Partnership in Emergency Response Conference: Cooperatio...CNCERT International Partnership in Emergency Response Conference: Cooperatio...
CNCERT International Partnership in Emergency Response Conference: Cooperatio...
APNIC
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk
Lumension
 
RSA 2017 - CISO's 5 steps to Success
RSA 2017 - CISO's 5 steps to SuccessRSA 2017 - CISO's 5 steps to Success
RSA 2017 - CISO's 5 steps to Success
Gary Hayslip CISSP, CISA, CRISC, CCSK
 
Mork - CISO Summit USA 2016 - Security in an Outsourced World
Mork - CISO Summit USA 2016 - Security in an Outsourced WorldMork - CISO Summit USA 2016 - Security in an Outsourced World
Mork - CISO Summit USA 2016 - Security in an Outsourced World
Nothing Nowhere
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
Stephen Cobb
 

More Related Content

What's hot

SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
South Tyrol Free Software Conference
 
Why cyber-threats could kill your business transformation
Why cyber-threats could kill your business transformation Why cyber-threats could kill your business transformation
Why cyber-threats could kill your business transformation
Digital Transformation EXPO Event Series
 
Using the Threat Agent Library to improve threat modeling
Using the Threat Agent Library to improve threat modelingUsing the Threat Agent Library to improve threat modeling
Using the Threat Agent Library to improve threat modeling
Eric Jernigan MSIA, CISSP, CISM, CRISC
 
Cyber risk-overview-wtw (1)
Cyber risk-overview-wtw (1)Cyber risk-overview-wtw (1)
Cyber risk-overview-wtw (1)
Alex Yates
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test Professionals
TechWell
 
Cyber Security 2016 Cade Zvavanjanja1
Cyber Security 2016 Cade Zvavanjanja1Cyber Security 2016 Cade Zvavanjanja1
Cyber Security 2016 Cade Zvavanjanja1
Cade Zvavanjanja
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk
Lumension
 

What's hot (20)

SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital Presence
 
Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015Top 10 Cybersecurity Predictions for 2015
Top 10 Cybersecurity Predictions for 2015
 
Why cyber-threats could kill your business transformation
Why cyber-threats could kill your business transformation Why cyber-threats could kill your business transformation
Why cyber-threats could kill your business transformation
 
MT118 Risk Intelligence - Making the Right Choices in Cybersecurity
MT118 Risk Intelligence - Making the Right Choices in CybersecurityMT118 Risk Intelligence - Making the Right Choices in Cybersecurity
MT118 Risk Intelligence - Making the Right Choices in Cybersecurity
 
Duncan hine input2_ irm_and_outsourcing
Duncan hine input2_ irm_and_outsourcingDuncan hine input2_ irm_and_outsourcing
Duncan hine input2_ irm_and_outsourcing
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomware
 
Using the Threat Agent Library to improve threat modeling
Using the Threat Agent Library to improve threat modelingUsing the Threat Agent Library to improve threat modeling
Using the Threat Agent Library to improve threat modeling
 
Cyber risk-overview-wtw (1)
Cyber risk-overview-wtw (1)Cyber risk-overview-wtw (1)
Cyber risk-overview-wtw (1)
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test Professionals
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
 
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost AlertsHexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
 
comesa cybersecurity
comesa cybersecuritycomesa cybersecurity
comesa cybersecurity
 
Grc t17
Grc t17Grc t17
Grc t17
 
Cyber Security 2016 Cade Zvavanjanja1
Cyber Security 2016 Cade Zvavanjanja1Cyber Security 2016 Cade Zvavanjanja1
Cyber Security 2016 Cade Zvavanjanja1
 
Applying intelligent deception to detect sophisticated cyber attacks
Applying intelligent deception to detect sophisticated cyber attacksApplying intelligent deception to detect sophisticated cyber attacks
Applying intelligent deception to detect sophisticated cyber attacks
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence Webinar
 
CNCERT International Partnership in Emergency Response Conference: Cooperatio...
CNCERT International Partnership in Emergency Response Conference: Cooperatio...CNCERT International Partnership in Emergency Response Conference: Cooperatio...
CNCERT International Partnership in Emergency Response Conference: Cooperatio...
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk
 
RSA 2017 - CISO's 5 steps to Success
RSA 2017 - CISO's 5 steps to SuccessRSA 2017 - CISO's 5 steps to Success
RSA 2017 - CISO's 5 steps to Success
 

Similar to Big data security in the cloud: Buzzword Bingo!

Mork - CISO Summit USA 2016 - Security in an Outsourced World
Mork - CISO Summit USA 2016 - Security in an Outsourced WorldMork - CISO Summit USA 2016 - Security in an Outsourced World
Mork - CISO Summit USA 2016 - Security in an Outsourced World
Nothing Nowhere
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
Evan Francen
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Stephanie McVitty
 
SAL-DR-01-ELC 10 Understanding the SOC Audience.pptx
SAL-DR-01-ELC 10 Understanding the SOC Audience.pptxSAL-DR-01-ELC 10 Understanding the SOC Audience.pptx
SAL-DR-01-ELC 10 Understanding the SOC Audience.pptx
hforhassan101
 

Similar to Big data security in the cloud: Buzzword Bingo! (20)

Mork - CISO Summit USA 2016 - Security in an Outsourced World
Mork - CISO Summit USA 2016 - Security in an Outsourced WorldMork - CISO Summit USA 2016 - Security in an Outsourced World
Mork - CISO Summit USA 2016 - Security in an Outsourced World
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
 
Janitor vs cleaner
Janitor vs cleanerJanitor vs cleaner
Janitor vs cleaner
 
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)
 
Ron perris compliance-v-security - atlseccon2011
Ron perris compliance-v-security - atlseccon2011Ron perris compliance-v-security - atlseccon2011
Ron perris compliance-v-security - atlseccon2011
 
Управление рисками: как перестать верить в иллюзии
Управление рисками: как перестать верить в иллюзииУправление рисками: как перестать верить в иллюзии
Управление рисками: как перестать верить в иллюзии
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
 
Event Presentation: Cyber Security for Industrial Control Systems
Event Presentation: Cyber Security for Industrial Control SystemsEvent Presentation: Cyber Security for Industrial Control Systems
Event Presentation: Cyber Security for Industrial Control Systems
 
Ethical hacking concept-Part 1
Ethical hacking concept-Part 1Ethical hacking concept-Part 1
Ethical hacking concept-Part 1
 
A Practical Security Framework for Website Owners
A Practical Security Framework for Website OwnersA Practical Security Framework for Website Owners
A Practical Security Framework for Website Owners
 
13734729.ppt
13734729.ppt13734729.ppt
13734729.ppt
 
Assessing Your security
Assessing Your securityAssessing Your security
Assessing Your security
 
SAL-DR-01-ELC 10 Understanding the SOC Audience.pptx
SAL-DR-01-ELC 10 Understanding the SOC Audience.pptxSAL-DR-01-ELC 10 Understanding the SOC Audience.pptx
SAL-DR-01-ELC 10 Understanding the SOC Audience.pptx
 
INFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityINFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics security
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sector
 

More from Spiceworks Ziff Davis

Intro to the Spiceworks Help Desk
Intro to the Spiceworks Help Desk Intro to the Spiceworks Help Desk
Intro to the Spiceworks Help Desk
Spiceworks Ziff Davis
 

More from Spiceworks Ziff Davis (20)

Are You an IT Geek?
Are You an IT Geek?Are You an IT Geek?
Are You an IT Geek?
 
Windows Server 2003 Lifecycle
Windows Server 2003 LifecycleWindows Server 2003 Lifecycle
Windows Server 2003 Lifecycle
 
5 Signs You're Up to Spice!
5 Signs You're Up to Spice!5 Signs You're Up to Spice!
5 Signs You're Up to Spice!
 
Weathering mobile-storm-report-october-2014
Weathering mobile-storm-report-october-2014Weathering mobile-storm-report-october-2014
Weathering mobile-storm-report-october-2014
 
Hiring Managers Tell All
Hiring Managers Tell AllHiring Managers Tell All
Hiring Managers Tell All
 
The Devices are Coming! How the “Internet of Things” will affect IT.
The Devices are Coming! How the “Internet of Things” will affect IT.The Devices are Coming! How the “Internet of Things” will affect IT.
The Devices are Coming! How the “Internet of Things” will affect IT.
 
Milking Spiceworks for all IT's worth
Milking Spiceworks for all IT's worthMilking Spiceworks for all IT's worth
Milking Spiceworks for all IT's worth
 
Managing the mobile takeover
Managing the mobile takeoverManaging the mobile takeover
Managing the mobile takeover
 
Intro to the Spiceworks Help Desk
Intro to the Spiceworks Help Desk Intro to the Spiceworks Help Desk
Intro to the Spiceworks Help Desk
 
Beancounters: Friend or Foe?
Beancounters: Friend or Foe? Beancounters: Friend or Foe?
Beancounters: Friend or Foe?
 
Bang on tips for running a successful IT service business
Bang on tips for running a successful IT service businessBang on tips for running a successful IT service business
Bang on tips for running a successful IT service business
 
Group Policy Management Makes Your Life Easier
Group Policy Management Makes Your Life EasierGroup Policy Management Makes Your Life Easier
Group Policy Management Makes Your Life Easier
 
Spiceworks Unplugged - Seattle!
Spiceworks Unplugged - Seattle!Spiceworks Unplugged - Seattle!
Spiceworks Unplugged - Seattle!
 
Top 3 demand gen challenges
Top 3 demand gen challengesTop 3 demand gen challenges
Top 3 demand gen challenges
 
On Your Mark! Getting ready and set to spice IT up in Spiceworks.
On Your Mark! Getting ready and set to spice IT up in Spiceworks. On Your Mark! Getting ready and set to spice IT up in Spiceworks.
On Your Mark! Getting ready and set to spice IT up in Spiceworks.
 
The IT Buyer's Path to Purchase
The IT Buyer's Path to PurchaseThe IT Buyer's Path to Purchase
The IT Buyer's Path to Purchase
 
You've got email!
You've got email!You've got email!
You've got email!
 
US Presidents and the Evolution of Technology
US Presidents and the Evolution of TechnologyUS Presidents and the Evolution of Technology
US Presidents and the Evolution of Technology
 
All about virtualization spiceworks - slideshare
All about virtualization spiceworks - slideshareAll about virtualization spiceworks - slideshare
All about virtualization spiceworks - slideshare
 
Avoiding a BYOD Blowup!
Avoiding a BYOD Blowup!Avoiding a BYOD Blowup!
Avoiding a BYOD Blowup!
 

Recently uploaded

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 

Recently uploaded (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

Big data security in the cloud: Buzzword Bingo!

  • 1. Big data security in the cloud BUZZWORD BINGO? Andrew Stock Head of Applied Research, BAE Systems Applied Intelligence
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. Why are we here? Unless we can leverage synergies and address organisational wastage we’re uplifting the adversary
  • 7. Why are we here? Unless everyone can tackle cybersecurity efficiently we’re wasting money and helping the bad guys
  • 8. It’s  a  big  business  problem  
  • 9. 76%of small businesses had a malicious security incident in 2012
  • 11. State sponsored / APT Debuzzed: •  Does represent a real threat to organisations •  Smaller organisations at threat as part of supply chain •  Not necessarily advanced in techniques
  • 12. Supply chain Debuzzed: •  Attackers increasingly using weaker supply chain to get to hard targets •  Consider all inbound and outbound connections carefully
  • 13. Insider Debuzzed: •  All companies run the risk of an insider attack •  Can only lock down the environment so much before you affect the business •  Will often know how to work around prevention measures
  • 14. Competitors Debuzzed: •  There are companies out there that will hack for money •  There are competitors who will pay for that advantage •  Vulnerability will depend on your company’s markets
  • 15. Vandals Debuzzed: •  Sometimes difficult to predict, other times they advertise •  Main goal likely to be publicity so risk depends on prominence
  • 16. Organised crime Debuzzed: •  Probably not targeting companies directly •  Plenty of opportunity to cause problems though
  • 17. Threats State sponsored •  Does represent a threat to some organisations Organised crime •  Not necessarily targeting companies, but can cause issues Competitors •  Does happen, but will depend on geography Insider •  Everyone at risk – balance with need to work Vandals •  Likelihood of attack varies with prominence Supply chain •  Consider all inbound and outbound connections carefully
  • 19. Framing the problem “…as we know, there are known knowns; there are things that we know that we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns, the ones we don't know we don't know”
  • 22. Signatures Debuzzed: •  Worth looking for things you already know about – cheap and effective •  Not a universal solution •  Limited capability to detect targeted attacks
  • 24. Rule-based detection Debuzzed: •  More flexible than signatures allowing better detection •  False positives are likely to increase as well •  Still limited to specific details of an attack
  • 25. Threat intelligence Debuzzed: •  Only as useful as your ability to do something about it •  Very wide range of prices… and quality •  Storing and sharing it is hard in a company
  • 27. Security analytics Debuzzed: •  Lots of odd patterns exist •  False positives are inevitable •  Beware too good to be true claims
  • 28. “Big data is like teenage sex: everyone talks about it, nobody really knows how to do it, everyone thinks everyone else is doing it, so everyone claims they are doing it...” Dan Ariely
  • 29. Big data Debuzzed: •  Handling large data sets isn’t new •  New technology has changed the economics •  Not a single technology or application •  Big skills gap in most organisations
  • 30. The elephant in the room Debuzzed: •  Actually a collection of software tools rather than a single product •  No out-of-the-box capability •  Varying levels of maturity across the tools •  Vendor integrations are variable in how they embrace “the Hadoop way”
  • 31. Big data and NoSQL Debuzzed: •  Lots of tools to choose from •  All have different advantages and compromises •  Don’t get help out of the box •  Consider using hosted services to reduce administration complexity
  • 32. Detection roundup Known knowns •  Cheap and effective to look for known threats •  Only provides partial protection Known unknowns •  Rules provide greater detection with increased false positives •  Need to use threat intelligence effectively to inform rules Unknown unknowns •  New technologies are helpful but not the full answer •  Beware promises of perfect detection
  • 34. There is an I in team. Because I am the team. Debuzzed: •  Community is important •  Needs to be external for most smaller organisations
  • 35.
  • 36. Why are we here? Unless everyone can tackle cybersecurity efficiently we’re wasting money and helping the bad guys