CSA Official Press Release

Published 11/07/2012

CSA Big Data Working Group Releases Top 10 Big Data Security and Privacy Challenges Report

CSA Big Data Working Group Releases Top 10 Big Data Security and Privacy Challenges Report

Group’s First Research Provides Eye Opening Insight into a Wide Diversity of Big Data Challenges Facing Enterprises

CSA CONGRESS 2012 – ORLANDO, FL. - November 7, 2012 – The Cloud Security Alliance (CSA) Big Data Working Group today issued its first report identifying 10 new and fundamentally different technical and organizational problems when addressing big data security and privacy. Released today at the CSA Annual Congress being held in Orlando, FL, The Top 10 Big Data Security and Privacy Challenges Report is the first such industry report that takes a holistic view at the wide variety of big data challenges facing enterprises. “Let’s face it, when it comes to big data, there is a tremendous amount of confusion and lots of talk about the topic from a technical nature, however our research and this report shows there is far more here at stake facing enterprises,” says Wilco Van Ginkel, CSA Big Data Group co-chair. “This initial report takes a high level, holistic approach in identifying a pretty diverse number of concerns that we will work to provide guidance and best practices for enterprises to then eventually and confidently implement.“ In compiling its research, the CSA Big Data Working Group interviewed Cloud Security Alliance members and surveyed security practitioner-oriented trade journals to determine the initial list of high-priority security and privacy problems, studied published research, and arrived at the following top ten challenges: 1. Secure computations in distributed programming frameworks 2. Security best practices for non-relational data stores 3. Secure data storage and transactions logs 4. End-point input validation/filtering 5. Real-time security/compliance monitoring 6. Scalable and composable privacy-preserving data mining and analytics 7. Cryptographically enforced access control and secure communication 8. Granular access control 9. Granular audits 10. Data provenance The report includes a description of each challenge along with narrative use cases for each. A detailed report due out early 2013 will dive deeper into these challenges with practical approaches to tackle them. The Top 10 Big Data Security and Privacy Challenges Report can be accessed here.

“This initial research provides the necessary foundation towards providing scalable techniques for data-centric security and privacy problems,” says J.R. Santos, Global Research Director of the CSA. “Big data is constantly evolving and we are working to stay in step by creating standards for big data security and privacy best practices, and establishing security and privacy test beds to help strengthen security and privacy of big data cloud platforms.”

The CSA Big Data Working Group is focused on taking industry ownership in addressing the world’s immediate urgency for collaborative research and solutions of big data topics. Chaired by Sreeranga Rajan of Fujitsu Laboratories of America with co-chairs Neel Sundaresan of eBay and Wilco Van Ginkel of Verizon the group is specifically working to address the security and privacy issues magnified today by the velocity, volume, and variety of big data, such as large-scale cloud infrastructures, diversity of data sources and formats, streaming nature of data acquisition and high volume inter-cloud migration.

The CSA Big Data Working Group consists of more than 30 CSA member companies in collaboration to provide industry guidance and best practices for big data security. Members include ACM (Association for Computing Machinery), Alcatel Lucent, AT&T, Ebay, Cisco, Cigital, Dell, Fujitsu, Gazzang, HP, IBM, IDC (International Data Corporation), InContact, Intel/McAfee, Kivu, Liberty Mutual, Logic, NCI (NATO Communications and Information Agency), RSA, RMS, Sumo, Sqrrl, University of Nebraska, Omaha Capitol College, Verizon and Vormetric.

Contacts Kari Walker ZAG Communications 703.928.9996 [email protected]

Share this content on your favorite social network today!

About Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.

For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.