Comments
Is Big Data a Problem or an Opportunity?
Newest First  |  Oldest First  |  Threaded View
IvySchmerken
50%
50%
IvySchmerken,
User Rank: Author
7/31/2014 | 12:27:58 PM
Re: HPCC Systems
Blindly collecting data for the sake of participating in the big data trend is not useful and could be costly as well as add risk to the organization. As Marc, points out, data governance is necessary to ensure the data is accurate and is evolving to keep up with changes in stock splits, management and issuers. While firms typically want big data to make better investment decisions or to trade the next hot stock, it can be used in other areas of the business, such as analyzing  trade processing and how many MIPs are needed, say, over the next 12 months. Firms need processes around big data to ensure that it's accurate to rely upon.
Becca L
50%
50%
Becca L,
User Rank: Author
7/30/2014 | 9:55:18 AM
Re: HPCC Systems
I'd also add, big data is so BIG that many firms can't handle what they're taking in. Given the cost vs risk of hosting and managing that on their own, they may have started giving a little less weight to the cloud security concerns.
Becca L
50%
50%
Becca L,
User Rank: Author
7/30/2014 | 9:53:22 AM
Re: HPCC Systems
I think we're starting to see a big tipping point in security. Smaller firms were already there to begin with and hadn't really hestitated about cloud security. But a lot of the bigger firms that were very skeptical, and stood on the sidelines of cloud (public and private) have dipped their toes and some have even made the plunge in the last year. The rest of the industry has noted these changes and are increasibgly ready to join in. Tech vendors certainly have more work to do (after all, the security landscape is ever-changing) but FS firms don't need as much convinving as they used to.
Becca L
50%
50%
Becca L,
User Rank: Author
7/30/2014 | 9:48:28 AM
Trendy Tech
Great article, Marc. It's funny how quick firms jump onto these trends without really setting up a plan for how to leverage it. By the same logic, I recently read an article on hiring more Data Scientists for data scientists sake, it leads to as much progress and success as buying tech for tech stake. As you point out, all technology, like new hires, need to be aimed at a problem and trained and tasked to solve it, not just thrown at the data with a prayer for some (or any) results.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
7/30/2014 | 6:58:10 AM
Re: HPCC Systems
Yes, there are many risks with big data, as you point out. Technology vendors have come a long way in securing their hosted and cloud-based offerings, but they certainly have a way to go.
HM
50%
50%
HM,
User Rank: Apprentice
7/29/2014 | 4:53:54 PM
HPCC Systems
Marc, I believe Big Data is here to stay. While very few people would hesitate to highlight the value that Big Data represents to organizations and society, the benefits of Big Data are not exempt of risks. The distributed nature of the storage and processing environments of big data engines, such as the HPCC Systems platform, combined with the need for trans-disciplinary collaboration (data analysts, mathematicians, business experts and software developers, all working together) can create situations where certain contents could be exposed, beyond the intention and policies of the organizations. Tokenization, an effective technique while considering standalone datasets, can be trivially reverted given appropriate additional data sources. Moreover, the fact that public cloud environments are sometimes considered, in the course of Big Data implementations, introduces additional risk factors that can be difficult to mitigate. The HPCC Systems platform from LexisNexis Risk Solutions addresses the different risks associated with Big Data and has been using methodologies and techniques for mitigating risk effectively for over a decade. Learn more at http://hpccsystems.com
Trendensity
50%
50%
Trendensity,
User Rank: Apprentice
7/29/2014 | 8:33:56 AM
An opportunity with a healthy dose of scepticism
Google's flu data analysis problems illustrated there are no guarantees though this is a huge opportunity for financial services.

Data author Phil Simon also wrote an interesting post about the Oil Metaphor (http://tom.rw/a-closer-look-at-the-data-oil-metaphor-phil-simon-author-of-the-visual-organization/).


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Janice, I think I've got a message from the code father!
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.