One of the central requirements of Big Data is that you take a data-centric approach to cybersecurity. Well, that seems obvious enough – if your vital data is stored in huge repositories, it makes sense to secure said repositories – but apparently most people don’t get it.
In a new paper from Gartner, Big Data Needs a Data-Centric Security Focus, the analysts reckon that over 80 percent of organizations will fail to initiate a consolidated data security policy across all their data silos by 2016.
It’s a worrying scenario, and it’s not difficult to see why Gartner is predicting it. Among the numerous trends we’re seeing in IT right now, the two most absorbing are Big Data and the cloud, together with the diversification of assets inherent to said clouds. Big Data is the consolidation of information, whereas the cloud is all about spreading and sharing that information. And that’s why organizations should be worried about the security implications of these two trends taken together.
“Businesses have traditionally managed data within structured and unstructured silos, driven by inherent requirements to deploy relational database management systems, file storage systems and unstructured file shares,” said Gartner’s principal analyst Brian Lowans.
Now, with the arrival of Big Data and cloud-based storage environments, we’re seeing a transformation in the way information is stored, accessed and processed. And this means CISOs are going to need to come up with data-centric security measures to protect that information.
“Unfortunately this is not common practice today,” said Lowans.
The situation is further complicated by access to public cloud services and infrastructure, says Gartner. That’s because of the potential access that cloud service providers and security vendors have. It also warns that data flows will lead to a growing need for access to be monitored and audited, and for data to be protected across silos. While the market is slowly inching its way towards standards that will control access, it’ll be some time before we get there, says Gartner.
In the meantime, Gartner offers a couple of suggestions to boost data security.
Firstly, it suggests that CISOs should evaluate their data security policies against current implementations of DCAP (Data link switching Client Access Protocol). Databases, unstructured data, Big Data silos and cloud storage should all be addressed. Second, Gartner says that CISOs should attempt to find weaknesses in their data security policies, and evaluate these risks against possible DCAP solutions.
“Although the ability to apply a data security governance policy across data silos is also becoming paramount, the market has so far failed to offer CISOs the data-centric audit and protection (DCAP) products they need to operate across all silos with consistency,” adds Earl Perkins, research vice president at Gartner.
Lowans also warns of a second pitfall. That is, business stakeholders might not be accustomed to having strong relationships with their security teams. He recommends that CISOs should “build partnerships with them to develop new management structures for data security accountability and to identify cross-functional training needs.”
Reading between the lines, Lowans is saying that while IT security and business types haven’t always had the strongest of relations, that needs to change given the imperatives of cybersecurity today.
photo credit: Merrill College of Journalism Press Releases via photopin cc
About Mike Wheatley
Mike loves to talk about Big Data, the Internet of Things, Hacktivists and hacking, but he also hates Google and can never resist having a quick dig at them should the opportunity arise 🙂
Got a REAL news story or tip? Email [email protected]
Read the article: