I was recently invited by our South Korea sales team to visit them and present at a Big Data conference in Busan. First off I was glad to see S. Korea embracing or at least tipping their toes in new generation technologies and gladly accepted the invitation. I want to share my perceptions from the trip and I will start first with economic factors. South Korea is a beautiful, clean country with a strong work ethic and an impressive 3.4% forecasted GDP growth for 2014. However, the reality is that the country seemed to be teetering on the edge of deflation, with flat to no spending in enterprise, government and consumer segments. Most folks I spoke with were optimistic about better outlook for IT budgets and spending in general for 2015. Now on to the business of Big Data.
The Big Data conference was the first of its kind, organized by an organization called BEXCO. It was a daylong conference with about 1000 attendees from Government, Academia and commercial enterprises. I participated in the first session on “Creating Business Value with Big Data”. My fellow speakers were from SAP, CISCO and IBM. I was glad to stand alongside them and present why data security is important for driving business value and how the need for data security are amplified in Big Data repositories. My fellow speakers spoke about HANA and real time analytics, Internet of Things and how it contributes to the velocity and volume of data being generated and machine intelligence to harness the value from uncorrelated data sets. I would say these were a range of very important albeit diverse set of topics that will be transformational in impacting our society, privacy and economy. South Korean companies seem to be in the exploratory phase of evaluating the Big Data technologies, especially HADOOP and SAP HANA. The government even set up an initiative/blueprint called “The Hub of National Big Data – Korea Big Data Center” sponsored by the ministry of science’s National Information Society Agency. I was particularly struck by their tag line “Achieving Creative Economy and Citizen Happiness through Big Data”.
In contrast, the enterprise IT infrastructure seems to be steeped in the very old guard, HP-UX is a dominant server operating system, even though end of support has been announced for the HP-9000 (2020) and HP Integrity servers (2022) as well as a shrinking global market share (with Unix due to drop to 9% of the server market by 2017, and HP UX with only 18.6% of existing market share today). It’s a known fact that international customers (especially in non-English speaking markets) tend to stick with their existing platforms long after their counterparts elsewhere have moved on to new implementations, just as we’re seeing here with Korea. This creates a host of other problems in a world where hackers are enabled with malware source code that can easily be ported to whatever environment is needed, and given a growing wave of attacks using these tools for financial gain and nation state objectives.
The problems fall into two classes. The first is that security controls and solution sets won’t be built for aging, low market share infrastructure systems. The kinds of tools that let organizations block attackers on the systems or use predictive analytics to identify attacks in progress simply won’t be created for these older platforms. Vendors will find that the return on investment simply isn’t there and bypass older platforms. The second is the level of support given to aging OS platforms by the vendor. Performance enhancements won’t be available, problems that might be quickly identified and fixed in a modern OS, won’t be identified as soon (leaving holes open longer for hackers), and even with the best of intentions security updates will take longer to implement when a product is in the end-of-life process. One example, the heartbleed bug was discovered April 1 of this year, Red Hat provided fixes for Enterprise Linux by April 15th, but the patch for heartbleed on HP UX didn’t appear until June 6th.
This combination of accelerating threats where predators are trolling for vulnerable systems that lack of the security controls required to offset these threats, and the extended vulnerability time resulting from security patching lags is a bad combination. Last year South Korea suffered an extended internet shutdown – reportedly due to nation state attackers in North Korea. I have to think that this was part of the problem.
Lagging adoption of new technologies (like Big Data) also puts them behind the curve in being able to make use of the huge influx of data coming off of data collection platforms for ERP, IOT, Retail and Web customer behavior. It leaves their larger industries vulnerable to falling behind in global markets. As well, they can’t benefit from using Big Data environments for the analytics needed to enhance their data security.
I was extremely impressed with the accomplishments, people and energy I encountered in South Korea. The country is a global leader in smartphone technologies, automobiles and shipbuilding as well as boasting one of the most wired cultures on the planet. But I feel quite strongly that there needs to be a change in attitudes towards IT and security spending to both protect critical infrastructure as well as to keep organizations competitive in global markets.