Database Reference
In-Depth Information
the threats of big-data analysis to cloud security and privacy (Goldberg
2013). Organizations like the CSA represent one small piece of the very
large and growing business of IT security, which was worth about $65
billion in 2013 and is growing at the rate of 9 percent annually, faster than
the IT business as a whole (Waters 2013a). Despite this enormous invest-
ment in protection, experts, including those with no ax to grind with the
cloud security business, are not optimistic that current forms of security
are keeping up with the increasing sophistication of the attacks. Indeed,
it appears that the environmental impact of the cloud is just one of the
industry's “dirty secrets.” Another, as one analyst notes, is the failure of
traditional measures to successfully address current problems: “The dirty
secret that the security professionals can no longer keep to themselves is
that their old defenses—which were aimed at protecting PCs and other
devices that comprise the endpoints of computer networks—no longer
work” (ibid.). The old defenses mainly consisted of antivirus software,
which continues to work well against the bulk of attacks but is no longer
effective against today's more sophisticated hacking.
It is particularly interesting that while attacks on cloud data centers
are the most problematic, security companies believe that the big data
processed in the cloud may provide the best solution. Big data presents
opportunities for pattern recognition, which can distinguish between
normal and anomalous behavior in a network. What the security people
call “big intelligence” is actually big surveillance because to succeed
requires massive monitoring of network activity. When attackers make
it through standard defenses, surveillance spots the patterns they make
in the cloud. Some see this as little more than useful rhetoric, a means
of giving hope to computer security customers in language they might
understand. But as one commentator observed, “Besides the improved
rhetoric, there's another beneit to these new approaches: some of them
might even work” (ibid.).
Raytheon, the ifth-largest defense contractor in the United States,
developed one especially promising system. The company mines social-
media sites and tracks people's movements to predict behavior. With a
name chosen from the land of bad science iction or good science satire,
Riot, or Rapid Information Overlay Technology, provides a snapshot of
an individual's online life, including likes and dislikes, opinions on issues,
friends, and places visited. Using one of its employees as an example,
Search WWH ::
Custom Search