Big Data/Cloud & Cyber Security

Roland Cloutier, Staff VP and Chief Security Officer, ADP

Roland Cloutier, Staff VP and Chief Security Officer, ADP

As technologies and business platforms shift, the impact to cyber security and defensive programs are often felt long after decisions are made, technology is deployed and end users and consumers have adopted the technology change. The combination of big data and cloud is a change agent that have altered the approach that cyber professionals evaluate, defend, and manage risks to these integrated business ecosystems. The complexity of protecting this environment should not cloud the practitioner’s view of the potential for truly advancing their business operations and protection programs through the use of these services as a force multiplier to their existing efforts.

"One of the greatest advancements in utilizing cloud and big data as components of your operational security, risk, or privacy operations platform is the incredible speed to deployment"

Keeping aside the incredible efforts and protection models that are being developed for enterprise enablement of cloud/big data―like the Cloud Access Security Broker(CASB) vertical, platform virtualization, object-based on demand encryption, and entitlement management in the cloud―the basics for what security technologists need are already formed and waiting to be exploited in a way that guarantees the acceleration of your businesses protection capabilities through the shifting of operating platforms and resource alignment.

Extensibility& Burst-ability

One of the simplest ways to embrace cloud is by enabling an alternate path for your operations to quickly utilize platform and technology on and as needed during critical operations. For instance, you find yourself in response mode, need to dump millions of logs from multiple geographic localities and run advanced analytics or correlations against that data with multiple tools, but you do not have the horsepower or storage to accomplish this internally. The use of third party IaaS and SaaS services could enable you to securely surge quickly and then contract as needed without the full investment into capital or leased equipment with higher maintenance and operation costs being unnecessarily added to your budget. When your network or enterprise is having a bad day, often critical operating elements like the network or internal hosted computer are too. The ability to redirect critical incident response and management functions out of the impacted environments extends your business continuity and resilience.

Extending Defense in Depth (Obfuscation)

Another key concept in the use of third party technology ecosystems which will have the ability to deepen your defense in depth strategy and strengthen core operating elements by shifting to cloud-based protection capabilities with upstream risk remediation capabilities. One of the best demonstrated uses today is the migration of primary controls to protect against Distributed Denial of Service (DDOS) attacks to cloud-based DDOS vendors that monitor for and treat suspect traffic long before getting to your environment. Any company is responsible for basic DDOS prevention at their edges and hosting environments, but the majority of scrubbing, black holing, and traffic bifurcation can be accomplished in the cloud at the time of the attack reducing equipment and resource costs specific to a singular technology issue. The same argument can be made for distributed web tiers, decryption layers, and other layers of operations or defense that can be pushed further out from our core operating environments and leverage the power of the greater cloud ecosystem.

Cost & Cost Modeling

This all leads to cost and cost modeling, and what it takes to protect your business (transparency of business protection financials), how you become more effective and efficient as a business protection executive (deliberate cost leveraging for protection enhancement), and the enablement of actuated risk-based cost informed decision analysis specific to the threats, risks, and position of your company. The use of cloud services is a competitive option for many historical controls and operations. The reduction in some areas of FTE, long tailed capital costs, and operating locations enable you to reinvest in necessary program upgrades, R&D, new technology, and in some cases support the business costs basis. The use of big data platforms that provide new cyber incident management and operational technology support drive transparency and risk reduction through reduced time to discovery, open gap exposure, and time to remediate. Further, the use of advanced cloud-based risk technology puts real risk modeling at our fingertips through high-powered modeling software enhanced through the collective use of our peers and multiple industries around the globe.

Time to Deployment

When bad things happen, they happen fast. You no longer have months or years to roll out critical gap technologies when a new zero day threat has been discovered. One of the greatest advancements in utilizing cloud and big data as components of your operational security, risk, or privacy operations platform is the incredible speed to deployment. When aligned with the right partners, pre-vetted and pre-designed, your ability to execute a deployment often goes from months to weeks or days. Through segmenting portions of the operations, such as analytics to cloud partners, you can focus on deployment and post-process output for faster response and less operational management overhead impact from a technology perspective.

Cyber Security R&D Agenda

Focus needs to be here, now and on the future. Though financial re-alignment is possible through cloud and big data investments, focus on R&D as a core strategic pillar of your security, risk, and privacy operating unit is needed.

• Extensibility of Current Investments & Gaps – know your risks, discover your gaps, and squeeze new functionality to reduce those risks with your existing technology along with defense stack and partners.

• Strategic Business Enablement – know your next set of business go-to-market requirements, evaluate your readiness to support those technologies or operations and create a roadmap to get there before your business does.

• Over the Horizon Threat Defense –make threat intelligence and broad industry information a part of your risk readiness evaluations and utilize R&D resources to account for the reality of handling probable impact areas that are 3-5 years out.

It is your job to ensure your business can do its business when and where it needs to, without negatively impacting the company’s financial model. The onset of cloud service and big data platforms geared for security, risk, and privacy operations has matured significantly in recent years and represents an incredible opportunity for a new financial model for the services you deliver to your business.

Read Also

Building a Comprehensive Industrial Cyber Security Program

Building a Comprehensive Industrial Cyber Security Program

Mohamad Mahjoub, CISO, Veolia Middle East
Bolstering Cybersecurity

Bolstering Cybersecurity

Amr Taman, Chief Information Security Officer, Al Ahli Bank of Kuwait
Building Untrusted Networks to Improve Security

Building Untrusted Networks to Improve Security

Earl Duby, Vice President and CISO, Lear
Security challenges that companies face when implementing telehealth and the solutions and best practices for managing the risks

Security challenges that companies face when implementing...

Stefan Richards, Chief Information Security Officer, CorVel Corporation
Building Cyber Resilience during Covid-19

Building Cyber Resilience during Covid-19

Aleksandar Radosavljevic, Global Chief Information Security Officer, STADA
IAM may help secure data, but it needs to be protected as well

IAM may help secure data, but it needs to be protected as well

Marc Ashworth, Chief Information Security Office, First Bank