The document discusses some of the risks associated with big data, including the risk of data breaches getting more costly as data volumes and repositories increase. It notes that smaller breaches involving 10,000 to 100,000 records on average cost hundreds per record, while mega-breaches of millions of records can cost billions and be in the range of pounds per record. The main sources of risk are identified as user error, system glitches, and attacks, with malicious attacks being the costliest. It provides some recommendations around applying security controls like access management and automation while also considering dependencies and maintaining good data hygiene.
2. Sensitivity: Confidential
IMPACT
Smaller breaches 10K-100K records average £100s per record
Mega-breaches run to £100Ms and cost ~£s per record
• Direct breach costs
• Lost revenue
• Lost Trade Secrets and IP
• Information security investment
• PR campaign
• Regulators
• Lost Productivity
https://andy.boura.uk
Flickr | Pictures of Money - Money
~$4m is average cost of a breach. $1.9m < 10K to $6.3m > 50K ~60% direct costs, ~40% indirect (up to 100000)
Average cost per record - $140, rising to $350 in healthcare – up to 100,00 records – not exactly big data. Good news though – you get a volume discount. Breaches of millions of records
https://www.flickr.com/photos/pictures-of-money/17121929770/in/photolist-s61ncG-cNdyo-skhAfL-JCQG88-s688Fi-smQwn4-rqLAHi-s684tk-snxbdk-pYSVGy-bu6sBd-chEejy-RZPtuc-TeFkrq-R4zbHm-9grKKd-bf3Nge-bta55K-Kteq7f-biaJ4v-aFAw2z-8bxBU1-V24cx8-aFAhaM-JNRJeH-pUuKJ3-6FQQF-LwWF6i-8F5t1j-gR1id8-5o2WfU-aFDhnt-68zxij-U3cW4S-geqQex-3DhPU-LMin53-bf3TAn-7aa8Nc-5GFbYD-8z3DAL-fLeFcX-68vjKV-cPAAf7-aFAKZi-brcZGM-7VePHh-NsrnZ-5qW8AF-9smtTG
I prefer to call it a failure of process, defence-in-depth, and assurance
These are usually human error – only in administration rather than data handling
Yahoo breach now believed to impact 3b records
Well known vulnerabilities
An intriguing case of Insraeli hackers hacking Kaspersky, and finding Russian hackers hacking NSA hackers and lifting hacking tools they were using to hack…