Marcus Ranum on security innovation and Big Data
by Mirko Zorz - Tuesday, 11 March 2014.
Those that are considering taking advantage of Big Data usually ask how to secure it. What advice would you give them?

That's a huge problem. Again, it comes back to the question of how well you understand your data before you put it in - which begs the question of what you expect to get from the big data in the first place. Let me give you an example: suppose you've got customer credit card numbers; you can't put those in your big database because they're exposed so you replace that field with a hash code and then if you need to you can match the hash token against another database later. So far, so good. But to do that you have to understand what fields are customer credit cards in the first place - you can't just treat everything as unstructured. I'm guessing this would be a valuable process for many customers since it would amount to doing an assessment of all their data holdings as they were putting it into the big database, which would probably be a useful exercise, if unpleasant.

What I suspect is going to happen is that the big databases will just become dumping grounds for everything, and organizations will have to secure access to the big databases because they won't actually have any idea what's in there. From the sound of it, that's a pretty fair description of the NSA internal wikis that Edward Snowden was spidering through - and it's a potential problem for exactly the same reason. "Put your eggs in one basket and watch that basket" is a security policy that can work, but you have to carefully watch the watchers.

You are participating in an open discussion on Big Data with Dr. Anton Chuvakin and Alex Hutton at InfoSec World in April. Tell me more about what you plan to cover.

It's going to be a fairly free-form panel session, and I expect Anton and Alex will not entirely agree with my take on some of these issues. That's what we're going to try to air out; Alex has been doing some really interesting work on mining security data using big data techniques, and Anton has been working on large-scale SIEM for ages. I think we bring a lot of different perspectives to the table, compressed into a small space. It should be an interesting conversation!


Patching: The least understood line of defense

Posted on 29 August 2014.  |  How many end users, indeed how many IT pros, truly get patching? Sure, many of us see Windows install updates when we shut down our PC and think all is well. Itís not.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Wed, Sep 3rd