BDW17 London - Andy Boura - Thomson Reuters - Does Big Data Have to Mean Big Risks?

•

0 likes•155 views

The document discusses some of the risks associated with big data, including the risk of data breaches getting more costly as data volumes and repositories increase. It notes that smaller breaches involving 10,000 to 100,000 records on average cost hundreds per record, while mega-breaches of millions of records can cost billions and be in the range of pounds per record. The main sources of risk are identified as user error, system glitches, and attacks, with malicious attacks being the costliest. It provides some recommendations around applying security controls like access management and automation while also considering dependencies and maintaining good data hygiene.

Technology

DOES BIG DATA HAVE
TO MEAN BIG RISKS?
Risk of ever increasing data volume and the
consolidation of data repositories, in the
context of the evolving threat landscape and
regulations such as GDPR.
VIEWS ARE MY OWN
13th Oct 2017
© Andy Boura

Sensitivity: Confidential
IMPACT
Smaller breaches 10K-100K records average £100s per record
Mega-breaches run to £100Ms and cost ~£s per record
• Direct breach costs
• Lost revenue
• Lost Trade Secrets and IP
• Information security investment
• PR campaign
• Regulators
• Lost Productivity
https://andy.boura.uk
Flickr | Pictures of Money - Money

Sensitivity: Confidential
IMPACT
£-
£5,000,000.00
£10,000,000.00
£15,000,000.00
£20,000,000.00
£25,000,000.00
£30,000,000.00
£35,000,000.00
£40,000,000.00
£45,000,000.00
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
https://andy.boura.uk

Sensitivity: Confidential
LIKELIHOOD
If we expect a breach once in 10 years
Then the Likelihood any given year is 0.1
Flickr |Steven Tyler PJs -  CASINO

Sensitivity: Confidential
LIKELIHOOD
-
0.10
0.20
0.30
0.40
0.50
0.60
0.70
0.80
0.90
1.00
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
https://andy.boura.uk

Sensitivity: Confidential
RISK
Likelihood
x Impact
Flickr | Erich Ferdinand – precarious workplace

Sensitivity: Confidential
RISK
£-
£500,000.00
£1,000,000.00
£1,500,000.00
£2,000,000.00
£2,500,000.00
£3,000,000.00
£3,500,000.00
£4,000,000.00
£4,500,000.00
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
https://andy.boura.uk

Sensitivity: Confidential
SOURCES OF RISKS
“Malicious attacks
are also costlier on
average”
47%
28%
25%
1 2 3
https://andy.boura.uk

Sensitivity: Confidential
https://andy.boura.uk
USER ERROR

Sensitivity: Confidential
https://andy.boura.uk
SYSTEM GLITCH

Sensitivity: Confidential
https://andy.boura.uk
ATTACKS

Sensitivity: Confidential
THINLY SPREAD RESOURCES
CAN NOW BE CONSOLIDATED
Flickr | U.S. Geological Survey – Arctic Sky

Sensitivity: Confidential
Flickr | Luke Jones – Silly Signage
GOOD HYGEINE

Sensitivity: Confidential
Boura.uk | Andy Boura
APPLY CONTROLS

Sensitivity: Confidential
Boura.uk | Andy Boura
CONSIDER
DEPENDANCIES

Sensitivity: Confidential
Flickr | untitled exhibitions - aaaf17-017
AUTOMATION

Sensitivity: Confidential
Flickr | Anne Marie Peterson – Ice Fisher
LOOKING GOOD

Sensitivity: Confidential
Flickr | Alexey Dushutin – winter fisherman
THEN USERS SHOW UP AND
DRILL HOLES IN IT…

Sensitivity: Confidential
PRINCIPLE OF
LEAST PRIVELEGE
Flickr | Elliott Brown – Hidden Spaces – Birmingham Municipal Bank - Vault

Sensitivity: Confidential
DATA ZEN
Flickr | Bermi Ferrer – Zen Stone Garden Kyoto

Sensitivity: Confidential
THANK YOU
Questions?
Feel free to find me on LinkedIn or Twitter
https://andy.boura.uk

Similar to BDW17 London - Andy Boura - Thomson Reuters - Does Big Data Have to Mean Big Risks?

Cyber Security & Awareness for Local Councils

Scribe

Panorays - NOAH18 Tel Aviv

NOAH Advisors

Cyber Security Conference 2017

Norfolk Chamber of Commerce

Cloud Computing: the last step in IT commoditisation

ISPABelgium

Will Your Business Get Hacked - Peterborough (Apr 28)

Kamarin Computers Ltd

This session is sponsored by Fortinet. Chair: Frances Burton, security services group manager, Jisc. Cybersecurity has long been an area of activity for those responsible for providing, protecting and supporting digital services in research and education, but recent events have focused public and media attention on the scale of the threat. Our security thread at this year’s conference is picking up on some of these themes and we have sessions covering a number of cybersecurity areas. There will be presentations on organisation experiences of email phishing and the results of our RPZ trial. Accreditation of services is being requested more often by project funders and will have a case study presentation on experience of obtaining ISO27001. Running order of talks: 11:30-11:55 - RPZ trial Speaker: Peter Dorey, Spamhaus 11:55-12:20 - Addressing the skills shortage in cybersecurity Speaker: Debbie Tunstall, Cyber Security Challenge. 12:20-12:45 - Institutional issues with Bitcoin Speaker: Jethro Perkins, London School of Economics and Political Science (LSE).

Parallel session: security

Jisc

IUC DWebster 2014-10-3 Final-a

Derek Webster

Take Down

Prof John Walker FRSA Purveyor Dark Intelligence

Will Your Business Get Hacked - Hull (Apr 28)

HBP Systems Ltd

Critical Infrastructure systems are the lifelines of our safety and prosperity, nerve systems facilitating communication, transportation, trade and financial transactions. Our daily lives depend heavily on CI networks as the building blocks of our economies. We have to understand how critical infrastructures interact, where and why their operations and security hinge upon each other, and what risks and inter-dependencies have to be taken into account.

Sim ci Simulating Critical Infrastructures

Igor van Gemert

Patronus - NOAH16 London

NOAH Advisors

Antonio Alvarez Romero (ATOS) is giving an high level overview of WISER project, higlighting its innovative vision, objectives and concrete outputs. Learn about how WISER is making cyber security accessible and affordable, especially for SMEs by breaking down barriers to effective cyber risk management. ICT-intensive SMEs can easily access tools to regularly profile their cyber risks and carry out vulnerability tests to stop attacks before they happen.

Tackling today's cyber security challenges - WISER Services & Solutions

CYBERWISER .eu

Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...

Brian Miller, Solicitor

CRI Retail Cyber Threats

OCTF Industry Engagement

Cyber Threat Overview for Euro IT counsel

OCTF Industry Engagement

This presentation discusses recent trends in cyber surveillance to combat increasing cybercrime, cyberterrorism and the advent of cyberwarfare! We begin by reviewing the convergence of physical & cybersecurity before moving to recent tragic events in urban terrorism, We discuss the ways in which "crowded place" such as stadiums, transport hubs, resorts and malls may be more fully secured against cyberterrorists, We then review trends in advanced AI - artificial intelligence - based video analytics & biometric which are now a key component in business & government cyber toolkit! We provide a short review of cyber sector sector before providing some 7 year cyber trends towards the year 2025. The presentation wraps up with your TOP 3 Actions and a suggested Cyber Shopping List for your Business! Enjoy!

Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!

Dr David Probert

Cyber Security in the Manufacturing Industry: New challenges in the informati...

Ekonomikas ministrija

Demystifying Cybe Insurance to combat Cyber Crime

Lex McKee The Institute of Accelerated Trainng

Similar to BDW17 London - Andy Boura - Thomson Reuters - Does Big Data Have to Mean Big Risks? (18)

Cyber Security & Awareness for Local Councils

Panorays - NOAH18 Tel Aviv

Cyber Security Conference 2017

Cloud Computing: the last step in IT commoditisation

Will Your Business Get Hacked - Peterborough (Apr 28)

Parallel session: security

IUC DWebster 2014-10-3 Final-a

Take Down

Will Your Business Get Hacked - Hull (Apr 28)

Sim ci Simulating Critical Infrastructures

Patronus - NOAH16 London

Tackling today's cyber security challenges - WISER Services & Solutions

Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...

CRI Retail Cyber Threats

Cyber Threat Overview for Euro IT counsel

Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!

Cyber Security in the Manufacturing Industry: New challenges in the informati...

Demystifying Cybe Insurance to combat Cyber Crime

More from Big Data Week

BDW17 London - Edward Kibardin - Mitie PLC - Learning and Topological Data A...

Big Data Week

BDWW17 London - Steve Bradbury, GRSC - Big Data to the Rescue: A Fraud Case S...

Big Data Week

Ten years ago there were rumours of the death of causal inference. Big data was supposed to enable us to rely on purely correlational data to predict and control the world. In this talk, I argue that the rumours were strongly exaggerated. Causal inference is becoming increasingly relevant thanks to improvements in inference methods and–ironically–the availability of data. Far from becoming marginalised, causal inference is today more relevant than it’s ever been.

BDW17 London - Totte Harinen, Uber - Why Big Data Didn’t End Causal Inference

Big Data Week

As far as data is concerned, Pharmaceutical Companies have always been clear-sighted and assertive on what insights to get from it, how, and what to do about it. And then the Big Data Era came in, with its frantic pace, transforming multiple industries all around but, for a number of reasons (privacy and data protection issues on top but not alone) keeping the Pharma Industry behind. How to run the extra mile to keep up with the powerful changes Big Data brings along has become a major concern. Strategic opportunities seem to be around the corner. Is the time to bridge gaps finally here?

BDW17 London - Rita Simoes, Boehringer Ingelheim - Big Data in Pharma: Sittin...

Big Data Week

Hello London, the ground-breaking media partnership between Transport for London (TfL) and Exterion Media, gives new opportunities for brands to talk to the London audience in innovative ways and generates vital revenue for London’s transport network. TfL and Exterion have been working together in the Hello London partnership for a year. Part of the collaboration was around the utilisation of data collected by TfL to better inform advertising investment decisions. This has led to ground-breaking work in the Out-of-Home advertising sector and the first example of this is Taps Segmentation. Developed by the TfL Data Science team, it allows Exterion to understand demographic patterns at stations based on aggregated contactless and Oyster card usage. This de-personalised data can be analysed for different times of the day and is a game changer – allowing Exterion to rethink how both their classic and digital inventory can be packaged and tailored specifically for clients. The presentation will cover how TfL and Exterion have collaborated, the approach used by TfL and how Exterion are using it to generate revenue which is reinvested in the transport network.

BDW17 London - Mick Ridley, Exterion Media & Dale Campbell , TfL - Transformi...

Big Data Week

Data Science is now well established in our businesses, and everyone considers data as a key asset and critical for our competitiveness. However, Data Science is not easy to manage, very often projects failed and the investment made is not seeing as profitable. The aim of this talk is to share the knowledge in different areas: * avoid classical mistakes in Data Science * use the right Big Data technology * apply the right methodology * make the Data Science team more efficient

BDW17 London - Abed Ajraou - First Utility - Putting Data Science in your Bus...

Big Data Week

BDW17 London - Steve Bradbury - GRSC - Making Sense of the Chaos of Data

Big Data Week

BDW17 London - Tom Woolrich, Financial Times - What Does Big Data Mean for th...

Big Data Week

In this session, we’ll look at the key challenges of doing data science at scale – not just the mechanics of processing big data but the things that matter in putting our data to work. Things like how to work on that data in a multi-disciplinary team, how to set up and evaluate experiments and how to move from dev to test and production so those insights can be put to work across the business as needed. I will be showing how we do this at Microsoft, which might sound proprietary but actually is mainly about how we weave open source technologies together – technologies like Spark and Python, and containers.

BDW17 London - Andrew Fryer, Microsoft - Everybody Needs a Bit of Science in ...

Big Data Week

BDW16 London - Alex Bordei, Bigstep - Building Data Labs in the Cloud

Big Data Week

BDW16 London - William Vambenepe, Google - 3rd Generation Data Platform

Big Data Week

We have seen vast improvements to data collection, storage, processing and transport in recent years. An increasing number of networked devices are emitting data and all of us are preparing to handle this wave of valuable data. Have we, as data professionals, been too focused on the technical challenges and analytical results? What about the data quality? Are we confident about it? How can we be sure we are making good decisions? We need to revisit methods of assessing data quality on our modernized data platforms. The quality of our decision making depends on it.

BDW16 London - Scott Krueger, skyscanner - Does More Data Mean Better Decisio...

Big Data Week

BDW16 London - Nondas Sourlas, Bupa - Big Data in Healthcare

Big Data Week

Unsuccessful marketing campaigns are leaving customers disgruntled, making them 40% less likely to return. Companies are casting aside useful data that can provide further insights into better products/better connections with customers. John Callan, VP of Marketing at Boxever will discuss how AI can change how businesses predict trends, reduce risks, and improve efficiency. Audience will: Gain expert-level understanding of data and machine learning that’s used in today’s market Identify successful ways companies use machine learning to target customers with personalized content Learn from major airlines use-cases to skillfully target customers and show them exactly what they want to see.

BDW16 London - John Callan, Boxever - Data and Analytics - The Fuel Your Bran...

Big Data Week

Through the experiences of supporting a Multi-Country roll out using data to drive more effective Network capability, we will explain how we have: Created new internal capability to support local countries, developed skill sets in the country and provided technical infrastucture, algorithms and visualisations to drive the data culture and big data strategies across Telefonica business units. Through this framework, we will explain how to blend technical and business needs to maximise the benefits and drive better business performance.

BDW16 London - John Belchamber, Telefonica - New Data, New Strategies, New Op...

Big Data Week

The Basel Committee on Banking Supervision (BCBS) and local regulators has been focussed on making banks more safe and resilient. A whole raft of new capital charges and constraints on liquidity and leverage have been introduced: Basel II.5, Basel III, Dodd-Frank, FRTB (“Basel IV”), etc. These have significantly increased the risk data management capabilities banks must have—capabilities that only big data tools can provide. This talk will cover the challenges of building a position-aware risk management platform that properly aggregates all intra-day trading activity, monitors exposures and risk. The fast data stack can help banks create such a platform and provide a robust foundation to achieve compliance and, ultimately a significant competitive edge by making efficient use of capital.

BDW16 London - Deenar Toraskar, Think Reactive - Fast Data Key to Efficient C...

Big Data Week

BDW16 London - Jonny Voon, Innovate UK - Smart Cities and the Buzz Word Bingo

Big Data Week

BDW16 London - Marius Boeru, Bigstep - How to Automate Big Data with Ansible

Big Data Week

“At Shazam, we think data can be beautiful and stunningly inspiring. The pictures we paint with our data tell stories about changing culture, tastes, and shared discoveries. A truly great new song can sweep across the globe in a wave of Shazams that transcends politics, language, or religion”, Greg Glanday, Chief Revenue Officer at Shazam. This presentation will offer the audience a few examples of how they can use the data from Shazam to get fantastic insight into the consumers` preferences, and how to take that insight and apply it to a brand. Giving 3 or 4 great examples of what we do at Shazam, anyone in the audience can understand what this data means, really see this data and then be able to leverage it to make smart marketing decisions. Main takeaway: a clear understanding of what Shazam data is and how brands can use it.

BDW16 London - Josh Partridge, Shazam - How Labels, Radio Stations and Brand...

Big Data Week

This presentation will explore data gathering techniques, tools, and analysis processes in the business innovation process. By way of example, the presentation will outline the stages of planning, designing, and delivering behind one of today’s most popular business innovation use cases for IoT – a predictive maintenance system. It will also reveal the different areas in which businesses gain value (and cost savings) by automating the processes of data engineering and data discovery.

BDW16 London - Wael Elrifai, Pentaho - Big Data-Driven Innovatiom

Big Data Week

More from Big Data Week (20)