Boost Fertility New Invention Ups Success Rates.pdf
Â
The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New Strategies We Must Consider
1. 11/6/2013
The Future Paradigm Shifts of the Cloud and
Big Data: Security Impacts & New Strategies
We Must Consider
We are living in an age where the velocity of information growth
has reached new speeds, the volume of information that we keep
and use is exploding, and the increasing variety of information
sources is creating a new demand to expand our definition of
security. No longer is it just security in our enterprise, but across
an expanded infrastructure and an ever-expanding collection of
devices. This talk will explore this changing universe, the
emerging paradigms, the impacts on security and suggestions
on how to manage the risk.
Key Takeaways
â˘A future view of where Cloud Computing and Bid Data are
headed
â˘How these futures and new paradigm will impact security
â˘What we need to do to meet the new needs
The Future Paradigm
Shifts of the Cloud
and Big Data:
Security Impacts &
New Strategies We
Must Consider
David Smith
President
dsmith@socialcare.com
linkedin.com/in/davidsmithaustin
1
2. 11/6/2013
ď Cyberspace will become orders of
magnitude more complex and confused very
quickly
ď Overall this is a very positive development
and will enrich human society
ď It will be messy but need not be chaotic!
ď Cyber security research and practice are
loosing ground
ď VOLUME / VELOCITY / VARIETY Change
everything
ď The Internet of Things will Change it all
3
Origin of the term âCloud Computingâ
⢠âComes from the early days of the Internet
where we drew the network as a cloud⌠we
didnât care where the messages went⌠the
cloud hid it from usâ â Kevin Marks, Google
⢠First cloud around networking (TCP/IP
abstraction)
⢠Second cloud around documents (WWW data
abstraction)
⢠The emerging cloud abstracts infrastructure
complexities of servers, applications, data, and
heterogeneous platforms
â (âmuckâ as Amazonâs CEO Jeff Bezos calls it)
2
3. 11/6/2013
Industry Trends Leading to Cloud
Computing
A âcloudâ is an IT service delivered to users that has:
⢠A user interface that makes the infrastructure underlying the service transparent to the
user
⢠Near-zero incremental management costs when additional IT resources are added
⢠A service management platform
2010
2000
Cloud Computing
1998
Software as a Service
1990
⢠Next-Generation
Utility Computing
Internet computing
⢠Network-based
Grid Computing
subscriptions to
⢠Offering computing
⢠Next-Generation
applications
⢠Solving large
resources as a
Data Centers
problems with
metered service
⢠Gained momentum
parallel computing
in 2001
⢠Introduced in late
⢠Made mainstream by
1990s
Globus Alliance
Even as clouds take hold, the IT landscape
is changing rapidlyâŚ
Technology is rapidly being
commoditized
Businesses are more
willing and able to shop for
IT services
In-house IT infrastructure is
increasingly seen as
complex and rigid
Unstructured data is the
new gold
Š Harvard Business Review
3
4. 11/6/2013
Cloud Computing
'Platform as a service' (PaaS) Infrastructure as a Service (IaaS)
Software as a service (SaaS)
ď Public Clouds
ď Application-centric cloud platforms
ď Public clouds reduce corporate IT jobs and spend. CIOs
lead the charge. Private clouds become THE strategic
decision for enterprise IT
ď Private Clouds
ď enterprise owned or leased
ď Hybrid cloud
ď composition of two or more clouds
ď Community cloud
ď shared infrastructure for specific community
Copyright, 2010 Š HBMG, Inc
A Crisis of Complexity. The Need for Progress
is Clear.
1.5x
Explosion of information
driving 54% growth in
storage shipments
every year.
70¢ per $1
70% on average is spent
on maintaining current IT
infrastructures versus
adding new capabilities.
85% idle
In distributed computing
environments, up to
85% of computing
capacity sits idle.
70%+ Never
recover
Howard Levenson, IBM
Of business never
recover from a major
data disaster.
4
5. 11/6/2013
Users Wait Too Long For New
Servers
Requester
Submit
Request
Requester
Acquire
HW &
SW
Install &
Config.
HW
Install &
Config
SW
Deploy
Server
Three to six months to provision a new server!
Howard Levenson, IBM
From http://geekandpoke.typepad.com
5
7. 11/6/2013
Virtualization for Client Computing
Hosted Virtual Desktops
Architectural equivalent of
the blade PC
Full "thick-client" image,
thin-client delivery model
Application
Application
Application
PC OS
PC OS
PC OS
VMM
Server Hardware
Portable Personalities
⢠Carry the bubble, not the
hardware
⢠Portable media, stored on
the network
⢠Bubbles of various sizes:
some with OS, some without
.
Source: Matthew Gardiner, Computer Associates
7
8. 11/6/2013
Big Data Numbers
How many data in the world?
â 800 Terabytes, 2000
â 160 Exabytes, 2006
â 500 Exabytes(Internet), 2009
â 2.7 Zettabytes, 2012
â 35 Zettabytes by 2020
How many data generated ONE day?
â 7 TB, Twitter
Big data: The next frontier for innovation, competition, and productivity
McKinsey Global Institute 2011
â 10 TB, Facebook
Tapping into the Data
â˘
â˘
â˘
â˘
Data Storage
Reporting
Analytics
Advanced Analytics
â Computing with big
datasets is a
fundamentally different
challenge than doing âbig
computeâ over a small
dataset
Utilized data
Unutilized data
that can be
available to
business
8
9. 11/6/2013
Business, Knowledge, and Innovation
Landscape
⢠Typically 80% of the key knowledge (and value) is held
by 20% of the people â we need to get it to the right
people
⢠Only 20% of the knowledge in an organization is
typically used (the rest being undiscovered or underutilized)
⢠80-90% of the products and services today will be
obsolete in 10 years â companies need to innovate &
invent faster
Copyright 2012@ HBMG Inc.
Computer generated data
ď§ Application server logs (web sites, games)
ď§ Sensor data (weather, water, smart grids)
ď§ Images/videos (traffic, security cameras)
Human generated data
ď§ Twitter âFirehoseâ (50 mil tweets/day 1,400% growth
per year)
ď§ Blogs/Reviews/Emails/Pictures
Social graphs
ď§ Facebook, linked-in, contacts
Device generated data
â âŚâŚâŚâŚ..
9
10. 11/6/2013
âBig Dataâ and itâs close
relatives âCloud Computingâ,
âSocial Mediaâ and "Mobile"
are the new frontier of
innovation.
Driven by Advance
Analytics
Big Data and Itâs Brothers
Volume
Variety
Velocity
âŚâŚâŚ..
10
11. 11/6/2013
Volume
Volume is increasing at incredible
rates. With more people using
high speed internet connections
than ever, plus these people
becoming more proficient at
creating content and just more
people in general contributing
information are combined forces
that are causing this tremendous
increase in Volume.
Variety
Next in breaking down Big Data into easily
digestible bite-size chunks is the concept of
Variety. Take your personal experience and
think about how much information you create
and contribute in your daily routine. Your
voicemails, your e-mails, your file shares, your
TV viewing habits, your Facebook updates,
your LinkedIn activity, your credit card
transactions, etc.
Whether you consciously think about it or not the
Variety of information you personally create on
a daily basis which is being collected and
analyzed is simply overwhelming.
11
12. 11/6/2013
Velocity
The speed at which data enters organizations these
days is absolutely amazing. With mega internet
bandwidth nearly being common place anymore in
conjunction with the proliferation of mobile devices,
this simply gives people more opportunity than ever
to contribute content to storage systems.
VELOCITY
Worldwide digital content
will double in 18 months,
and every 18 months
thereafter.
IDC
Mobile
Inventory
Emails
Planning
GPS
CRM Data
Demand
The Economist
Speed
Opportunities
Things
Service Calls
In 2005, humankind
created 150 exabytes
of information. In
2011, over 1,200
exabytes was created.
Velocity
Customer
Transactions
Sales Orders
Instant Messages
Tweets
VOLUME
VARIETY
80% of enterprise data
will be unstructured,
spanning traditional and
non traditional sources.
Gartner
12
13. 11/6/2013
But I Believe there are Four V4
Clouds and Crowds
Interactive Cloud
Analytic Cloud
People Cloud
Transactional
systems
Data entry
⌠+ Sensors
(physical & software)
⌠+ Web 2.0
Get and Put
Map Reduce
Parallel DBMS
Stream Processing
⌠+ Collaborative
Structures (e.g.,
Mechanical Turk,
Intelligence
Markets)
Data Model
Records
Numbers, Media
⌠+ Text, Media,
Natural Language
Response
Time
Seconds
Hours/Days
⌠+Continuous
Data
Acquisition
Computation
The Future Cloud will be a Hybrid of These.
.
13
14. 11/6/2013
As the world gets smarter,
infrastructure demands will grow
Smart
traffic
systems
Smart
Smart oil
food
field
technologies systems
Smart water
management
Smart
supply
chains
Smart
healthcare
Smart retail
Smart
weather
Smart
countries
Smart
energy
grids
Smart
regions
Smart
cities
.
14
15. 11/6/2013
The Threat Landscape Has
EvolvedâŚ
CYBERCRIMINALS
FINANCIALLY
MOTIVATED
Ransom
& fraud
DDOS
Defacement
ATA/APT
GRADE
BAD
DATA
STUFF IN
THEFT
GOOD STUFF
MALWARE
OUT
HACKTIVISTS
POLITICALLY
MOTIVATED
NATIONALISTICALLY
MOTIVATED
Public data
leakage
STATESPONSORED
ATTACKERS
Govât, enterprise &
infrastructure
targets
29
The Malware Problem â
Overwhelming Odds
1/3
85%
of malware is customized
(no signature available at
time of exploit)
of breaches took weeks
or more to discover (+6%)
of organizations believe
exploits bypassing their
IDS and AV systems
(VzB, 2012)
(VzB, 2012)
(Ponemon)
91%
30
15
16. 11/6/2013
Why is Security Hard?
No system can be 100% secure
â Reality is risk mitigation, not risk avoidance
Difficult to prove good security
â Bad security gets proven for us!
Good security and no security can look the same
â How does one know how secure they are?
Many things to secure
â People, equipment, OS, network, Application Servers,
applications, phones, and databases
Balancing the Business
Usability
Add Devices and Thing to Things
and it gets very BAD
x
Security
Performance
16
17. 11/6/2013
Mobile Devices
Mobile computers:
â Mainly smartphones,
tablets
â Sensors: GPS, camera,
accelerometer, etc.
â Computation: powerful
CPUs (⼠1 GHz, multicore)
â Communication:
cellular/4G, Wi-Fi, near
field communication
(NFC), etc.
Many connect to cellular
networks: billing
system
Cisco: 7 billion mobile
devices will have been
sold by 2012
Organization
Data Mining as a Threat to
Security
Data mining gives us âfactsâ that are not obvious to human
analysts of the data
Enables inspection and analysis of huge amounts of data
Possible threats:
â Predict information about classified work from correlation with
unclassified work (e.g. budgets, staffing)
â Detect âhiddenâ information based on âconspicuousâ lack of
information
â Mining âOpen Sourceâ data to determine predictive events (e.g.,
Pizza deliveries to the Pentagon)
It isnât the data we want to protect, but correlations among
data items
Published in Chris Clifton and Don Marks, âSecurity and Privacy Implications of Data Miningâ,
Proceedings of the ACM SIGMOD Workshop on Research Issues in Data Mining and
Knowledge Discovery
17
18. 11/6/2013
Challenges in the 21st century
Safety &
Security
Information
Explosion
Knowledge
Economy
Globalization
Accelerating
Change
International
Partnerships
Complex
Technologies
Finite
Resources
Diverse
Workforce
Life-Long
Learning
Citizen
Engagement
Sustainable
Development
Mega Trends to ConsiderâŚ
â˘
Digitization of all content (listening = getting!)
â˘
Distribution is the default (just having a network
wonât be enough)
â˘
Virtualization (location matters less and less)
â˘
Niche-ization of content & lifestyles
â˘
Mass-Personalization of media will become
standard
â˘
Democratization of creation, & peer production
â˘
Amateurization of the entire value chain (but
NOT to the detriment of experts)
â˘
âGodzilla-zationâ of users/consumers
18
19. 11/6/2013
Growth at the Edge of the Network
4,000
Petabytes/Day Global
3,500
⢠Mobile
⢠Device to Device
⢠Sensors
⢠Entertainment
⢠Smart Home
⢠Distributed Industrial
⢠Autos/Trucks
⢠Smart Toys
3,000
2,500
2,000
1,500
Converged
Content
1,000
500
Traditional
Computation
0
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
Year
19
20. 11/6/2013
Internet of Things
⢠a system . . . that would be able to
instantaneously identify any kind of object.
⢠network of objects . .
⢠one major next step in this development of the
Internet, which is is to progressively evolve
from a network of interconnected computers to
a network of interconnected objects âŚ
⢠from communicating people (Internet)
... to communicating items âŚ
⢠from human triggered communication âŚ
â˘
... to event triggered communication
20
21. 11/6/2013
Tomorrowâs ubiquitous world of
tags, sensors and smart systems
Sensor Data Volume
How do we handle all this data?
âRebalancing Collection & PED may be Necessaryâ
21
23. 11/6/2013
.
Embeddedness
The Invisible Computer
EmbeddednessďžDigital convergence
technologies will âform the invisible technical
infrastructure for human actionďžanalogous to the
visible infrastructure provided by buildings and
cities.â
Embeddedness is driven by cost-effective computing,
Mooreâs Law, miniaturization, ubiquitous
communication, and advanced materials and sensing
devices.
In 2000, 98% of computing devices sold are embedded
in products and are not apparent to the productâs
user.
23
24. 11/6/2013
Emerging Technology Sequence
Emerging
Technology
Vectors
Cellular
Array
Defect
Tolerant
Biologically
Inspired
1-D
Structures
Resonant
Tunneling
Floating
Body DRAM
Nano
FG
UTB Single
Gate FET
Source/Drain
Engineered FET
SET
Quantum
Computing
Molecular
Insulator
SET Resistance
Change
QCA
Molecular
UTB Multiple
Gate FET
Biological
Based
Architecture
Spin
Transistor
Logic
Quantum
Quasi
Ballistic FET
DNA Memory
Hybrid Non-Classical
CMOS
Risk
Source: Technology Futures, Inc.
Risk Management And Needed
Security
Unacceptable Risk
Impact to business
Business defines impact
High
Low
Risk management
drives risk to an
acceptable level
Acceptable Risk
Probability of exploit
High
Security engineering defines probability
24
25. 11/6/2013
Cyber Security is all about tradeoffs
Productivity
Security
Letâs build it
Cash out the benefits
Next generation can secure it
Letâs not build it
Letâs bake in super-security to
make it unusable/unaffordable
Letâs sell unproven solutions
There is a middle ground
We donât know how to predictably find it
49
Exposures
1. Increased Dependency on Complex Technologies
and Business Processes
2. Steep Decline of Barriers to Trade
3. Speed of Transactions
4. The Death of Distance
5. The Adoption of Advanced Communications
6. Consolidation/Transformation of Traditional
Industries
7. The Internet and the Abundance of Information
8. Infrastructure
9. Overcommitted Agencies
10. Changing Social Constructs
11. The Device to Device Computing Growth
25
26. 11/6/2013
Top 5 Most Appreciated Technologies
Microwave Oven
Universal Remote Control
Garage Door Opener
Telephone Answering Machine (For Home)
Ear Thermometer
77.3%
66.6%
64.6%
61.7%
59.5%
26
27. 11/6/2013
Big Data
â85% of eBayâs analytic workload is new and
unknown. We are architected for the
unknown.â
Oliver Ratzesberger, eBay
Data exploration â data as the new oil
ď§
ď§
ď§
ď§
The exploration for data, rather than the exploration of data
Uncovering pockets of untapped data
Processing the whole data set, without sampling
eBayâs Singularity platform combines transactional data
with behavioral data, enabled identification of top sellers,
driving increased revenue from those sellers
53
27
28. 11/6/2013
ď Cyberspace will become orders of
magnitude more complex and confused very
quickly
ď Overall this is a very positive development
and will enrich human society
ď It will be messy but need not be chaotic!
ď Cyber security research and practice are
loosing ground
ď VOLUME / VELOCITY / VARIETY Change
everything
ď The Internet of Things will Change it all
55
In Parting: Be Paranoid
âSooner or later, something
fundamental in your business
world will change.â
ďž Andrew S. Grove, Founder, Intel
âOnly the Paranoid Surviveâ
28