11/6/2013 1 The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider We are living in an age where the velocity of information growth has reached new speeds, the volume of information that we keep and use is exploding, and the increasing variety of information sources is creating a new demand to expand our definition of security. No longer is it just security in our enterprise, but across an expanded infrastructure and an ever-expanding collection of devices. This talk will explore this changing universe, the emerging paradigms, the impacts on security and suggestions on how to manage the risk. Key Takeaways •A future view of where Cloud Computing and Bid Data are headed •How these futures and new paradigm will impact security •What we need to do to meet the new needs David Smith President [email protected]linkedin.com/in/davidsmithaustin The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider
28
Embed
The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
11/6/2013
1
The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider
We are living in an age where the velocity of information growth has reached new speeds, the volume of information that we keep and use is exploding, and the increasing variety of information sources is creating a new demand to expand our definition of security. No longer is it just security in our enterprise, but across an expanded infrastructure and an ever-expanding collection of devices. This talk will explore this changing universe, the emerging paradigms, the impacts on security and suggestions on how to manage the risk.
Key Takeaways•A future view of where Cloud Computing and Bid Data are headed•How these futures and new paradigm will impact security•What we need to do to meet the new needs
The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider
11/6/2013
2
Cyberspace will become orders of magnitude more complex and confused very quickly
Overall this is a very positive development and will enrich human society
It will be messy but need not be chaotic!
Cyber security research and practice are loosing ground
VOLUME / VELOCITY / VARIETY Change everything
The Internet of Things will Change it all3
Origin of the term “Cloud Computing”
• “Comes from the early days of the Internet where we drew the network as a cloud… we didn’t care where the messages went… the cloud hid it from us” – Kevin Marks, Google
• First cloud around networking (TCP/IP abstraction)
• Second cloud around documents (WWW data abstraction)
• The emerging cloud abstracts infrastructure complexities of servers, applications, data, and heterogeneous platforms– (“muck” as Amazon’s CEO Jeff Bezos calls it)
11/6/2013
3
A “cloud” is an IT service delivered to users that has:• A user interface that makes the infrastructure underlying the service transparent to the
user• Near-zero incremental management costs when additional IT resources are added• A service management platform
Industry Trends Leading to Cloud Computing
Grid Computing
• Solving large problems with parallel computing
• Made mainstream by Globus Alliance
Software as a Service
• Network-based subscriptions to applications
• Gained momentum in 2001
Cloud Computing
• Next-Generation Internet computing
• Next-Generation Data Centers
19901998
20002010
Utility Computing
• Offering computing resources as a metered service
• Introduced in late 1990s
Even as clouds take hold, the IT landscapeis changing rapidly…
Technology is rapidly being commoditized
Businesses are more willing and able to shop for IT services
In-house IT infrastructure is increasingly seen as complex and rigid
.…Standardization, capital preservation, flexibility and
time to deploy
Hybrid …•Access to client, partner network, and third party resources
Growth of Data
11/6/2013
7
Virtualization for Client Computing
Hosted Virtual DesktopsArchitectural equivalent of
the blade PCFull "thick-client" image,
thin-client delivery model
Server Hardware
VMM
Application
PC OS PC OS
Application
PC OS
Application
Portable Personalities• Carry the bubble, not the
hardware• Portable media, stored on
the network• Bubbles of various sizes:
some with OS, some without
.
Source: Matthew Gardiner, Computer Associates
11/6/2013
8
Big Data Numbers
How many data in the world?
– 800 Terabytes, 2000
– 160 Exabytes, 2006
– 500 Exabytes(Internet), 2009
– 2.7 Zettabytes, 2012
– 35 Zettabytes by 2020
How many data generated ONE day?
– 7 TB, Twitter
– 10 TB, Facebook
Big data: The next frontier for innovation, competition, and productivity
McKinsey Global Institute 2011
Tapping into the Data
• Data Storage• Reporting• Analytics• Advanced Analytics
– Computing with big datasets is a fundamentally different challenge than doing “big compute” over a small dataset
Unutilized data that can be available to business
Utilized data
11/6/2013
9
Business, Knowledge, and Innovation Landscape
• Typically 80% of the key knowledge (and value) is held
by 20% of the people – we need to get it to the right
people
• Only 20% of the knowledge in an organization is
typically used (the rest being undiscovered or under-
utilized)
• 80-90% of the products and services today will be
obsolete in 10 years – companies need to innovate &
invent faster
Copyright 2012@ HBMG Inc.
Computer generated data Application server logs (web sites, games) Sensor data (weather, water, smart grids) Images/videos (traffic, security cameras)
Human generated data Twitter “Firehose” (50 mil tweets/day 1,400% growth
per year) Blogs/Reviews/Emails/Pictures
Social graphs Facebook, linked-in, contacts
Device generated data– …………..
11/6/2013
10
“Big Data” and it’s close relatives “Cloud Computing”, “Social Media” and "Mobile"
are the new frontier of innovation.
Driven by Advance Analytics
Big Data and It’s Brothers
Volume
Variety
Velocity
………..
11/6/2013
11
Volume
Volume is increasing at incredible rates. With more people using high speed internet connections than ever, plus these people becoming more proficient at creating content and just more people in general contributing information are combined forces that are causing this tremendous increase in Volume.
Variety
Next in breaking down Big Data into easily digestible bite-size chunks is the concept of Variety. Take your personal experience and think about how much information you create and contribute in your daily routine. Your voicemails, your e-mails, your file shares, your TV viewing habits, your Facebook updates, your LinkedIn activity, your credit card transactions, etc.
Whether you consciously think about it or not the Variety of information you personally create on a daily basis which is being collected and analyzed is simply overwhelming.
11/6/2013
12
Velocity
The speed at which data enters organizations these days is absolutely amazing. With mega internet bandwidth nearly being common place anymore in conjunction with the proliferation of mobile devices, this simply gives people more opportunity than ever to contribute content to storage systems.
CRM Data
GP
S
Demand
Sp
ee
d
Velocity
Transactions
Opp
ortu
nitie
s
Se
rvice C
alls
Customer
Sales Orders
Inventory
Em
ails
Tw
eets
Planning
Things
Mobile
Instant Messages
Worldwide digital content will double in 18 months, and every 18 months thereafter.
VELOCITY
In 2005, humankind created 150 exabytes of information. In 2011, over 1,200 exabytes was created.
VOLUME VARIETY
80% of enterprise data will be unstructured, spanning traditional and non traditional sources.
Data Model Records Numbers, Media … + Text, Media, Natural Language
ResponseTime
Seconds Hours/Days … +Continuous
The Future Cloud will be a Hybrid of These.
.
11/6/2013
14
As the world gets smarter, infrastructure demands will grow
Smart traffic
systems
Smart water management
Smart energy grids
Smart healthcare
Smart food
systems
Smart oil field
technologies
Smart regions
Smart weather
Smart countries
Smart supply chains
Smart cities
Smart retail
.
11/6/2013
15
The Threat Landscape Has Evolved…
HACKTIVISTSSTATE-
SPONSORED ATTACKERS
CYBERCRIMINALS
29
FINANCIALLY MOTIVATED
NATIONALISTICALLYMOTIVATED
POLITICALLY MOTIVATED
ATA/APT GRADE
DDOS
Ransom & fraud
Gov’t, enterprise & infrastructure
targets
Public data leakage
DefacementDATATHEFT
MALWARE
BADSTUFF IN
GOOD STUFF OUT
The Malware Problem –Overwhelming Odds
1/3of malware is customized (no signature available at
time of exploit)
85%of breaches took weeks
or more to discover (+6%)
(VzB, 2012) (VzB, 2012) (Ponemon)
91%of organizations believe exploits bypassing their
IDS and AV systems
30
11/6/2013
16
Why is Security Hard?
No system can be 100% secure– Reality is risk mitigation, not risk avoidance
Difficult to prove good security– Bad security gets proven for us!
Good security and no security can look the same– How does one know how secure they are?
Many things to secure– People, equipment, OS, network, Application Servers,
applications, phones, and databases
Balancing the Business
Usability
PerformanceSecurity
x
Add Devices and Thing to Things and it gets very BAD
11/6/2013
17
Mobile Devices
Mobile computers:– Mainly smartphones,
tablets– Sensors: GPS, camera,
accelerometer, etc.– Computation: powerful
CPUs (≥ 1 GHz, multi-core)
– Communication: cellular/4G, Wi-Fi, near field communication (NFC), etc.
Many connect to cellular networks: billing system
Cisco: 7 billion mobile devices will have been sold by 2012
Organization
Data Mining as a Threat to Security
Data mining gives us “facts” that are not obvious to human analysts of the data
Enables inspection and analysis of huge amounts of dataPossible threats:
– Predict information about classified work from correlation with unclassified work (e.g. budgets, staffing)
– Detect “hidden” information based on “conspicuous” lack of information
– Mining “Open Source” data to determine predictive events (e.g., Pizza deliveries to the Pentagon)
It isn’t the data we want to protect, but correlations among data items
Published in Chris Clifton and Don Marks, “Security and Privacy Implications of Data Mining”, Proceedings of the ACM SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery
11/6/2013
18
KnowledgeEconomy
DiverseWorkforce
InformationExplosion
SustainableDevelopment
FiniteResources
InternationalPartnerships
GlobalizationAccelerating Change
Life-LongLearning
ComplexTechnologies
Challenges in the 21st century
CitizenEngagement
Safety & Security
Mega Trends to Consider…
• Digitization of all content (listening = getting!)
• Distribution is the default (just having a network
won’t be enough)
• Virtualization (location matters less and less)
• Niche-ization of content & lifestyles
• Mass-Personalization of media will become
standard
• Democratization of creation, & peer production
• Amateurization of the entire value chain (but
NOT to the detriment of experts)
• “Godzilla-zation” of users/consumers
11/6/2013
19
0
500
1,000
1,500
2,000
2,500
3,000
3,500
4,000
2003 2004 2005 2006 2007 2008 2009 2010 2011
Year
Pet
abyt
es/D
ay G
loba
l
• Mobile • Device to Device • Sensors • Entertainment• Smart Home• Distributed Industrial• Autos/Trucks• Smart Toys
2012
ConvergedContent
Traditional Computation
Growth at the Edge of the Network
11/6/2013
20
Internet of Things
• a system . . . that would be able to instantaneously identify any kind of object.
• network of objects . .
• one major next step in this development of the Internet, which is is to progressively evolve from a network of interconnected computers to a network of interconnected objects …
• from communicating people (Internet)
... to communicating items …
• from human triggered communication …
• ... to event triggered communication
11/6/2013
21
Tomorrow’s ubiquitous world of tags, sensors and smart systems
Sensor Data Volume
How do we handle all this data?“Rebalancing Collection & PED may be Necessary”
11/6/2013
22
The “Fat Pipe”
Data
Desktop
11/6/2013
23
.
EmbeddednessThe Invisible Computer
EmbeddednessDigital convergence technologies will “form the invisible technical infrastructure for human actionanalogous to the visible infrastructure provided by buildings and cities.”
Embeddedness is driven by cost-effective computing, Moore’s Law, miniaturization, ubiquitous communication, and advanced materials and sensing devices.
In 2000, 98% of computing devices sold are embedded in products and are not apparent to the product’s user.
11/6/2013
24
Emerging Technology Sequence
EmergingTechnology
Vectors
CellularArray
Defect Tolerant
BiologicallyInspired
QuantumComputing
BiologicalBased Architecture
1-D Structures
ResonantTunneling SET Molecular Spin
TransistorQCA Logic
NanoFG
FloatingBody DRAM SET
InsulatorResistance
ChangeMolecular Quantum DNA Memory
UTB SingleGate FET
Source/DrainEngineered FET
UTB MultipleGate FET
QuasiBallistic FET Hybrid Non-Classical
CMOS
RiskSource: Technology Futures, Inc.
Risk Management And Needed Security
Unacceptable Risk
Acceptable Risk
Security engineering defines probability
Probability of exploit
Impa
ct to
bus
ines
s
Low High
High
Bus
ines
s de
fines
impa
ct
Risk management drives risk to an acceptable level
11/6/2013
25
Cyber Security is all about tradeoffs
49
Productivity Security
Let’s build itCash out the benefitsNext generation can secure it
Let’s not build itLet’s bake in super-security tomake it unusable/unaffordableLet’s sell unproven solutions
There is a middle groundWe don’t know how to predictably find it
Exposures
1. Increased Dependency on Complex Technologies and Business Processes
2. Steep Decline of Barriers to Trade
3. Speed of Transactions
4. The Death of Distance
5. The Adoption of Advanced Communications
6. Consolidation/Transformation of Traditional Industries
7. The Internet and the Abundance of Information
8. Infrastructure
9. Overcommitted Agencies
10.Changing Social Constructs
11.The Device to Device Computing Growth
11/6/2013
26
Top 5 Most Appreciated Technologies
Microwave Oven 77.3%
Universal Remote Control 66.6%
Garage Door Opener 64.6%
Telephone Answering Machine (For Home) 61.7%
Ear Thermometer 59.5%
11/6/2013
27
Big Data
“85% of eBay’s analytic workload is new and unknown. We are architected for the unknown.”
Oliver Ratzesberger, eBay
Data exploration – data as the new oil The exploration for data, rather than the exploration of data
Uncovering pockets of untapped data
Processing the whole data set, without sampling
eBay’s Singularity platform combines transactional data with behavioral data, enabled identification of top sellers, driving increased revenue from those sellers
53
11/6/2013
28
Cyberspace will become orders of magnitude more complex and confused very quickly
Overall this is a very positive development and will enrich human society
It will be messy but need not be chaotic!
Cyber security research and practice are loosing ground
VOLUME / VELOCITY / VARIETY Change everything
The Internet of Things will Change it all55
In Parting: Be Paranoid
“Sooner or later, something fundamental in your business
world will change.”
Andrew S. Grove, Founder, Intel“Only the Paranoid Survive”
“Sooner or later, something fundamental in your business
world will change.”
Andrew S. Grove, Founder, Intel“Only the Paranoid Survive”