As we continue posting our key themes for the 2014 RSA Conference, let’s dig a bit into big bata, because you won’t be hearing anything about it at the show…
After-School Special: It’s Time We Talked – about Big Data Security
The RSA Conference floor will be packed full of vendors talking about the need to secure big data clusters, and how the vast stores of sensitive information in these databases are at risk. The only thing that can challenge “data velocity” into a Hadoop cluster is the velocity at which FUD comes out the mouth of a sales droid. Sure, potential customers will listen intently to this hot new trend because it’s shiny and totally new. But they won’t actually be doing anything about it.
To recycle an overused analogy, big data security is a little like teen sex: lots of people are talking about it, but not that many are actually doing it. Don’t get us wrong – companies really are using big data for all sorts of really cool use cases including analyzing supply chains, looking for signs of life in space, fraud analytics, monitoring global oil production facilities, and even monitoring the metadata of the entire US population. Big data works! And it provides advanced analysis capabilities at incredibly low cost. But rather than wait for your IT department to navigate their compliance mandates and budgetary approval cycles, your business users slipped out the back door because they have a hot date with big data in the cloud.
Regardless of whether those users understand the risks, they are pressing forward. This is where your internal compliance teams start to sound like your parents telling you to be careful and not to go out without your raincoat on. What users hear is that the audit/compliance teams don’t want them to have any fun because it’s dangerous. The security industry is no better, and the big data security FUD is sure to come across like those grainy old public service films you were forced to watch in high school about something-something-danger-something… and that’s when you fell asleep. We are still very early in our romance with big data, and your customers (yes, those pesky business users) don’t want to hear about breaches or discuss information governance as they explore this new area of information management.