Key challenges, trust, privacy, general security. Can we trust the people and the information we're seeing? How do we keep our information secure and private? How do we give access to certain people, block access to others? How do we generally secure and keep that security up and running, and ultimately over time apply it? You have to think about policies, procedures, all the things we've talked about. But accessing large volumes of data, aggregating them, putting them together in one place, this can be a challenge because now all of a sudden, we've taken a lot of individual things, put them into one container and said to everybody, "This is where they are, all the good stuff is here. All you got to do is come and see it and get it." But then the bad actors know where to come and see it and get it as well, and this obviously can lead to a bit of a challenge for us. Securing our Big Data is something we have to take very seriously. As SSEP, it's going to be your responsibility ultimately, your focal point, one of them anyway, to be in charge of this kind of information and manage it and secure it. You have to safeguard and ensure confidentiality. You have to monitor it, ensure integrity. You have to maintain it, ensure availability. These are things you have to think about. Identify owners for the outputs of the Big Data process, as well as the raw data itself is important. Who owns the raw data is different from who owns the analyzed and aggregated feed, around what that data means and interprets, it's two very different people probably. They may share common elements, but they also may be different. And as a result of that, we have to understand and identify who they are so we can then appropriately respond, and not only ensure access is granted, but also that access is denied for the people who don't belong seeing it. Data ownership will be distinct from information ownership in other words, and this is very important. Data ownership is owning the raw data. Information ownership's about owning the information we derive from it through analysis. This is two very different approaches. How we then ultimately take Big Data, deploy it to our best hands and through our use, ultimately make it a tool for managing and implementing security, is something we really have to think long and hard about. It's easy to put one of these systems in place. It's hard to figure out how to use it effectively. And as an SSEP, you have to ponder this question along with the stakeholders in the business, and obviously figure out how to create relevancy there and create value. But just saying, we've got a Big Data analytical system, is not the same thing as saying, we've got the ability to deeply inspect and analyze our data streams and report on what we find there, so we can make sure that the business understands all the threats and concerns that we should be addressing. And deploying Big Data for security, it's about making sure that we can do the latter and not be in any way overwhelmed by the former, which means we don't want to say, we have a big system but we don't know what to do with it. We want to be able to ultimately say, we have a system that is fine tuned, that has been crafted specifically to allow us to maximize our advantage, by understanding and consuming our data in ways that make sense to us. So, to wrap up our conversations in this area, I want to make sure you think about the challenges that lay ahead of you both certainly in preparation for the exam, but also more broadly out beyond the exam, not just in the classroom, but in the real world, in an area like this and this topic in particular. This is a broad ranging conversation, one that doesn't necessarily have easy answers, one that doesn't necessarily have a button you push or a policy you implement to fix something. It's not a linear progression, I have this issue, I take this process, I applied it here, I get this outcome. This is thinking about the strategies of security, and strategize and being strategic is sometimes very exciting, but the cost is very challenging. And so, as you think about what Big Data may mean in your organization and your organization asks you to participate in that dialogue out beyond the classroom in the real world, take the time, think about the responsibilities you're looking to take on, think about the things, the tools can do for you, think about the requirements the business has, think about how you as a certified security practitioner are going to make good recommendations and use the knowledge you have to be able to guide the business, to do the things it needs to do to be successful. This is going to be the hallmark, the measurement, the quantitative value that you're striving for, the metric that shows that you are successful. Both in gaining your certification, clearly very important, but then validating those skills out beyond the certification, because that's what we do every day. Once we get certified as SSEPs, we've got to go back and actually do the things that we showed we can answer questions and understood how to do in the exam, to prove that we're that good and to prove our value to the organization. And applying these skills especially in a complex area like Big Data and Big Data security management, is going to offer your business and you tremendous opportunity to validate your skills and benefit from that. So take on the challenge, study, go back review, make sure you know what we're going to do here and in all the areas we've been talking about. As soon as you're comfortable with that, take the test, be successful there, I'm sure you're going to be. Move out beyond that, go back to the real world. And along the way, learn from the things you've done, apply that knowledge to become more successful. And continue to not only push forward and groom yourself to ultimately move on to bigger and better things, gain new certifications, go through more training, understand more systems, manage more effectively, but use the knowledge you already have in ways that help you to secure the business. And ultimately drive to be successful by aligning the business and the things you do with the security requirements and stipulations the businesses set are going to be valuable. Stakeholders in other words, are going to be very, very impactful in what we do. And the SSEP that's knowledgeable, that has good security knowledge, has to pair that knowledge with knowledge of what the stakeholders in the business say is important. And then find solutions and bring those solutions to the table, that match those two together and add value. And this is ultimately what we want to be able to do. As soon as you're done reviewing here, come back and join me. We'll engage in our last conversation in this section, and then we'll think about getting ready to wrap up. I look forward to seeing you back here in just couple of minutes.
