“Big Data” appears to be a recurring theme of 2012. Companies are retaining more and more data in an effort to find the competitive edge. Much like the AETV show “Hoarders”, companies are simply retaining all of their data and refusing to delete the information for fear that it may “possibly be needed one day”. As stated by Forrester analyst John Kindervag: “If I'm a hacker of Anonymous, or part of an APT group, I'm really excited about the Big Data concept. This is like Christmas to me. I don't have to steal something from each individual store. I can steal the presents under the tree.” While the data may prove valuable to companies, data security using conventional network layer controls is proving less than sufficient to protect the hoards of data. Companies no longer rely upon discrete data stores such as data bases and file servers. Instead, companies are retaining unstructured data in a variety of places within the network. Unfortunately, this renders traditional database encryption less than effective. With Big Data, companies should take a data-centric approach to security in which file encryption and robust access controls are used to render the data inaccessible to the cyber-criminals. The fact remains that companies are collecting more and more valuable data, making themselves more and more attractive targets for cyber-thieves. The question remains, however, as to whether or not our data security controls and risk management strategies can keep pace, or whether we will be crushed under the weight of our own data.