2017 Big Data and Analytics Surprises — DZone Big Data Zone

5 Ways Big Data can Save or Destroy your Business.

Given how fast technology is changing, we thought it would be interesting to ask IT, executives, to share their thoughts on the biggest surprises in 2017 and their predictions for 2018. Here’s what they told us about the biggest surprises about big data and analytics. We’ll cover predictions for 2018 in a couple of other articles.

  • Get your security act together folks
  • Hadoop, the honeymoons over, time for a divorce
  • Look up at the clouds, it’s raining analytics

via 2017 Big Data and Analytics Surprises — DZone Big Data Zone

Here is what Troy Hunt told Congress about data breaches.

2017-12-05_10-40-12.png

My task is to ensure that the folks at the hearing understand how prevalent breaches are, how broadly they’re distributed and the resultant impact on identity verification via knowledge-based authentication. I’ve had some great suggestions around tackling the root cause of data breaches and I’d love to have another opportunity in the future to talk about that, but it goes beyond the specific focus of this hearing. That said, who knows what I’ll be asked by congressmen and congresswomen on the day and they may well question what can be done to combat the alarming rise in these incidents. I’ve now got a lot of great references on hand to go to should that happen so once again, thank you!

My task is to ensure that the folks at the hearing understand how prevalent breaches are, how broadly they’re distributed and the resultant impact on identity verification via knowledge-based authentication. I’ve had some great suggestions around tackling the root cause of data breaches and I’d love to have another opportunity in the future to talk about that, but it goes beyond the specific focus of this hearing. That said, who knows what I’ll be asked by congressmen and congresswomen on the day and they may well question what can be done to combat the alarming rise in these incidents. I’ve now got a lot of great references on hand to go to should that happen so once again, thank you!

What is life like for people with secure information in the post-breach world?  Identity verification is no longer just a User ID and a password.  This transcript of the State of the Security is a worthwhile read.   Everyone has to up their game if they want to stay secure.

Deputy Attorney General Rosenstein’s “Responsible Encryption” Demand is Bad and He Should Feel Bad

OCTOBER 10, 2017
Deputy Attorney General Rod Rosenstein delivered a speech on Tuesday about what he calls “responsible encryption” today. It misses the mark, by far.
Rosenstein starts with a fallacy, attempting to convince you that encryption is unprecedented:

“Our society has never had a system where evidence of criminal wrongdoing was totally impervious to detection, especially when officers obtain a court-authorized warrant. But that is the world that technology companies are creating.”

Would you give the keys to your house to the government and just expect that they would behave and not ransack your house while doing the “Looking for the terrorist” game?  My secret stuff is just that “Secret”.  I don’t need a reason for it to be secret and I’m not going to justify making it secret.  The government wants the keys to the kingdom to protect us from the criminals.  I use security and encryption to protect myself from the criminals.  I am proactive and don’t need the government to have a backup set of keys to my stuff.

Via: https://www.eff.org/deeplinks/2017/10/deputy-attorney-general-rosensteins-responsible-encryption-demand-bad-and-he

Just when you thought it was good to go outside, Equifax once more.

On Oct.12, security researcher Randy Abrams first publicly posted that he had found a new Equifax risk that was exploiting users. The immediate concern was that Equifax had potentially been breached, yet again.

As it turns out, the vulnerability was not the result of a new breach at Equifax, but rather the result of third party JavaScript code used for website performance tracking. The same issue also allegedly impacted Equifax’s rival TransUnion, according to security firm MalwareBytes.

Well, color me surprised.  Yet another story about the folks who we trust with our credit history.  Not bad enough that they forgot to secure admin passwords now, they help distribute malware.

Right after the “event” where they let someone hijack a ton of user information, people started to log in to the Equifax site to “Freeze” any future credit reports.  The present they got for this was free malware.

via: Equifax, TransUnion Hit by Malicious JavaScript Security Risk