Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
The Big Data Is The New Normal
Newest First  |  Oldest First  |  Threaded View
TechGuy1313
50%
50%
TechGuy1313,
User Rank: Apprentice
9/27/2013 | 8:45:38 PM
re: The Big Data Is The New Normal
Thanks, Adrian.

The term Big Data is so often bandied about rendering into buzzword Hall of Fame territory. I find that so many focus on the "Big" part of the phrase and don't consider the "4 Vs" if you will (Volume, Velocity, Variety, and Veracity) as a whole.

Wanted to share real quick a video (http://www.youtube.com/watch?v... I saw that not only speaks to IT's role in Big Data initiatives G but also delivers it via at least 8 sci-fi references. The video is based of research but talks more about ways to approach and plan for new large data projects.
Ulf Mattsson
50%
50%
Ulf Mattsson,
User Rank: Moderator
9/26/2013 | 9:58:21 PM
re: The Big Data Is The New Normal
As the article mentions, there is currently a lack of GǣstockGǥ security in big data
platforms.

However, although inherent security is lacking, security vendors now provide many
options to protect big data, from coarse grained approaches, such as volume or
file encryption, to fine grained methods such as masking and Vaultless Tokenization. Much in the same way that the platforms themselves can be assembled in different configurations, each security approach may have particular usefulness for a particular customized big data model. For example, in a storage model, you may only require coarse grained security, while a data access model may require very fine grained security with options to expose business intelligence.

Obviously, in cases such as the ones the article describes with Gǣroll-their-ownGǥ
infrastructure, itGs necessary to consider that each Gǣbuilding blockGǥ may require a different security method, in order to ensure that the data is protected throughout the environment, and not just in one or two of the components. This can, and does, create issues where developers fail to consider (or are not realistically able to foresee) what may be coming down the road in this exploding new field. So for many, it is difficult to reconcile this building block database with comprehensive data security, and this most likely plays a large part in why security has thus far been lacking.

But despite the lack of GǣstockGǥ security in big data environments, there is hope.
Data security vendors have been keen to develop new solutions to meet these
challenges, and continue to innovate along with this exciting, and ever-expanding new platform. IGm sure Adrian will have plenty to say on this subject in the coming weeks.

Ulf Mattsson, CTO Protegrity


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41392
PUBLISHED: 2021-09-17
static/main-preload.js in Boost Note through 0.22.0 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal Electron API.
CVE-2020-21547
PUBLISHED: 2021-09-17
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.
CVE-2020-21548
PUBLISHED: 2021-09-17
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.
CVE-2021-39218
PUBLISHED: 2021-09-17
Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm that uses `externref`s in Wasmtime. To trigger ...
CVE-2021-41387
PUBLISHED: 2021-09-17
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root.