Copyright 2013 EMC Corporation. All rights reserved. BIG DATA AND SECURITY JOINING FORCES

Transcription

1 1 BIG DATA AND SECURITY JOINING FORCES

2 2 Agenda Security for Big Data Big Data for Security Conclusions

3 Structured + Unstructured Data = Big Telemetry, Location-Based, etc. Structured in Relational Databases Managed, Unmanaged & Unstructured Internet of Things Non-Enterprise

4 IN 2000 THE WORLD GENERATED TWO EXABYTES OF NEW INFORMATION EVERY DAY Sources: How Much Information? Peter Lyman and Hal Varian, UC Berkeley, IDC Digital Universe Study.

5 FBI THE LEADING EDGE OF BIG DATA: THEN AND NOW Copyright 2013 EMC Corporation. All rights reserved.

6 THE LEADING EDGE OF BIG DATA: THEN AND NOW Copyright 2013 EMC Corporation. All rights reserved. Wikipedia

7 7 VLC DDoS Analysis 30 Gbps 200 Downloads/sec 400 Requests/sec

8 8 Global Flight Analysis 60,000 Aircraft Routes Sensors On Each Gas Turbine Engine = 1Tb/day

9 Big Data Analytics: Not a New Idea Used Already in Many Industries Risk Assessment Price Optimization Monte Carlo Regression Product Recommendation Finance Retail Online Casino Travel Insurance

10 10 Expanding Use Cases and New Norms

11 11 IS WHERE SECURITY MEETS BIG DATA

12 12 Security Must Keep Up With IT Evolution Cloud Virtual Big Data Mobile

13 13 New Wave of Big Data Technologies Hadoop Vertica MapReduce Esper kdb Greenplum Hive SciPy Mahout MATLAB Revolution R AMPL Machine Learning Behavior Analysis Sentiment Analysis Predictive Models Network Analysis Business ETL ECL Netezza Teradata SPSS SAS Visualization Simulation Objectives Data Analytics Insights

14 14 Your Big Data Architecture? Nodes Distributed Data Shared Access Controls Open Networks Open Clients Unauthenticated Web Services Open

15 15 Your Organization s Security Professional?

16 16 Protection Requires A New Approach

17 17 Central Control, Distributed Management Admin Console Access Manager Agent Access Manager Server Access Manager Agent User Service n Access Manager Agent

18 18 Central Control, Distributed Enforcement PAP/PDP/PEP (XACML standard) Policy Admin Policy Enforcement Policy Decision Policy Enforcement User Node n Policy Enforcement

19 19 Agenda Security for Big Data Big Data for Security Conclusions

20 Evolution of Threats Copyright 2013 EMC Corporation. All rights reserved. 20 Unsophisticated Sophisticated Financial Amateur Organized Social Regional Global Fundamental Opposed Destabilizing

21 Can You Respond Fast Enough? 85% 60% breaches take weeks or more to discover risk reduced when breach response under 2 hours Source: Verizon 2012 Data Breach Investigations Report, NYT Copyright 2013 EMC Corporation. All rights reserved.

22 Threats Require A New Approach Copyright 2013 EMC Corporation. All rights reserved. Proprietary and Conf idential To Silv er Tail Sy stems

23 Improved Response Time Required Copyright 2013 EMC Corporation. All rights reserved STEALTHY LOW AND SLOW 2 TARGETED SPECIFIC OBJECTIVE 3 INTERACTIVE HUMAN INVOLVEMENT Attack Pivot and Hide Cover Intrusion Dwell Time Response Time Prevention Identification Response A Reduce Dwell B Speed Response

24 24 Fighting Advanced Threats With Big Data Analysis Visibility Speed Intelligence Find target height (H), width (W), position (P), from level (L), at time (T) with changed P to P, P, P over T1, T2, T3

25 Data Scope Copyright 2013 EMC Corporation. All rights reserved. 25 Security Product Evolution Response Speed After Near Real Single Well- Defined Events Platform Normalized SIEM IDS Closely Related Events Raw Security Analytics Isolated Events Correlated

26 26 Security Analytics Platform Big Data Analytics Governance Data Apps Systems Network Alert & Report Investigate & Analyze SECURITY ANALYTICS + Store Visualize Respond Compliance ARCHER GRC Incident Management Remediation Public & Private Threat Intelligence

27 27 A Fresh Look At Perimeters Virtual Data Centers, Cloud Compute and BYOD Traditional Data Center Modern Data Center Dedicated, Vertical Gaps and Stacks Dynamic Pools Of Compute & Storage

28 28 A Fresh Look At Perimeters Focus Now on People, Data Flow and Transactions Traditional People Data Center Data Flow Transactions Dedicated, Vertical Gaps and Stacks Challenges ID and Authenticity Modern Data Center Complex Relationships New and Different Layers Opportunities with Data Velocity Variety Volume Vulnerability Big Dynamic Pools Of Compute & Storage

29 29 A Fresh Look At Perimeters Focus Now on People, Data Flow and Transactions People Analysis Engine Data Flow Transactions Device Profile User Behavior Profile Fraud Network

30 30 Adaptive & Risk-Based Authentication User Action Analysis Engine High Risk Step Up Authentication Two-Factor Out Of Band Challenge Q s Proceed As Normal Device Profile User Behavior Profile Fraud Network

31 31 Adaptive & Risk-Based Authentication User Action Analysis Engine Private Cloud AUTHENTICATION MANAGER + SECURID Read Username & Password Download Sales Pipeline Additional Authentication Two-Factor Device Profile User Behavior Profile Fraud Network Public Cloud Access Bank Account Username & Password Out Of Band IDENTITY PROTECTION & VERIFICATION + SILVERTAIL Transfer Funds Challenge Q Additional Authentication

32 32 Agenda Security for Big Data Big Data for Security Conclusions

33 33

34 34 Three Steps to Big Data Security 1. Data Analysis to Monitor ID and Relationships 2. Adaptive Perimeters to Protect Data 3. Increased Response Speed

35