One Big Risk With Big Data: Format Lock-In

One Big Risk With Big Data: Format Lock-In

Insider threat programs and other long-term Big Data projects demand users take a longer view than is necessary with most technologies.

If the rapid development of new technologies over the past three decades has taught us anything, it’s that each successive new technology will undoubtedly be replaced by another. Vinyl records gave way to cassettes and then compact discs and MP3 files; VHS tapes gave way to DVD and video streaming.

Saving and using large databases present similar challenges. As agencies retain security data to track behavior patterns over years and even decades, ensuring the information remains accessible for future audit and forensic investigations is critical. Today, agency requirements call for saving system logs for a minimum of five years. But there’s no magic to that timeframe, which is arguably not long enough.

The records of many notorious trusted insiders who later went rogue – from Aldrich Ames at the CIA to Robert Hansen at the FBI to Harold T. Martin III at NSA suggest the first indications of trouble began a decade or longer before they were caught. It stands to reason, then, that longer-term tracking should make it harder for moles to remain undetected.

But how can agencies ensure data saved today will still be readable in 20 or 30 years? The answer is in normalizing data and standardizing the way data is saved.

“This is actually going on now where you have to convert your ArcSight databases into Elastic,” says David Sarmanian, an enterprise architect with General Dynamics Information Technology (GDIT). The company helps manage a variety of programs involving large, longitudinal databases for government customers. “There is a process here of taking all the old data – where we have data that is seven years old – and converting that into a new format for Elastic.”

Java Script Object Notation (JSON) is an open source standard for data interchange favored by many integrators and vendors. As a lightweight data-interchange format, it is easy for humans to read and write and also easy for machines to parse and generate. Non-proprietary and widely used, it is common in both web application development, java programming and in the popular Elasticsearch search engine.

To convert data to JSON for one customer, GDIT’s Sarmanian says, “We had to write a special script that did that conversion.”  Converting to a common, widely used standard helps ensure data will be accessible in the future, but history suggests that any format used today is likely to change in the future – as will file storage. Whether in an on-premises data center or in the cloud, agencies need to be concerned about how best to ensure long-term access to the data years or decades from now.

“If you put it in the cloud now, what happens in the future if you want to change? How do you get it out if you want to go from Amazon to Microsoft Azure – or the other way – 15 years from now? There could be something better than Hadoop or Google, but the cost could be prohibitive,” says Sarmanian.

JSON emerged as a favored standard, supported by a diverse range of vendors from Amazon Web Services to Elastic and IBM to Oracle, along with the Elasticsearch search engine. In a world where technologies and businesses can come and go rapidly, its wide use is reassuring to government customers with a long-range outlook.

“Elasticsearch is open source,” says Michael Paquette, director of products for security markets with Elastic, developer of the Elasticsearch distributed search and analytical engine. “Therefore, you can have it forever. If Elasticsearch ever stopped being used, you can keep an old copy of it and access data forever. If you choose to use encryption, then you take on the obligation of managing the keys that go with that encryption and decryption.”

In time, some new format may be favored, necessitating a conversion similar to what Sarmanian is doing today to help their customer convert to JSON. Conversion itself will have a cost, of course. But by using an open source standard today, it’s far less likely that you’ll need custom code to make that conversion tomorrow.

Related Articles

GDIT Recruitment 600×300
Tom Temin 250×250
GM 250×250
GovExec Newsletter 250×250
Cyber Resilience Workshop 250×250
Cyber Education, Research, and Training Symposium 250×250
December Breakfast 250×250

Upcoming Events

Vago 250×250
USNI News: 250×250
Nextgov Newsletter 250×250
GDIT Recruitment 250×250
NPR Morning Edition 250×250
Mobile Tech Summit 250×250
Winter Gala 250×250
AFCEA Bethesda’s Health IT Day 2018 250×250
New Framework Defines Cyber Security Workforce Needs

New Framework Defines Cyber Security Workforce Needs

Both the federal government and its contractors are locked in a battle for talent with commercial providers, each vying for the best personnel in critical areas of cybersecurity, and each dealing with a shortage of available talent.

Both would benefit from targeted investment in education and increased standardization to define the skills and knowledge required for different kinds of jobs – and now the National Institute for Standards and Technology (NIST) has taken a big step to help make that happen.

NIST published a framework for the future cybersecurity workforce this week, Special Publication 800-181, the culmination of years of effort under the National Initiative for Cybersecurity Education (NICE).

The framework defines “a common, consistent lexicon to describe cybersecurity work by category, specialty area, and work role,” and details the necessary knowledge, skills and abilities (KSAs) and tasks performed by individuals in each kind of job. The framework defines cyber operations jobs in seven operational categories and 32 job specialties.

The aim is that everyone – employers, educators, trainers and cyber professionals will be able to leverage that common language into a better understanding of the existing workforce and the knowledge gaps that need to be filled.

“Building the future workforce is a priority for all of us,” said Stan Tyliszczak, vice president and chief engineer at General Dynamics Information Technology, a systems integrator in Fairfax, Va. “Government, industry and academia all share in this problem. Having a common language we can use to understand each other will help employers explain their requirements and help educators deliver on those needs.”

It’s been a long time coming. A 2015 report on the cyber workforce – Increasing the Effectiveness of the Federal Role in Cybersecurity Education – concluded the government needed to make a host of changes to assure access to a skilled cyber workforce, said David Wennergren, until recently senior vice president for technology at the Professional Services Council, former assistant deputy chief management officer at the Defense Department and a one-time chief information officer for the Navy. Wennergren led the investigation.

The report examined two government-funded programs – the National Centers of Academic Excellence in Information Assurance/Cyber Defense (CAEs), funded by the National Security Agency (NSA) and the Department of Homeland Security (DHS); and the CyberCorps Scholarship for Service (SFS) program managed by the National Science Foundation (NSF) – and concluded they each needed:

  • More hands-on education. “We have to get people in the labs actually using tools and demonstrating proficiencies, not just doing text-book type work,” said Wennergren.
  • The government needs to ensure “we are delivering students who are competent and can to do the jobs without additional training to organizations,” Wennergren said.
  • Focus on the entire public sector – federal, state, local, tribal and territorial governments.
  • Expand programs to include qualified two-year degrees at community colleges. Not all cybersecurity jobs require a four-year degree and military members who have both technical training and practical experience may already have the skills needed to perform critical cyber functions in non-military settings.
  • The entire federal sector needs cyber skills, not just defense and intelligence agencies. The CAE program should embrace the entire federal sector.

Two bills now working their way through Congress build on some of those concepts, particularly the potential for two-year degrees as a means of lowering barriers to entry to this critical part of the workforce.

The Department of Defense Cyber Scholarship Program Act of 2017, a bipartisan bill co-sponsored by Sen. Mike Rounds (R-S.D.), chairman of the Senate Armed Services’ Committee Subcommittee on Cybersecurity, and Sen. Tim Kaine (D-Va.), seeks to provide $10 million in scholarship funds, at least $500,000 of that to fund two-year degree-level programs.

A second bipartisan measure, the Cyber Scholarship Opportunities Act of 2017, co-sponsored by Kaine, Sen. Roger Wicker (R-Miss.), Sen. Patty Murray (D-Wash.), and Sen. David Perdue (R-Ga.), would amend the Cybersecurity Enhancement Act of 2014 by setting aside at least 5 percent of federal cyber scholarship-for-service funds for two-year degree programs, either for military veterans, students pursuing careers in cybersecurity via associates’ degrees in that discipline or students who already have bachelors’ degrees.

Although the Wennergren report’s recommendations focused on federal programs, the concepts apply equally to federal contractors, Wennergren said.

“Clearly both industry and government would benefit from improvements in how cyber is taught in academic institutions [and] how we measure the successful development and placement of students,” he said, adding both will also benefit from the wide adoption of the NICE workforce standards in which government, academia, and the private sector collaborated.

Workforce Shortfall By the Numbers
According to Cyberseek.org, a joint project of NICE, Burning Glass Technologies and CompTIA, there are more than 299,000 cybersecurity job vacancies in the United States today, representing about 28 percent of all U.S. cyber jobs. For some of those jobs, there are as many openings – or more – as there are certified, qualified candidates to fill them – even though such people are almost all employed. For example, there are 69,549 individuals who have earned Certified Information Systems Security Professionals (CISSP) status. But there are 76,336 openings for people with CISSPs.

The most common cyber certification is CompTIA Security+, with more than 167,000 people holding that certification. But there are still more than 33,000 openings for such people, meaning a significant shortage remains.

Rodney Peterson, NIST’s director for NICE, called the cyber workforce the “key enabler” of the future of the nation’s cyber security in a recent interview with Federal News Radio’s Tom Temin.

“We’re clearly building momentum to promote and energize a robust and integrated ecosystem of cybersecurity education, training and workforce development,” he said on Temin’s Federal Drive program. “I think it’s that momentum that both allows us to create a community across both the public and private sector.  That NICE workforce framework really provides a common way to think about cybersecurity work, a taxonomy, a reference tool that can really help align our diverse and complex community together toward a common vision.”

Related Articles

GDIT Recruitment 600×300
Tom Temin 250×250
GM 250×250
GovExec Newsletter 250×250
Cyber Resilience Workshop 250×250
Cyber Education, Research, and Training Symposium 250×250
December Breakfast 250×250

Upcoming Events

Vago 250×250
USNI News: 250×250
Nextgov Newsletter 250×250
GDIT Recruitment 250×250
NPR Morning Edition 250×250
Mobile Tech Summit 250×250
Winter Gala 250×250
AFCEA Bethesda’s Health IT Day 2018 250×250