You are on page 1of 8

Running Head: INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA

ERA USING ANALYTICS

Information Systems Security management in Big Data EraUsing Analytics


Course: Research Methodology in Information Systems
Date: 6th July 2016

INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING


ANALYTICS 2
Introduction
Data really powers everything that we do. Jeff Weiner, LinkedIn. Data is not just
information about a particular item or issue, it is an essential quantity for existence. Data in
various fields of life are stored and analyzed for Information and Knowledge. Analytics is a
process of transforming data into insight for making better decisions. There are large number of
data in different environments of life for example: Academic Sector, Weather Forecast, IT Sector,
Industries, and Etc. Big Data Analysis drives nearly every aspect of society, including mobile
services, retail, manufacturing, financial services, life sciences, and physical sciences. Nowadays
the Internet represents a big space where great amounts of information are added every day. We
can associate the importance of Big Data and Big Data Analysis with the society we live in.
Today we are living in an informational Society and we are moving towards a Knowledge Base
Society. In order to extract better knowledge we need a bigger amount of data.
The Society of Information is a place wherein information plays a major role in the
economic, cultural and political stage. In the Knowledge Society the competitive advantage is
gained through understanding the information and predicting the evolution of facts based on
data. Every organization needs to collect a large set of data in order to support its decision and
extract correlations through data analysis as a basis for decisions. Big Data is revolutionizing all
aspects of our lives ranging from enterprises to consumers, from science to government. These
collection of large data in a particular Sector or Firm or Category to be analyzed is termed as
BIG DATA ANALYTICS. The term Big Data was first introduced to the computing world
by Roger Magoulas from OReilly media in 2005 in order to define a great amount of data that
traditional data management techniques cannot manage and process due to the complexity and
size of this data. Big Data is defined by its size, comprising a large, complex and independent

INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING


ANALYTICS 3
collection of data sets, each with the potential to interact. In addition, an important aspect of Big
Data is the fact that it cannot be handled with standard data management techniques due to the
inconsistency and unpredictability of the possible combinations. The main importance of Big
Data consists in the potential to improve efficiency in the context of use of a large volume of
data and of different type.
Abstract
Security and privacy is one of the important challenges for Big Data. As Big Data
consists in a large amount of complex data, it is very difficult for a company to sort this data on
privacy levels and apply the according security. Managing privacy effectively is both a technical
and a sociological problem, which must be addressed jointly from both perspectives to realize
the promise of Big Data. Example: Data extracted from location-based services, which require a
user to share his/her location with the service provider. There are obvious privacy concerns,
which are not addressed by hiding the users identity alone without her location. An attacker or a
potentially malicious location-based server can infer the identity of the query source from its
subsequent location information.
Many of the companies are doing business across countries and continents and the
differences in privacy laws are considerable and have to be taken in consideration when starting
the Big Data initiative. If data are not authentic, new mined knowledge will be unconvincing;
while if privacy is not well addressed, people may be reluctant to share their data. Many Privacy
and Security techniques have already been designed, but they are inadequate for the newly
emerging big data scenarios as they are tailored to secure traditional small-size data. Therefore,
in-depth research efforts dedicated to security and privacy challenges in big data are expected.

INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING


ANALYTICS 4
Review of the literature
Big data is changing the landscape of security tools for network monitoring, security
information and event management, and forensics; however, in the eternal arms race of attack
and defense, security researchers must keep exploring novel ways to mitigate and contain
sophisticated attackers (Crdenas, A. A., Manadhata, P. K., &Rajan, S. P. (2013). Big Data
Analytics for Security.IEEE Security and Privacy, 11(6), 74-76).
Sagiroglu, S.; Sinanc, D. (20-24 May 2013),Big Data: AReview describe the big data
content, its scope, methods,samples, advantages and challenges of Data. The critical issue about
the Big data is the privacy and security. Bigdata samples describe the review about the
atmosphere,biological science and research. The paper concludes that any organization in any
industry having big data can take the benefit from its careful analysis for the problem solving
purpose. Using Knowledge Discovery from the Big data is easy to get the information from the
complicated data sets.
The progress in the area of information society has increased the risk of invasion of
privacy due to the unfair or excessive privacy data collection. In particular, the emergence of
new technologies is more interested in large data hijacking. Also, multiple data about private
approved by the users can cumulatively expose sensitive information of the user that he or she
didnt want to let others know. The problem with large scale data breach is considered as one of
the most valuable assets in recent years, are now becoming targets to hijack. As data protection
becomes more secure and developed, the attackers gets more organized and professionally
equipped with focused intention. Ensuring security of cloud data is still a challenging problem.
Cloud service providers as well as other third parties use different data mining techniques to
acquire valuable information from user data hosted on the cloud. The approach combining

INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING


ANALYTICS 5
categorization, fragmentation and distribution, prevents data mining by maintaining privacy
levels, splitting data into chunks and storing these chunks of data to appropriate cloud providers
and this would help in keeping the data secure. Although the given strategies provide an effective
way to protect privacy, in future research has to be done on devising the protection module to
prevent the large scale data loss and adhere to performance overhead when client needs to access
all data frequently (Kim, Kyong-jin, Seng-phil Hong, and Joon Young Kim (2013). A Study of
Privacy Protection from Risk of Hijacking Data. International Journal of Multimedia and
Ubiquitous Engineering 8.1).
A significant portion of information security efforts go into monitoring and analyzing
data about events on servers, networks and other devices. Advances in big data analytics are now
applied to security monitoring, and they enable both broader and more in-depth analysis. In
many ways, big data security analytics and analysis is an extension of security information and
event management (SIEM) and related technologies. However, the quantitative difference in the
volumes and types of data analyzed result in qualitative differences in the types of information
extracted from security devices and applications. Key features that distinguish big data security
analysis from other information security domains include; scalability, reporting and visualization,
persistent big data storage, information context, and breadth of functions (Dun Sullivan (2015).
Introduction to big data security analytics in the enterprise)
Big data security analytics let organizations sift through massive amounts of data
generated inside and outside the organization to uncover hidden relationships, detect patterns
and remove security threats. Security analytics blend real-time analytics on data in motion with
historical analysis on data at rest. By deploying security-specific analytics, organizations can find
new associations or uncover patterns and facts. This real-time insight can be invaluable for

INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING


ANALYTICS 6
detecting new types of threats. Real-time cyber attack prediction and mitigation means
organizations can discover new threats early and react quickly before they propagate. The goal is
crime prediction and protection. Analyzing data from the Internet (email, voice over IP), smart
devices (location, call detail records) and social media can help law enforcement better detect
criminal threats and collect evidence. Instead of waiting for a crime to be committed,
organizations can address it proactively (Kimberly Madia (2015). Security Intelligence
Analysis and Insight for Information Security Professionals.)
What is threat detection, ultimately? Its vision; its the ability to see massive amounts of
activity across the enterprise to discover meaningful behaviors requiring immediate attention. Yet
vision by itself is sometimes imperfect. Whats also required to detect the more subtle threats and
attacks is the detail behind the discovery thats clarity. Vision and clarity are both very
important to an effective security intelligence solution, and are a product of its advanced
analytics and forensic search capabilities (Sandy Bird, (2014). Blurred Vision: The Case for
Security Intelligence).
An important goal for big data analytics is to enable organizations to identify unknown
indicators of attack, and uncover things like when compromised credentials are being used to
bypass defenses. However, handling unstructured data and combing it with structured data to
arrive at an accurate assessment is one of the big challenges, said Neil Cassidy, deputy director
for operations in the UK's national Computer Emergency Response Team (CERT-UK). While big
data security analytics promises to deliver great insights in the battle against cyber threats, the
concept and the tools are still immature, according to a panel of security experts (Warwick
Ashford, (2014). The big data security analytics concept and the tools are still immature,
according to a panel of security experts).

INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING


ANALYTICS 7
Big Data is an immensely popular talking point, but what are we really discussing? From
a security perspective, there are two distinct issues: securing the organization and its customers
information in a Big Data context; and using Big Data techniques to analyze, and even predict,
security incidents. Many businesses already use Big Data for marketing and research, yet may
not have the fundamentals right particularly from a security perspective. As with all new
technologies, security seems to be an afterthought at best. Big Data breaches will be big too, with
the potential for even more serious reputational damage and legal repercussions than at present
(Peter Wood, (2013). How to tackle big data from a security point of view)
Conclusion
This literature has reviewed various articles that provide an analysis of the big data
analytics concepts which are being researched, as well as their importance to decision making
and information security. Consequently, big data storage and management, as well as big data
analytics processing are detailed. This review provides a good foundation for future research in
big data analytics and information security as a new and better technique to improve security of
big data. As pointed out by Warwick Ashford, (2014), the big data security analytics concept and
the tools are still immature and thus more effort and research needs to be directed towards this
field to better realize the benefits of big data and at the same time ensuring its security.

INFORMATION SYSTEMS SECURITY MANAGEMENT IN THE BIG DATA ERA USING


ANALYTICS 8
References
Kim, Kyong-jin, Seng-phil Hong, and Joon Young Kim.(2013). A Study of Privacy Protection
from Risk of Hijacking Data. International Journal of Multimedia and Ubiquitous Engineering
ULARU, Elena Geanina, (2012). Perspectives on Big Data and Big Data Analytics. Database
Systems Journal 3.4 3-14.
Daries, Jon P. (2014). Privacy, anonymity, and big data in the social sciences. Communications
of the ACM 57.9 56-63.
Dun Sullivan, (2015). Introduction to big data security analytics in the enterprise Retrieved
from http://searchsecurity.techtarget.com/feature/Introduction-to-big-data-security-analytics-inthe-enterprise
Kimberly Madia, (2015). Security Intelligence. Analysis and Insight for Information Security
Professionals. Retrieved from https://securityintelligence.com/five-steps-for-better-securityanalytics-in-2015/
Sandy Bird, (2014). Blurred Vision: The Case for Security Intelligence. Retrieved from
https://securityintelligence.com/security-intelligence-big-data-analytics-blurred-vision/
Warwick Ashford, (2014). The big data security analytics concept and the tools are still
immature, according to a panel of security experts. Retrieved from
http://www.computerweekly.com/news/2240230864/Big-data-security-analytics-still-immaturesay-security-experts
Peter Wood, (2013). How to tackle big data from a security point of view. Retrieved from
http://www.computerweekly.com/feature/How-to-tackle-big-data-from-a-security-point-of-view