by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : August 2013
[BrieFing] 12 GCN AUGUST 2013 • GCN.COM Agencies are looking to "big data" to help solve some of the most pressing challenges facing government today. But big data often brings its own chal- lenges in the form of IT and information security concerns. Too often, agen- cies approach big data as if it were an expansion of or signi cant increase in their database capability. Yet the term "big data" means much more than just a large database; it encompasses new tools, technologies and operational methods. From an information security perspective, big data can mean "big exposure" to risk if approached solely from a traditional IT perspective. While an authoritative de nition of big data is debatable, the following proposed by Forrester's Mike Gualtieri is one that IT security professionals can easily grasp, given that their mission has traditionally been focused on how data is processed, stored and transmitted: "Big data is the frontier of a rm's ability to store, process, and access (SPA) all the data it needs to operate effectively, make decisions, reduce risks, and serve customers." Certain aspects of big data include traditional IT approaches with traditional challenges that do not require an entirely new perspective. In fact, many agencies already have the foundation laid for devel- oping an approach to big data security. For example, as agencies optimize their continuous monitoring capabili- ties, they can utilize existing tools that support big data, including vulnerability management and patching services. While these capabilities are all neces- sary rst steps to approaching big data security, a new perspective is in fact re- quired when considering the differences between big data and data processing of the past. Big data still relies on the same IT infrastructure as systems did in the past but can greatly expand and complicate it. New software, such as Hadoop, lacks mature security models, assessment techniques and automated tools. This means security teams will need to rely largely on an array of operational and managerial techniques --- including seg- mentation and robust, auditable access controls --- to help ensure big data does not become "big exposure." By applying the existing approaches under FISMA with mature change and con guration management processes, agencies can begin to securely leverage the power of big data. Security teams will need to become more integrated and involved in the lives of data scientists and business units to understand where they need support. While big data is new to many agen- cies, the principles in protecting infor- mation. Agencies should leverage their existing operational and managerial con- trols to protect new technologies while automated tools are developed to add further rigor, maturity and automation. • Big data = big exposure. What can you do about it? BY (ISC)2 GOVERNMENT ADVISORY BOARD EXECUTIVE WRITERS BUREAU Big data consists of many new technologies, tools and practices (Hadoop, NoSQL, Pig, Hive, HBase, etc.) as well as data warehousing strategies, many of which are new to the security professional and create a com- plex operating environment. The following examples represent some of the complexities that are non-traditional causes for concern from both a security perspective and an IT governance perspective: Database structure. Although most traditional database vendors support big data, they operate as SQL-based or another type of rela- tional structure. Hadoop and other next-generation databases are designed for unstructured data. Scalability. While most structured database systems are designed to "scale up" based on the size of the host machine, next-generation technologies are often designed to "scale out," or cluster. Instead of having a single large database server, an agency may have 500 smaller systems operating togeth- er as a cluster. Some of these systems could be virtual, some physical, and some in the cloud. Configuration management. Traditionally, FISMA (through FIPS-200) has required agencies to develop robust configuration management plans, develop configuration and change man- agement boards, and ensure that security impact analysis is performed as part of system changes. When working with big data, mature and robust configu- ration and change management is a must. Cost. Since new nodes could be spun up in almost any cloud provider 's environment, or even on additional desktops within an agency, tight control over IT resources and spending must be in place. NEW CAUSES FOR CONCERN