Big Data Trust and Reputation, Privacy Cyber Threat Intelligence

Transcription

1 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence October 27, 2015 Start Time: 9 am US Pacific / 12 noon US Eastern / 5 pm London Time #ISSAWebConf

2 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Welcome Conference Moderator Hari Pendyala ISSA Fellow and Member, Chennai, Asia Pacific Chapter Web Conference Committee To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 2

3 Speaker Introduction JC Cannon Founder, Assertive Privacy Jude Patrick Vice President Alliances, Venusgeo Solutions Ian Amit Vice President, ZeroFOX To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 3

4 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence JC Cannon Founder, Assertive Privacy To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 4

5 Overview Big Data collection is pervasive It can be used to improve society It helps keep us safe It keeps us entertained Big Data collection leads to abuses 5

6 Online Collection Online Advertising Companies 2013, 2014 revenue $42.8B, $49.5B Cross-device tracking includes interests, location, contacts Profiled based on friends and neighbors AOL, Google, Yahoo let you see interests Siri, Cortana, Google Now Sends your audio to the cloud Shares the audio with third parties Remedies Opt-out of behavioral advertising Use private browsing and a VPN 6

7 Cloud Storage Still too many unencrypted wireless connections Apple icloud breach Snapchat lets you pay for disappeared snaps Using a cloud service requires a lot of trust Remedies Use a public VPN to ensure an encrypted connection Understand what is going to the cloud and manage it Use Cloud Security Alliance to evaluate services 7

8 Facial Recognition ChurchIx.com Professor Aquisti of CMU identified students with 35% accuracy Facebook and Google have 90%+ accuracy Government tracking using FR 30 churches tracking attendance using FR Remedies Opt out of the usage of facial recognition Wear a big hat and glasses 8

9 Body Cameras Drivers shown drunken and vomiting Protestor privacy Police videos withheld and edited No more topless French sunbathers Remedies Create new laws Behave in public 9

10 Online Reputation Bullying and trolling Revenge porn Online shaming Cecil the Lion costume Dog poo girl Remedies Reread before hitting send Monitor posts about you Have PR manage your brand 10

11 Government Surveillance OPM data breach scandal Seattle cellphone tracking NSA shared sensitive photos from surveillance CHIP shared sensitive photos from traffic stops EU Safe Harbor has been invalidated Remedies Institute a Consumer Privacy Bill of Rights 11

12 Conclusion Big Data can do amazing things for society In the wrong hands Big Data can be destructive Monitor your online existence Work to mitigate online risks 12

13 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you! 13

14 Question and Answer JC Cannon Founder, Assertive Privacy To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 14

15 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you JC Cannon Founder, Assertive Privacy 15

16 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Jude Patrick Vice President Alliances, Venusgeo Solutions To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 16

17 BIGDATA Technology to handle Large complex Datasets Technology to handle Disks Speed and Size 17

18 BIGDATA Security Challenges 1. MapReduce - Secure computations in distributed programming frameworks 2. NoSQL - Security best practices for non-relational data stores 3. AST - Secure data storage and transactions logs 4. End-point input validation/filtering 5. Real-time security/compliance monitoring 6. Scalable and composable privacy-preserving data mining and analytics 7. ABE - Cryptographically enforced access control and secure communication 8. Granular access control 9. Granular audits 10. Data provenance 18

19 Security Considerations 1. Identify data and its associated security/privacy requirements Prevent sensitive data when its not required, don t store it 2. Infrastructure configuration management tool is required to manage the clusters Puppet or Chef 3. Nodes and Request validation Authentication Authorization 4. Secure the underlying OS Process Hardening 5. Use of transmission level security SSL / TLS to authenticate and ensure privacy of communications between cluster nodes 19

20 Security Considerations(Continued) 6. Have a Check Point Implement a check point at the node level to block access to users/ips as required for client communication directly with the resource managers 7. Secure SQL-Injection HiveQL includes many operators, functions and expressions commonly abused by SQL by injection attacks Count Union Distinct Wait For Sub Queries Expression joined by OR in a WHERE clause Comparisons between two constants Protecting HiveQL Injection Accountability (user developed functions, views, logic) Security reviews of MapReduce/HiveQL applications Revoke access where possible 20

21 ELK Security Architecture 21

22 HDFS Security Architecture 22

23 NoSQL Security Architecture 23

24 End to End Architecture 24

25 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you! 25

26 Question and Answer Jude Partick Vice President Alliances, Venusgeo Solutions To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 26

27 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you Jude Patrick Vice President Alliances, Venusgeo Solutions 27

28 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Ian Amit Vice President, ZeroFOX To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 28

29 Threat Intelligence where is my magic button?! They promised us hoverboards, at least deliver on magical threat intelligence! 29

30 Threat Intelligence where is my magic button?! They promised us hoverboards, at least deliver on magical threat intelligence! Throwing lots of general threat data into big data gets us great general signatures (IOCs). But is that what we asked for need? 30

31 Threat Intelligence where is my magic button?! They promised us hoverboards, at least deliver on magical threat intelligence! Throwing lots of general threat data into big data gets us great general signatures (IOCs). But is that what we asked for need? Let s talk about what is it we should be looking for as part of Threat Intelligence before buying all the feeds 31

32 Threat Intelligence? Start with Threat Modeling 32

33 Threat Intelligence? Start with Threat Modeling Controls Assets Threats 33

34 Threat Intelligence? Start with Threat Modeling Controls Assets Threats 34

35 What s in a threat? Actor Community Industry Vertical Geography Culture Organization People (employees, executives) 3 rd parties 35

36 What s in a threat? Actor Community Industry Vertical Geography Culture Organization People (employees, executives) 3 rd parties 36

37 What s in a threat? Actor Community Industry Vertical Geography Culture Organization People (employees, executives) 3 rd parties Big Data 37

38 Turning Data into Intelligence: Context! Big Data Controls Assets Threats 38

39 Turning Data into Intelligence: Context! Big Data Controls Assets Threats 39

40 What do I really do with this Threat Intelligence? Update your signatures/blacklists? NO! Adjust your controls based on the threats and their access/affect on your assets Controls Assets Threats 40

41 And close the loop 41

42 A note on privacy It doesn t really exist. 42

43 A note on privacy It doesn t really exist. Not really. Unless 43

44 A note on privacy It doesn t really exist. Not really. Unless Correlating a lot of small (seemingly irrelevant) pieces of data in context Intelligence 44

45 A note on privacy It doesn t really exist. Not really. Unless Correlating a lot of small (seemingly irrelevant) pieces of data in context Intelligence Intelligence!= Privacy 45

46 Trust? Reputation? How do you determine? 46

47 Trust? Reputation? How do you determine? My online reputation On Facebook On Twitter On LinkedIn Etc 47

48 Trust? Reputation? How do you determine? My online reputation On Facebook On Twitter On LinkedIn Etc Do you trust me? 48

49 Privacy, Trust, Reputation Control Controlling what I opt to put out there How is my organization perceived online What s out there that s out of my immediate control? What is the risk of 3 rd party losing my data? (Experian ) 49

50 Privacy, Trust, Reputation Control Controlling what I opt to put out there How is my organization perceived online What s out there that s out of my immediate control? What is the risk of 3 rd party losing my data? (Experian ) Back to threat modeling ;-) 50

51 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you 51

52 Question and Answer Ian Amit Vice President, To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 52

53 Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you Ian Amit Vice President, 53

54 Open Panel with Audience Q&A JC Cannon Founder, Assertive Privacy Jude Patrick Vice President Alliences, Venusgeo Solutions Ian Amit Vice President, ZeroFOX #ISSAWebConf To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. 54

55 Closing Remarks Thank you Citrix for donating the Webcast service 55

56 CPE Credit Within 24 hours of the conclusion of this webcast, you will receive a link via to a post Web Conference quiz. After the successful completion of the quiz you will be given an opportunity to PRINT a certificate of attendance to use for the submission of CPE credits. On-Demand Viewers Quiz Link: Conference-October Big-Data-Trust-and- Reputation-Privacy-Cyber-Threat-Intelligence #ISSAWebConf 56