Big Data Trust and Reputation, Privacy Cyber Threat Intelligence October 27, 2015 Start Time: 9 am US Pacific / 12 noon US Eastern / 5 pm London Time #ISSAWebConf
Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Welcome Conference Moderator Hari Pendyala ISSA Fellow and Member, Chennai, Asia Pacific Chapter Web Conference Committee To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 2
Speaker Introduction JC Cannon Founder, Assertive Privacy Jude Patrick Vice President Alliances, Venusgeo Solutions Ian Amit Vice President, ZeroFOX To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 3
Big Data Trust and Reputation, Privacy Cyber Threat Intelligence JC Cannon Founder, Assertive Privacy To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 4
Overview Big Data collection is pervasive It can be used to improve society It helps keep us safe It keeps us entertained Big Data collection leads to abuses 5
Online Collection Online Advertising Companies 2013, 2014 revenue $42.8B, $49.5B Cross-device tracking includes interests, location, contacts Profiled based on friends and neighbors AOL, Google, Yahoo let you see interests Siri, Cortana, Google Now Sends your audio to the cloud Shares the audio with third parties Remedies Opt-out of behavioral advertising Use private browsing and a VPN 6
Cloud Storage Still too many unencrypted wireless connections Apple icloud breach Snapchat lets you pay for disappeared snaps Using a cloud service requires a lot of trust Remedies Use a public VPN to ensure an encrypted connection Understand what is going to the cloud and manage it Use Cloud Security Alliance to evaluate services 7
Facial Recognition ChurchIx.com Professor Aquisti of CMU identified students with 35% accuracy Facebook and Google have 90%+ accuracy Government tracking using FR 30 churches tracking attendance using FR Remedies Opt out of the usage of facial recognition Wear a big hat and glasses 8
Body Cameras Drivers shown drunken and vomiting Protestor privacy Police videos withheld and edited No more topless French sunbathers Remedies Create new laws Behave in public 9
Online Reputation Bullying and trolling Revenge porn Online shaming Cecil the Lion costume Dog poo girl Remedies Reread before hitting send Monitor posts about you Have PR manage your brand 10
Government Surveillance OPM data breach scandal Seattle cellphone tracking NSA shared sensitive photos from surveillance CHIP shared sensitive photos from traffic stops EU Safe Harbor has been invalidated Remedies Institute a Consumer Privacy Bill of Rights 11
Conclusion Big Data can do amazing things for society In the wrong hands Big Data can be destructive Monitor your online existence Work to mitigate online risks 12
Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you! 13
Question and Answer JC Cannon Founder, Assertive Privacy To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 14
Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you JC Cannon Founder, Assertive Privacy 15
Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Jude Patrick Vice President Alliances, Venusgeo Solutions To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 16
BIGDATA Technology to handle Large complex Datasets Technology to handle Disks Speed and Size 17
BIGDATA Security Challenges 1. MapReduce - Secure computations in distributed programming frameworks 2. NoSQL - Security best practices for non-relational data stores 3. AST - Secure data storage and transactions logs 4. End-point input validation/filtering 5. Real-time security/compliance monitoring 6. Scalable and composable privacy-preserving data mining and analytics 7. ABE - Cryptographically enforced access control and secure communication 8. Granular access control 9. Granular audits 10. Data provenance 18
Security Considerations 1. Identify data and its associated security/privacy requirements Prevent sensitive data when its not required, don t store it 2. Infrastructure configuration management tool is required to manage the clusters Puppet or Chef 3. Nodes and Request validation Authentication Authorization 4. Secure the underlying OS Process Hardening 5. Use of transmission level security SSL / TLS to authenticate and ensure privacy of communications between cluster nodes 19
Security Considerations(Continued) 6. Have a Check Point Implement a check point at the node level to block access to users/ips as required for client communication directly with the resource managers 7. Secure SQL-Injection HiveQL includes many operators, functions and expressions commonly abused by SQL by injection attacks Count Union Distinct Wait For Sub Queries Expression joined by OR in a WHERE clause Comparisons between two constants Protecting HiveQL Injection Accountability (user developed functions, views, logic) Security reviews of MapReduce/HiveQL applications Revoke access where possible 20
ELK Security Architecture 21
HDFS Security Architecture 22
NoSQL Security Architecture 23
End to End Architecture 24
Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you! 25
Question and Answer Jude Partick Vice President Alliances, Venusgeo Solutions To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 26
Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you Jude Patrick Vice President Alliances, Venusgeo Solutions 27
Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Ian Amit Vice President, ZeroFOX To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 28
Threat Intelligence where is my magic button?! They promised us hoverboards, at least deliver on magical threat intelligence! 29
Threat Intelligence where is my magic button?! They promised us hoverboards, at least deliver on magical threat intelligence! Throwing lots of general threat data into big data gets us great general signatures (IOCs). But is that what we asked for need? 30
Threat Intelligence where is my magic button?! They promised us hoverboards, at least deliver on magical threat intelligence! Throwing lots of general threat data into big data gets us great general signatures (IOCs). But is that what we asked for need? Let s talk about what is it we should be looking for as part of Threat Intelligence before buying all the feeds 31
Threat Intelligence? Start with Threat Modeling 32
Threat Intelligence? Start with Threat Modeling Controls Assets Threats 33
Threat Intelligence? Start with Threat Modeling Controls Assets Threats 34
What s in a threat? Actor Community Industry Vertical Geography Culture Organization People (employees, executives) 3 rd parties 35
What s in a threat? Actor Community Industry Vertical Geography Culture Organization People (employees, executives) 3 rd parties 36
What s in a threat? Actor Community Industry Vertical Geography Culture Organization People (employees, executives) 3 rd parties Big Data 37
Turning Data into Intelligence: Context! Big Data Controls Assets Threats 38
Turning Data into Intelligence: Context! Big Data Controls Assets Threats 39
What do I really do with this Threat Intelligence? Update your signatures/blacklists? NO! Adjust your controls based on the threats and their access/affect on your assets Controls Assets Threats 40
And close the loop 41
A note on privacy It doesn t really exist. 42
A note on privacy It doesn t really exist. Not really. Unless 43
A note on privacy It doesn t really exist. Not really. Unless Correlating a lot of small (seemingly irrelevant) pieces of data in context Intelligence 44
A note on privacy It doesn t really exist. Not really. Unless Correlating a lot of small (seemingly irrelevant) pieces of data in context Intelligence Intelligence!= Privacy 45
Trust? Reputation? How do you determine? 46
Trust? Reputation? How do you determine? My online reputation On Facebook On Twitter On LinkedIn Etc 47
Trust? Reputation? How do you determine? My online reputation On Facebook On Twitter On LinkedIn Etc Do you trust me? 48
Privacy, Trust, Reputation Control Controlling what I opt to put out there How is my organization perceived online What s out there that s out of my immediate control? What is the risk of 3 rd party losing my data? (Experian ) 49
Privacy, Trust, Reputation Control Controlling what I opt to put out there How is my organization perceived online What s out there that s out of my immediate control? What is the risk of 3 rd party losing my data? (Experian ) Back to threat modeling ;-) 50
Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you 51
Question and Answer Ian Amit Vice President, ZeroFOX @iiamit To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. #ISSAWebConf 52
Big Data Trust and Reputation, Privacy Cyber Threat Intelligence Thank you Ian Amit Vice President, ZeroFOX @iiamit 53
Open Panel with Audience Q&A JC Cannon Founder, Assertive Privacy Jude Patrick Vice President Alliences, Venusgeo Solutions Ian Amit Vice President, ZeroFOX #ISSAWebConf To ask a question: Type in your question in the Chat area of your screen. You may need to click on the double arrows to open this function. 54
Closing Remarks Thank you Citrix for donating the Webcast service 55
CPE Credit Within 24 hours of the conclusion of this webcast, you will receive a link via email to a post Web Conference quiz. After the successful completion of the quiz you will be given an opportunity to PRINT a certificate of attendance to use for the submission of CPE credits. On-Demand Viewers Quiz Link: http://www.surveygizmo.com/s3/2408212/issa-web- Conference-October-27-2015-Big-Data-Trust-and- Reputation-Privacy-Cyber-Threat-Intelligence #ISSAWebConf 56