How to Prime Your Data Lake

How to Prime Your Data Lake

A security data lake, a data repository of everything you need to analyze and get analyzed sounds wonderful. But priming that lake, and stocking it with the data you want to get the insights you need is a more difficult task than it seems.

Check out this post for the discussion that is the basis of our conversation on this week’s episode is co-hosted by me, David Spark , the producer of CISO Series , and Geoff Belknap , CISO, LinkedIn . We are joined by our sponsored guest, Matthew Tharp , head of field engineering, DataBee, from Comcast Technology Solutions

Data lakes aren’t just about storage

There are answers in your data. “Think about what problem you are trying to solve, start with the end in mind and work backward from there," said Yaron Levi , CISO at Dolby Laboratories . Without that intentionality, a data lake doesn’t solve a problem. For Rodrigo Carvalho of Itaú Unibanco , this risks repeating the same mistakes of the past, saying, "We will continue to struggle with data lake the same way we do with unarchitected and unmanaged file servers.”

Standardizing data lakes is a market opportunity

While there is a lot of interest and increasing adoption of data lakes across enterprises, we haven’t hit the point of full standardization yet. The industry sees the value in data lakes, but solutions are still piecemeal. "We need to look at making OCSF (open cybersecurity schema framework) a more prevalent standard. Similar to .mp3 being a highly portable open standard format," said Shawn M Bowen , CISO of World Kinect . This is a non-trivial challenge, but one that could see a steep reward. According to Chance D. , "The first organization to solve this elegantly is going to 10x their market cap."

Focus on solving problems

It isn’t enough to simply have data in your data lake, it’s about what problems they can solve for your organization. Data ingestion for its own sake isn’t valuable. "What customer problem are you trying to solve? And how can you make it both dead simple to use AND highly effective," asked William Hall of UNC Health . If you don’t start with this foundation, getting utility from that data will be difficult. Matt Eberhart of Query said, “Many teams can point to the data, but struggle to do anything valuable with it.” Defense in Depth co-host Steve Zalewski came up with a simple rubric for evaluating it: “Only actionable results should be generated from your lake.”

Start thinking about the risks with data lakes now

As a massive data repository, data lakes can provide a lot of value, but also can present a lot of risk. This can come from threat actors but also risk in making sure you’re meeting compliance obligations. Handling sensitive data needs to be baked in from ingest in your data lake. “If the data lake contained personally identifiable information, we’d pseudonymize the sensitive data to add protection directly to the data that follows it even if it were to leak," said Nathan V. of Protegrity

Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.

Thanks to our sponsor DataBee, from Comcast Technology Solutions .

Huge thanks to our sponsor, DataBee, from Comcast Technology Solutions

Cyber Security Headlines - Week in Review

Make sure you register on YouTube to join the LIVE "Week In Review" this Friday for Cyber Security Headlines with CISO Series reporter Richard Stroffolino . We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be Davi Ottenheimer, vp, digital trust and ethics, Inrupt. Thanks to our sponsor, Conveyor .

Thanks to our Cyber Security Headlines sponsor, Conveyor

Jump in on these conversations

"The great CISO resignation: Why security leaders are quitting in droves" (More here)

"Is my internship project dumb?" (More here)

"Overwhelming to manage Alerts from 10+ different security tools" (More here)

Become a Contestant On Capture The CISO, Season 2

We are VERY excited to bring back our show Capture the CISO on CISO Series for a second season. But, to do so, we need COMPETITORS! In a nutshell, Capture the CISO is an opportunity for CISOs to interview vendors about their products. And everyone gets a chance to listen in.

CISOs interview three security vendors about their products. They know a little bit about all since they already watched a six-minute demo of each product. All three company products are rated across the variables of innovation, does it fill a need, and can I deploy it? Winners go to the next round.

If you haven’t had a chance to hear it, give a listen to our first mini season.

This show gives our audience an inside ear into the conversations happening between CISOs and vendors.

NOTE: All contestants are sponsors. But you only sponsor once. If you keep winning each round, vendors move on and get even more exposure to our CISO judges and our audience. We’re thrilled to bring back this unique show, and we want you to join us for the ride.

Watch this video as I interview Rich Stroffolino, the new host of Capture the CISO.

If you want to sponsor the show to be a contestant, please contact us.

Creating a Communication Framework

Sponsored content.

Communicating security issues to non-technical executives can create a surprising amount of work. David Roth , CRO, Trend Micro , talked with David Spark about how Trend Vision One creates a framework to standardize this communication. It does this by taking typical endpoint security data and cross-contextualize it with other sources, like email, cloud, and third-party integrations.

By establishing these different layers and how they interact, Vision One creates a numeric score that's understandable to a non-technical person. This allows CISOs to show the value of addressing different security risks by how it will impact this score, making budgeting and strategy discussion much easier.

Watch the video!

Thanks to Trend Micro for sponsoring.

Huge thanks to our sponsor, Trend Micro

Join us Friday [09-29-23] for "Hacking Bosses"

Please join us on Friday, September 29, 2023 for Super Cyber Friday.Our topic of discussion will be “Hacking Bosses: An hour of critical thinking about how to manage conflict and engage with higher ups to advance your career.”Joining David Spark, producer of CISO Series for this discussion will be:

  • Rusty Waldron , chief business security officer, ADP
  • A special guest (that means we’re still in booking mode)

It's happening at 1 PM ET/10 AM PT. Please join us! And we'll have our meetup afterwards.

REGISTER

Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.



To view or add a comment, sign in

More articles by David Spark

Insights from the community

Others also viewed

Explore topics