As the use of big data has increased in the enterprise world, increasingly becoming a tool for the government sector, concern for the protection and retention of personal or classified data has been growing as well. Discussions about security and privacy are commonplace in the IT and tech world as businesses look into big data analysis tools and how to leverage large swaths of data to improve operations.
Now, however the conversation around how to ensure that data stays protected and useful looks to have reached new heights, notably because it is tricky to create a framework for dealing with the growing number of devices (endpoints) and the gargantuan amount of data being generated on a daily basis. The mounting consensus is that the groups, businesses, and public entities that create databases capable of handling large amounts of data have a responsibility to protect that data and to implement security measures and technology to do so.
A recent view from the Massachusetts Institute of Technology posits that with increased use of big data must come increasing responsibility on the shoulders of those using it; and that both government and enterprise have a responsibility to protect information such as financial, social, or health-based data about individuals. MIT cited a talk that Federal Trade Commission chairwoman Edith Ramirez gave back in 2013 — arguably when big data was a much-less-talked-about concept, yet still a very real one for tech companies and those in IT. Ramirez pointed out that, if discretion is not used with regards to data collection and usage, the risk for breaches will widen. She said: “The larger the concentration of sensitive personal data, the more attractive a database is to criminals, both inside and outside a firm. The risk of consumer injury increases as the volume and sensitivity of the data grows.”
This notion is almost commonplace now, and somewhat of a no brainer in the sense that with the continued introduction of more and more devices, individual data is increasingly at risk. More endpoints mean more channels through which hackers can access personal information. Earlier this month, research firm the Ponemon Institute found that criminal attacks are up 125% compared to five years ago. A survey conducted by the group found that 45% of healthcare organizations surveyed said the root cause of the data breaches they experienced was a criminal attack. 12% said they were due to malicious insiders. Stefaan Verhulst, co-founder and Chief Research and Development Officer for the Governance Laboratory at NYU echoed MIT’s sentiment for the need for responsibility when it comes to employing big data tools, especially with regard to investigations into cyber breaches. In an interview with Blouin News late last year, Verhulst said that there needs to be an international agreement on and support for investigations into cyber hacks whose origins are known. While the sophistication of some breaches make investigation and origin-determination difficult, it is vital that international coordination become a foundational block of combatting cyber criminal activity.
The bottom line is that security measures need to be put in place now, before even more devices — and more endpoints — hit the market. Will the enterprise world make security a priority before the quintillions of bytes of data generated every day become unmanageable? Will international bodies collaborate to create a framework for dealing with cyber breaches that are growing in severity and number? Perhaps as the notion of “responsibility” becomes more accepted, cooperation across all of these verticals will become a reality.