CSA Big Data Working Group Releases Top 10 Big Data Security and Privacy Challenges Report
Group’s First Research Provides Eye Opening Insight into a Wide Diversity of Big Data Challenges Facing Enterprises
CSA CONGRESS 2012 – ORLANDO, FL. – November 7, 2012 – The Cloud Security Alliance (CSA) Big Data Working Group today issued its first report identifying 10 new and fundamentally different technical and organizational problems when addressing big data security and privacy. Released today at the CSA Annual Congress being held in Orlando, FL, The Top 10 Big Data Security and Privacy Challenges Report is the first such industry report that takes a holistic view at the wide variety of big data challenges facing enterprises.
“Let’s face it, when it comes to big data, there is a tremendous amount of confusion and lots of talk about the topic from a technical nature, however our research and this report shows there is far more here at stake facing enterprises,” says Wilco Van Ginkel, CSA Big Data Group co-chair. “This initial report takes a high level, holistic approach in identifying a pretty diverse number of concerns that we will work to provide guidance and best practices for enterprises to then eventually and confidently implement.“
In compiling its research, the CSA Big Data Working Group interviewed Cloud Security Alliance members and surveyed security practitioner-oriented trade journals to determine the initial list of high-priority security and privacy problems, studied published research, and arrived at the following top ten challenges:
- Secure computations in distributed programming frameworks
- Security best practices for non-relational data stores
- Secure data storage and transactions logs
- End-point input validation/filtering
- Real-time security/compliance monitoring
- Scalable and composable privacy-preserving data mining and analytics
- Cryptographically enforced access control and secure communication
- Granular access control
- Granular audits
- Data provenance
The report includes a description of each challenge along with narrative use cases for each. A detailed report due out early 2013 will dive deeper into these challenges with practical approaches to tackle them. The Top 10 Big Data Security and Privacy Challenges Report can be accessed at: https://cloudsecurityalliance.org/research/big-data/#_downloads
“This initial research provides the necessary foundation towards providing scalable techniques for data-centric security and privacy problems,” says J.R. Santos, Global Research Director of the CSA. “Big data is constantly evolving and we are working to stay in step by creating standards for big data security and privacy best practices, and establishing security and privacy test beds to help strengthen security and privacy of big data cloud platforms.”
The CSA Big Data Working Group is focused on taking industry ownership in addressing the world’s immediate urgency for collaborative research and solutions of big data topics. Chaired by Sreeranga Rajan of Fujitsu Laboratories of America with co-chairs Neel Sundaresan of eBay and Wilco Van Ginkel of Verizon the group is specifically working to address the security and privacy issues magnified today by the velocity, volume, and variety of big data, such as large-scale cloud infrastructures, diversity of data sources and formats, streaming nature of data acquisition and high volume inter-cloud migration.
The CSA Big Data Working Group consists of more than 30 CSA member companies in collaboration to provide industry guidance and best practices for big data security. Members include ACM (Association for Computing Machinery), Alcatel Lucent, AT&T, Ebay, Cisco, Cigital, Dell, Fujitsu, Gazzang, HP, IBM, IDC (International Data Corporation), InContact, Intel/McAfee, Kivu, Liberty Mutual, Logic, NCI (NATO Communications and Information Agency), RSA, RMS, Sumo, Sqrrl, University of Nebraska, Omaha Capitol College, Verizon and Vormetric.
Companies and individuals interested in learning more or joining the group can visit cloudsecurityalliance.org/research/big-data/.