Skip to Content

How big data is affecting security

How big data is affecting security

Since the late 20th century our world has faced a technological revolution mostly based on the transmission, use and classification of data. This movement was led in part by the establishment of the computer and later the intranet. With the birth of machine learning and transmission of data via an unsecured infrastructure, we gave rise to a playground for corruption, theft, fraud and every other acronym espoused by the bad actor.

This understanding between good and bad has been playing out for the better part of 20 years with the affect leading to more bandages and greater infrastructure to defend the walls protecting businesses and governments. Knowing that it is impossible to truly prevent anything, it's time to discuss how the accessibility, transmission and compiling of data and meta data is leading to a new fertile ground for the bad actor and nation states to attack all of us.

Big data are large data sets that may be analyzed computationally to reveal patterns, trends and associations, especially relating to human behavior and interactions. Meta data is a set of data that describes and gives information about other data. The goal, simply put, is to use big data to define trends and compile meta data to validate trends defining consistent repeatable actions. By using machine learning and deep learning to process this data using a neural network — a computer system modeled on the human brain and nervous system that categorizes and prioritizes big data and meta data — the birth of AI (synthetic cognition) can arise.

Now that we can somewhat understand the how, it's important to understand the why. The thirst for information to manipulate the human decision-making process is one of the primary reasons for the use of big data. The retail and the entertainment industry are two of the greatest proponents of big data and its use to help connect the product to the consumer. The largest aggregators of big data are your search engines as well as social media networks. While this is important to understand, the greatest issue is the effect this has on the push to implement more data analytics and IoT devices, which is now leading to exponential growth in threat vectors. As more connectors tie to human behavior — as well as multi purposing technology at the edge for business analytics — we see the push is leading to more vulnerable networks.

On top of this is the rise of secondary data sources from smart buildings and smart cities infrastructure, such as physical security technology primarily cameras and sensors, which are now tied to operational technology such as PLC (programmable logical controllers) and SCADA (supervisory control and data acquisition). This is now layered on top of an already congested and unsecured network infrastructure. A major concern for everyone to understand is that this has been done for the purpose of acquiring data to use for purposes that initially may not have been intended by the person or agency that gave up the data.  Therefore, big data is tied to privacy no matter how you look at it, and it's inevitably tied to you.

The inevitable answer to most of this can be found in the separation of systems from operational technology and informational technology. However, this is not as simple as it may seem, as invariably the old nemesis, the intranet, has always been unsecured. The major questions are: How do we use big data, how do we store it and how do we ensure that it doesn't get compromised?

The answer comes down to secured communication and secured identity. I believe that inevitably the decision will be based on how we take it off the unsecured environment and position it to be completely off the network. Once the data is ingested and after it has been deciphered through a neural network and secured in transmission by a validated identity, it then takes the critical data and places it into a hyper-converged storage infrastructure, which allows for proper use by the end user.

I am excited that technology today has reached a point that will allow this process to take place. However, the issue may always come down to our willingness to understand the greater issue of human intent versus the rapid expansion of untethered and unrestricted thirst for big data.

Pierre Bourgeix is president of ESICONVERGENT LLC, a management consulting firm focused on helping companies assess and define the use of people, process, and technology within the physical and cyber security arena.


To comment on this post, please log in to your account or set up an account now.