Running Head: INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA
ERA USING ANALYTICS
Information Systems Security management in Big Data EraUsing Analytics
Course: Research Methodology in Information Systems Date: 6th July 2016
INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING
ANALYTICS 2 Introduction Data really powers everything that we do. Jeff Weiner, LinkedIn. Data is not just information about a particular item or issue, it is an essential quantity for existence. Data in various fields of life are stored and analyzed for Information and Knowledge. Analytics is a process of transforming data into insight for making better decisions. There are large number of data in different environments of life for example: Academic Sector, Weather Forecast, IT Sector, Industries, and Etc. Big Data Analysis drives nearly every aspect of society, including mobile services, retail, manufacturing, financial services, life sciences, and physical sciences. Nowadays the Internet represents a big space where great amounts of information are added every day. We can associate the importance of Big Data and Big Data Analysis with the society we live in. Today we are living in an informational Society and we are moving towards a Knowledge Base Society. In order to extract better knowledge we need a bigger amount of data. The Society of Information is a place wherein information plays a major role in the economic, cultural and political stage. In the Knowledge Society the competitive advantage is gained through understanding the information and predicting the evolution of facts based on data. Every organization needs to collect a large set of data in order to support its decision and extract correlations through data analysis as a basis for decisions. Big Data is revolutionizing all aspects of our lives ranging from enterprises to consumers, from science to government. These collection of large data in a particular Sector or Firm or Category to be analyzed is termed as BIG DATA ANALYTICS. The term Big Data was first introduced to the computing world by Roger Magoulas from OReilly media in 2005 in order to define a great amount of data that traditional data management techniques cannot manage and process due to the complexity and size of this data. Big Data is defined by its size, comprising a large, complex and independent
INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING
ANALYTICS 3 collection of data sets, each with the potential to interact. In addition, an important aspect of Big Data is the fact that it cannot be handled with standard data management techniques due to the inconsistency and unpredictability of the possible combinations. The main importance of Big Data consists in the potential to improve efficiency in the context of use of a large volume of data and of different type. Abstract Security and privacy is one of the important challenges for Big Data. As Big Data consists in a large amount of complex data, it is very difficult for a company to sort this data on privacy levels and apply the according security. Managing privacy effectively is both a technical and a sociological problem, which must be addressed jointly from both perspectives to realize the promise of Big Data. Example: Data extracted from location-based services, which require a user to share his/her location with the service provider. There are obvious privacy concerns, which are not addressed by hiding the users identity alone without her location. An attacker or a potentially malicious location-based server can infer the identity of the query source from its subsequent location information. Many of the companies are doing business across countries and continents and the differences in privacy laws are considerable and have to be taken in consideration when starting the Big Data initiative. If data are not authentic, new mined knowledge will be unconvincing; while if privacy is not well addressed, people may be reluctant to share their data. Many Privacy and Security techniques have already been designed, but they are inadequate for the newly emerging big data scenarios as they are tailored to secure traditional small-size data. Therefore, in-depth research efforts dedicated to security and privacy challenges in big data are expected.
INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING
ANALYTICS 4 Review of the literature Big data is changing the landscape of security tools for network monitoring, security information and event management, and forensics; however, in the eternal arms race of attack and defense, security researchers must keep exploring novel ways to mitigate and contain sophisticated attackers (Crdenas, A. A., Manadhata, P. K., &Rajan, S. P. (2013). Big Data Analytics for Security.IEEE Security and Privacy, 11(6), 74-76). Sagiroglu, S.; Sinanc, D. (20-24 May 2013),Big Data: AReview describe the big data content, its scope, methods,samples, advantages and challenges of Data. The critical issue about the Big data is the privacy and security. Bigdata samples describe the review about the atmosphere,biological science and research. The paper concludes that any organization in any industry having big data can take the benefit from its careful analysis for the problem solving purpose. Using Knowledge Discovery from the Big data is easy to get the information from the complicated data sets. The progress in the area of information society has increased the risk of invasion of privacy due to the unfair or excessive privacy data collection. In particular, the emergence of new technologies is more interested in large data hijacking. Also, multiple data about private approved by the users can cumulatively expose sensitive information of the user that he or she didnt want to let others know. The problem with large scale data breach is considered as one of the most valuable assets in recent years, are now becoming targets to hijack. As data protection becomes more secure and developed, the attackers gets more organized and professionally equipped with focused intention. Ensuring security of cloud data is still a challenging problem. Cloud service providers as well as other third parties use different data mining techniques to acquire valuable information from user data hosted on the cloud. The approach combining
INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING
ANALYTICS 5 categorization, fragmentation and distribution, prevents data mining by maintaining privacy levels, splitting data into chunks and storing these chunks of data to appropriate cloud providers and this would help in keeping the data secure. Although the given strategies provide an effective way to protect privacy, in future research has to be done on devising the protection module to prevent the large scale data loss and adhere to performance overhead when client needs to access all data frequently (Kim, Kyong-jin, Seng-phil Hong, and Joon Young Kim (2013). A Study of Privacy Protection from Risk of Hijacking Data. International Journal of Multimedia and Ubiquitous Engineering 8.1). A significant portion of information security efforts go into monitoring and analyzing data about events on servers, networks and other devices. Advances in big data analytics are now applied to security monitoring, and they enable both broader and more in-depth analysis. In many ways, big data security analytics and analysis is an extension of security information and event management (SIEM) and related technologies. However, the quantitative difference in the volumes and types of data analyzed result in qualitative differences in the types of information extracted from security devices and applications. Key features that distinguish big data security analysis from other information security domains include; scalability, reporting and visualization, persistent big data storage, information context, and breadth of functions (Dun Sullivan (2015). Introduction to big data security analytics in the enterprise) Big data security analytics let organizations sift through massive amounts of data generated inside and outside the organization to uncover hidden relationships, detect patterns and remove security threats. Security analytics blend real-time analytics on data in motion with historical analysis on data at rest. By deploying security-specific analytics, organizations can find new associations or uncover patterns and facts. This real-time insight can be invaluable for
INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING
ANALYTICS 6 detecting new types of threats. Real-time cyber attack prediction and mitigation means organizations can discover new threats early and react quickly before they propagate. The goal is crime prediction and protection. Analyzing data from the Internet (email, voice over IP), smart devices (location, call detail records) and social media can help law enforcement better detect criminal threats and collect evidence. Instead of waiting for a crime to be committed, organizations can address it proactively (Kimberly Madia (2015). Security Intelligence Analysis and Insight for Information Security Professionals.) What is threat detection, ultimately? Its vision; its the ability to see massive amounts of activity across the enterprise to discover meaningful behaviors requiring immediate attention. Yet vision by itself is sometimes imperfect. Whats also required to detect the more subtle threats and attacks is the detail behind the discovery thats clarity. Vision and clarity are both very important to an effective security intelligence solution, and are a product of its advanced analytics and forensic search capabilities (Sandy Bird, (2014). Blurred Vision: The Case for Security Intelligence). An important goal for big data analytics is to enable organizations to identify unknown indicators of attack, and uncover things like when compromised credentials are being used to bypass defenses. However, handling unstructured data and combing it with structured data to arrive at an accurate assessment is one of the big challenges, said Neil Cassidy, deputy director for operations in the UK's national Computer Emergency Response Team (CERT-UK). While big data security analytics promises to deliver great insights in the battle against cyber threats, the concept and the tools are still immature, according to a panel of security experts (Warwick Ashford, (2014). The big data security analytics concept and the tools are still immature, according to a panel of security experts).
INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING
ANALYTICS 7 Big Data is an immensely popular talking point, but what are we really discussing? From a security perspective, there are two distinct issues: securing the organization and its customers information in a Big Data context; and using Big Data techniques to analyze, and even predict, security incidents. Many businesses already use Big Data for marketing and research, yet may not have the fundamentals right particularly from a security perspective. As with all new technologies, security seems to be an afterthought at best. Big Data breaches will be big too, with the potential for even more serious reputational damage and legal repercussions than at present (Peter Wood, (2013). How to tackle big data from a security point of view) Conclusion This literature has reviewed various articles that provide an analysis of the big data analytics concepts which are being researched, as well as their importance to decision making and information security. Consequently, big data storage and management, as well as big data analytics processing are detailed. This review provides a good foundation for future research in big data analytics and information security as a new and better technique to improve security of big data. As pointed out by Warwick Ashford, (2014), the big data security analytics concept and the tools are still immature and thus more effort and research needs to be directed towards this field to better realize the benefits of big data and at the same time ensuring its security.
INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING
ANALYTICS 8 References Kim, Kyong-jin, Seng-phil Hong, and Joon Young Kim.(2013). A Study of Privacy Protection from Risk of Hijacking Data. International Journal of Multimedia and Ubiquitous Engineering ULARU, Elena Geanina, (2012). Perspectives on Big Data and Big Data Analytics. Database Systems Journal 3.4 3-14. Daries, Jon P. (2014). Privacy, anonymity, and big data in the social sciences. Communications of the ACM 57.9 56-63. Dun Sullivan, (2015). Introduction to big data security analytics in the enterprise Retrieved from http://searchsecurity.techtarget.com/feature/Introduction-to-big-data-security-analytics-inthe-enterprise Kimberly Madia, (2015). Security Intelligence. Analysis and Insight for Information Security Professionals. Retrieved from https://securityintelligence.com/five-steps-for-better-securityanalytics-in-2015/ Sandy Bird, (2014). Blurred Vision: The Case for Security Intelligence. Retrieved from https://securityintelligence.com/security-intelligence-big-data-analytics-blurred-vision/ Warwick Ashford, (2014). The big data security analytics concept and the tools are still immature, according to a panel of security experts. Retrieved from http://www.computerweekly.com/news/2240230864/Big-data-security-analytics-still-immaturesay-security-experts Peter Wood, (2013). How to tackle big data from a security point of view. Retrieved from http://www.computerweekly.com/feature/How-to-tackle-big-data-from-a-security-point-of-view