The Best Practice Network Guidelines | The Best Practice Network

• Best Practice » Governance » Data Governance » A New Approach Required For the Big Data Security » A New Approach Required For the Big Data Security

There had been much talk about the Big Data security during the RSA Conference. In fact, the outcome of the conference resulted in many security companies creating a dialogue focusing on an idea towards a more holistic approach towards big data security and the measures that need to be taken.

What Should Internal Auditors Tell the Board of Directors and the CEO about Protecting Big Data?

Protecting Big data will take a mix of risk-driven, business as well as holistic approach, one that we have seen for almost a decade now when it comes to Non-Big data. However, Big Data does spring up some new security challenges like most of the security solutions used for non-big data might not even work in the big data environment, simply because of the variety of the data, the speed and the amount. Most of the security solutions that were designed were done so without keeping big data in mind. Thus, another challenge that becomes so highly prominent is ‘privacy’. The fast pace of personal data that is being produced and consumed around the globe has given rise to a privacy debate and talks about international arrangements and legislation about privacy is highly needed.

Is Big Data Changing the Way Organizations Manage Their IT Security?

There are two sides to this story: the first side refers to the security of different big data domains such as data storage, staff, privacy, operations, architecture and platforms. The other side includes using big data analytics that would allow better interpretation of all the big data, which in turn should lead to better decision making and insights. The former overlaps most of the existing IT security capabilities, but most of it is still relatively underdeveloped and new. The latter as well is still in its infancy stage.

Can the Complexity and Scale of the Big Data Make Security an Issue for Organizations

If the past has proven one thing it’s that IT security is difficult. Protecting Big Data isn’t much easier, even though big data does provide an opportunity for big data security analytics. As with IT security, the questions that surround big data will include: which responsibilities should be outsourced? Which big data information is to be considered highly important enough to be secured? For instance, instead of building your very own big data platform, utilize the big data potential in the cloud.

Other reasons to consider are that:

1. Most organizations won’t have the capabilities that are needed for the big data security.

2. Delegating this work to somebody else will free up most of your resources allowing you to deal with information that’s coming from big data analytics.

How Should IT Professionals Communicate These Security Threats to the Decision-Makers?

Although, most of today’s focus is on technical security issues concerning big data, it has now become more than just a technical challenge. Many other domains are involved such as staffing, operations, privacy and legal. Big data began with a technical oriented approach and then evolved into a risk and business oriented approach, which is a way more sensible risk management method. Not all big data is equal; it all depends entirely on the data security requirement as well as the risk profile of the organization.

At the end of the day it depends entirely on the different security controls of the organization and how they decide to manage the big data security issues.

Further reading: Corporate Governance | Audit | Performance Improvement