Imagine in a 2016 remake of the classic film Gaslight, a young security professional is driven to the brink of insanity – and impending disaster – by a cyber schemer who unbeknownst to IT security has over time moved around and corrupted bits of data, manipulating, let's say, the design of a jumbo jetliner or perhaps the composition of a vaccine, to execute an unspeakable attack.
A little dramatic? Not really. While cybercriminals to date have mostly focused on stealing credentials for financial gain or disrupting businesses or organizations, the corruption of data, sometimes years in advance of an attack, is a growing – and more challenging – threat.
The volume, variety and velocity inherent in big data makes it difficult to ensure the integrity of all the pieces of data, says Oliver Tavakoli, chief technology officer, Vectra Networks a San Jose, Calif.-based vendor of automated threat management solutions. "Think of any big data cluster being fed by a broad supply chain of big data – each data source may have a potential supply chain integrity issue and there are many independent parts of the chain and they are moving very quickly. And given that the data in a cluster is usually viewed through the lens of results of analytics rather than being looked at directly, data integrity issues may have subtle but important effects on the final results."
The increasing volume of data that is being gathered about users by agencies, banks, websites and mobile applications has greatly increased in value, says Michael Taylor, applications and product development lead at Rook Security, a managed security services provider (MSSP) based in Indianapolis. "The analysis of user data allows organizations to better understand and anticipate the future needs of its users. Maintaining the security and integrity of this data will need to be protected with the same urgency of other personally identifiable information (PII)."
It would be difficult to argue that the world is in a good state when it comes to data protection, agrees Josh Shaul, vice president of web security at Akamai, a content delivery network and cloud services provider headquartered in Cambridge, Mass. "We have more tools and technologies at our disposal than ever before, yet the drumbeat of major data breaches rolls on."
The problem is complex, Shaul says. "Security is all about the weakest link in the chain and attackers have proven very adept at finding the weak links," he says. "The world has done a relatively good job of protecting our sensitive communications on the internet using cryptography, so attackers have moved to target the sources, destinations and data stores – where the data must be decrypted to be used."
This forces organizations to look at the entire security lifecycle, which for many is too costly and complex to be achievable, Shaul points out.
And there's another challenge, says John Avellanet, managing director and principal, Cerulean Associates, a Williamsburg, Va.-based consultancy and the author of several books on compliance, and that involves people. "We don't know what we don't know," he says. "How many IT change control requests to update a system or upgrade a system or replace a system include data regression testing to verify that data sitting on the system from yesterday, last month, last year, can still be accessed? Is still complete? Is still all available, consistent, attributable?