Cloud Security Alliance gets large on Big Data

Sreeranga Rajan of Fujitsu Laboratories of America, Neel Sundaresan of eBay and Wilco Van Ginkel of Verizon will co-chair the group, representing three companies that are no stranger to the responsibility for protecting massive amounts of data.

The BDWG is primarily devoted to defining best practices for security and privacy in big data. Its other stated goals are lofty as well: “help industry and government on adoption of best practices, establish liaisons with other organizations in order to coordinate the development of big data security and privacy standards and accelerate the adoption of novel research aimed to address security and privacy issues,” it said.

To get its arms around the beast, the group will focus in on six specific themes within which to organize their efforts. These include Big Data-scale crypto, cloud infrastructure, data analytics for security, framework and taxonomy, policy and governance, and privacy.

“Everyday 2.5 quintillion bytes of data are being created, resulting in a myriad number of data security and cloud-computing security concerns,” said Rajan. “By collaborating as a global community of thought leaders and researchers, we are not only looking to help the industry overcome these challenges but also to leverage new opportunities for the monitoring and detection of security threats enabled by Big Data.”

For starters, the group will create an experimental platform of test data sets from different industry verticals such as e-commerce and healthcare. It’s also working on a research report for the fall, which will identify the unique technical and organizational problems that come with addressing big data security and privacy.

From there, additional reports will tackle the issues of establishing security and privacy test beds to help strengthen security and privacy of Big Data cloud platforms, specific actionable information for Big Data security and privacy, and creating standards for Big Data security and privacy best practices.

The CSA has been busy this week, also announcing a three-tier certification initiative to provide end users with greater trust in the security measures employed by web-based and cloud application providers, along with a reduction in risk, improvement in incident recovery time and overall good information governance for the providers themselves.

“The rise of cloud as a global compute utility creates a mandate to better harmonize compliance concerns,” said Daniele Catteddu, managing director for EMEA at the CSA. “A key challenge the cloud industry faces is reassuring its customers that the service they provide is not only secure but can recover from any incidents with minimal disruption.”

What’s hot on Infosecurity Magazine?