You can't go through the day without reading something about Big Data. There are full page advertisements in newspapers, conferences devoted to the subject, and an array of new or rebadged products emerging every week.
Whether it's deployed for business purposes, IT operations or security monitoring, Big Data presents new security problems. Breaches are bigger. Usage is broader. And there are privacy concerns. These issues are not adequately addressed by existing corporate policies, so it's important for CISOs to start looking at fresh controls.
This week's Qualys CSO Interchange pulled together several dozen CISOs to debate the various issues. It's the start of a dialogue that needs to be led by users, rather than vendors, standards bodies or government authorities.
What conclusions were reached? The main one for me was the need for a voluntary Code of Practice for Big Data use. Better to try and get things under control rather than wait for governments and regulators to lay down the rules.
Who could write such a Code? CSO Interchange is as qualified as anyone else, so we've decided to have a stab. Watch this space for further developments.