We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byAsher Grimstead
Modified about 1 year ago
© 2010 IBM Corporation 1 Big Data Flows vs. Wicked Leaks Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics JeffJonas@us.ibm.com December 1, 2010
© 2010 IBM Corporation 2 Background Early 80’s: Founded Systems Research & Development (SRD), a custom software consultancy 1989 – 2003: Built numerous systems for Las Vegas casinos including a technology known as Non-Obvious Relationship Awareness (NORA) 2005: IBM acquires SRD, now chief scientist of IBM Entity Analytics Personally designed and deployed +/- 100 systems, a number of which contained multi-billions of transactions describing 100’s of millions of entities Today: My focus is in the area of ‘sensemaking on streams’ with special attention towards privacy and civil liberties protections – Markle Foundation, Member, Task Force on National Security – EPIC, Member, Advisory Board
© 2010 IBM Corporation 3 Data Volumes Exploding “Every two days now we create as much information as we did from the dawn of civilization up until 2003.” -Eric Schmidt, CEO Google
© 2010 IBM Corporation 4 Big Data Flows: How Many Copies? Blog Post: How Many Copies of Your Data? Is Somewhat Like Asking: How Many Licks to the Center of the Tootsie Pop?How Many Copies of Your Data? Is Somewhat Like Asking: How Many Licks to the Center of the Tootsie Pop? Often, at minimum, 144 copies – Backups – Internal transfers – Other operational systems – Operational data stores – Data warehouses – Data marts – Testing systems – Training systems – Their backups – External transfers (information sharing partners) – And then their entire ecosystem (from warehouses to backups) – And their information sharing partners Sometimes 10,000’s of copies
© 2010 IBM Corporation 5 What’s driving information sharing and big data?
© 2010 IBM Corporation 6 Time Computing Power Growth Sensemaking Algorithms Available Observation Space Context Enterprise Amnesia Organizations Are Getting Dumber
© 2010 IBM Corporation 7 firstname.lastname@example.org No Context
© 2010 IBM Corporation 8 Information in Context … and Accumulating Top 200 Customer Job Applicant Identity Thief Termination “No-Rehire” email@example.com
© 2010 IBM Corporation 9 Demonstration
© 2010 IBM Corporation 10 VOTER George F Balston YOB: 1951 D/L: 4801 13070 SW Karen Blvd Apt 7 Beaverton, OR 97005 Last voted: 2008 DECEASED PERSON George Balston YOB: 1951 SSN: 5598 DOD: 1995 Is This Voter Deceased? When it comes to best practices in voter matching, if only a name and year of birth match, this is insufficient proof of a match. Many different people in the U.S. share a name and year of birth. Human review is required. Unfortunately, there are thousands and thousands of cases just like this and state election offices don’t have the staff (or budget) to manually review such volumes.
© 2010 IBM Corporation 11 VOTER George F Balston YOB: 1951 D/L: 4801 13070 SW Karen Blvd Apt 7 Beaverton, OR 97005 Last voted: 2008 DECEASED PERSON George Balston YOB: 1951 SSN: 5598 DOD: 1995 Now Consider This Tertiary DMV Record DMV George F Balston YOB: 1951 SSN: 5598 D/L: 4801 3043 SW Clementine Blvd Apt 210 Beaverton, OR 97005 The DMV record contains enough features to match both the voter (name, year of birth and driver’s license) and/or the deceased persons record (name, year of birth and SSN). For the sake of argument, let’s say it matches the voter best.
© 2010 IBM Corporation 12 VOTER George F Balston YOB: 1951 D/L: 4801 13070 SW Karen Blvd Apt 7 Beaverton, OR 97005 Last voted: 2008 DMV George F Balston YOB: 1951 SSN: 5598 D/L: 4801 3043 SW Clementine Blvd Apt 210 Beaverton, OR 97005 DECEASED PERSON George Balston YOB: 1951 SSN: 5598 DOD: 1995 Is This Voter/DMV Person Deceased? The voter/DMV record now shares a name, year of birth and SSN with the deceased person record. In voter matching best practices, this evidence would be sufficient to make a determination that this voter is in fact deceased. This case no longer needs human review.
© 2010 IBM Corporation 13 VOTER George F Balston YOB: 1951 D/L: 4801 13070 SW Karen Blvd Apt 7 Beaverton, OR 97005 Last voted: 2008 DMV George F Balston YOB: 1951 SSN: 5598 D/L: 4801 3043 SW Clementine Blvd Apt 210 Beaverton, OR 97005 DECEASED PERSON George Balston YOB: 1951 SSN: 5598 DOD: 1995 Context Accumulates As features accumulate it becomes easier to match future identity records. As events and transactions accumulate – detection of relevance improves. Here we can see George who died in 1995 voted in 2008.
© 2010 IBM Corporation 14 Flows vs. Leaks
© 2010 IBM Corporation 15 Flows vs. Leaks Most flows are by design – Better context – Better prediction Unintended disclosure flows – External: e.g., Cyber – Internal: e.g., Insider threats Recent WikiLeaks – Devastating consequences – Could have been worse. What if the leaks were not made public rather selectively and quietly passed around to others?
© 2010 IBM Corporation 16 Wicked Leaks, Prediction Sudden change of leak cadence – so much, so fast, no considered intolerable – May result in new harsh laws and prosecutions Receiving stolen property (e.g., data) and benefiting from it … met with severe pursuit and prosecution – Stealing party – The information exchange points (e.g., Wikileaks) – Those publishing the contents (e.g., the media) What if? Could result in less transparency, less accountability
© 2010 IBM Corporation 17 Protecting Big Data from Wicked Leaks Central indexes – fewer copies of the data moved; easier to control and audit usage Analytics in the anonymized data space – data anonymization before transfer, reducing the risk of unintended disclosure Immutable (tamper resistant) audit logs – to help prove the system is being used within policy and law Real-time active audits – to evaluate the actions of authorized users
© 2010 IBM Corporation 18 Big Data Flows vs. Wicked Leaks Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics JeffJonas@us.ibm.com December 1, 2010
© 2010 IBM Corporation 1 Enterprise Amnesia vs. Enterprise Intelligence Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics
© 2011 IBM Corporation 1 Big Data. New Physics. And Why Geospatial Data is Analytic SuperFood Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM.
© 2010 IBM Corporation 1 Mass Declassification What If? Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics
Cloud Computing and Information Policy: Computing in a Policy Cloud? Jimmy Lin The iSchool University of Maryland Thursday, April 2, 2009 This work is.
© 2011 IBM Corporation 1 Privacy by Design (PbD) Confessions of an Architect Privacy by Design | Time to Take Control Toronto, Canada January 28th, 2011.
1 Cops & Robbers Las Vegas Style Jeff Jonas, Chief Scientist, IBM Entity Analytics Blogging at
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
IT Security Challenges In Higher Education Steve Schuster Cornell University.
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
The Federal Enterprise Architecture A Way Ahead on Information Sharing Bryan Aucoin Chief Technical Officer Enterra Solutions
Security Controls – What Works Southside Virginia Community College: Security Awareness.
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by? The Affordable Care Act Health Insurance companies United States Congress United States.
1 Jeff Jonas IBM. Spear Phishing en Masse Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics OReilly Gov.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
© 2012 IBM Corporation Analytics Across the Enterprise Why Big Data and Analytics? Prepared by: Dennis Buttera – Curriculum Advisor 01 August 2014.
Join Our Research Efforts in CCAA to Improve Cybersecurity Robustness, Resiliency and Management in Enterprises Information Slides to Encourage Your Organization.
Engineering Secure Software. Uses of Risk Thus Far Start with the functionality Use cases abuse/misuse cases p(exploit), p(vulnerability) Start.
How to Gain Comfort in Losing Control to the Cloud Randolph Barr CSO - Qualys, Inc SourceBoston, 23. April 2010.
Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.
1 The Auditor’s Perspective Division of Sponsored Research Research Administration Training Series Presented by: Joe Cannella Audit Manager,
SOFTWARE PIRACY & WORKPLACE ETHICS. What Is Software Piracy? Unauthorized copying/installation/use Unauthorized distribution or sale.
The 2009 HIMSS Security Survey: Insights into the Status of Healthcare Security Implementation sponsored by Symantec Meeting of the HIT Standards Committee,
Unlinking Private Data
When Search is not Enough Case Study: The Advertising Research Foundation Gilbane Boston November 27, 2007 Gilbane Boston November 27, 2007.
The Fallacy Behind “There’s Nothing to Hide” Why End-to-End Encryption Is a Must in Today’s World.
1 CENG 351 CENG 351 Introduction to Data Management and File Structures Department of Computer Engineering METU.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.
Cloud Computing Lecture #6 Information Policy Jimmy Lin The iSchool University of Maryland Wednesday, October 7, 2008 This work is licensed under a Creative.
Engineering Secure Software. Lottery Story A Threat We Can’t Ignore Documented incidents are prevalent Carnegie Melon’s SEI has studied over 700 cybercrimes.
Are cybersecurity threats keeping you up at night? Your people go everywhere with devices, do the apps and data they need go with them? Can you adopt.
Kapow Software – A Robot Revolution Jon Swisher – Senior Sales Engineer.
LegalTech Asia DATA PRIVACY LAWS UPDATE Edward Chatterton 4 March 2013.
May 2016U.S. Securities and Exchange Commission1 INSIDER TRADING Matthew B. Greiner Branch Chief Office of International Affairs U.S. Securities and Exchange.
Chapter 18 Internal Auditing and Outsourcing. Define Internal Auditing Internal auditing is an independent and objective assurance and consulting activity.
Information Systems in Organizations Running the Business: Enterprise Systems (ERP)
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
SharePoint 2010 Pragmatic implementation and use at a corporate level Carol Van der Donck.
Best Cyber Security Practices for Counties An introduction to cybersecurity framework.
11 CERTIFICATE SERVICES AND SECURE AUTHENTICATION Chapter 10.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
SOX Compliance Don’t fight what can help you. Skye L. Rogers 9 Years experience working in Systems & Operations in various roles. 4 years focusing.
Identity Awareness and Data Loss Prevention Effective DLP David Miller Sr. Director, Security Products October 15, 2009.
Addressing Standard 2.0 TSW: Evaluate best practices for successful money management. Banking.
Chapter 1 Business Driven Technology MANGT 366 Information Technology for Business Chapter 1: Management Information Systems: Business Driven MIS.
Document Management Service MaestroTec, Inc. D ocument M anagement S ervice Improve the way you manage your critical business documents.
T8. Open Source Tools That are Changing the Content Technology Landscape Gilbane San Francisco 2010.
© Pearson Prentice Hall Using MIS 2e Chapter 11 Information Systems Management David Kroenke.
© 2017 SlidePlayer.com Inc. All rights reserved.