Overview of the Case Study and Diagram for ENISA Big Data Security Infrastructure
The following report is all about risk analysis and security is vital for the firm to implement proper operation and integration of workflow for development of the system. Development of the given project will ultimately help in development of operation and applying proper methods for analyzing the risk associated with given firm. Operational analysis emphasizes on checking various risks of organization. The report is all about European union Agency and information security is nothing but a network center and security of information experts for private sector and various European citizen. ENISA works with the following sectors and aims in providing advice for good practice in information security.
In this report ENISA emphasizes on various threats to Big data technology which plays a key role in various parts like health, food security, climate and various sources of energy. Big data technology has a high level of replication in data storage portion and frequent outsourcing of Big Data technology often leads to breach, leakage and others threats which are specific to this big data technology. Additional information created by Big data can increase the effect of data leaks and various breaches.
The report is all about European union Agency and information security is nothing but a center of network and security of information for private sector and various European citizen. ENISA works with the following sectors and aims in providing advice for good practice in information security. In this report ENISA emphasizes on various threats to Big data technology which plays a key role in various parts like health, food security, climate and various sources of energy (Bartsch & Frey, 2017). Big Data is more often useful for collecting data for various algorithms, technology and various system (Bendiek,2015). There are mainly source of big data that is mobile communication device and networks and various web based application. Since the use of big data technology has increased a lot in the last few years with different adaptation for proper adaptation. Big data technology can help in increasing the productivity and provides better decision making in various organization (Bastl, Mareš, & Tvrdá, 2015). It can be expected that it can have all the data with application in various domains like science, business and military. On the contrary Big data technology has a various number of risk. Different Big data system are becoming more prone to attacks caused by hackers and threat agents.
Identifying the Most Significant Threat from Top Threats
Big data technology has a high level of replication in data storage portion and frequent outsourcing of Big Data technology often leads to breach, leakage and others threats which are specific to this big data technology (Catteddu & Hogben, 2015). Additional information created by Big data can increase the effect of data leaks and various breaches (Christou, 2017). Interest of various big data owners like data owners, data transformers, computation and storage in the big data area may lead to some conflict which ultimately leads to the creation of complex ecosystem where various security measures should be carefully planned and executed (Eininger, Skopik & Fiedler, 2015).
In this report a set of recommendation for big data threats has been provided like to change the method of approach of data for proper approach to Big-Data solution, checking the needs for present standards and planning the definition of given standard, it also focuses on training of various professional working for the organization, defining proper tools for the security and privacy protection of Big data in different environment, clearly judging various assets of Big data and providing solution to overcome various threats and risks.
KNOX can be used to provide important information about the specific ways and protection of data sources from the time it is added (Exchange, 2016). Ranger can be considered to be authorized system which manly aims in blocking the access of user to the big data system (Hänisch & Rogge, 2017). User has to send a request to Ranger before getting an authentication entry into the system. Encryption is the best way of protection of data from unknown or unauthenticated source (Jentzsch, 2016). Data is mainly modified using cryptographic technique do that it becomes wasteful for others. Firewall can be considered to be the best method for protection from various network issues. Wireless devices lead to formation proper preventive information issues.
Figure 1: ENISA Big Data security infrastructure diagram
(Source: Created by the author )
Threat agent can be someone or something with proper capabilities with clear intention of manipulating a record form past activities. For Big data owners it is very important for keeping a track of the emerging threats (Kleineidam et al., 2017). Various threats of ENISA big data technology are accidental threats, deliberate threats, threats of technology, organization threat, legal threats. This threats will ultimately result in the improvisation of ENISA.
Accidental threat are threats which results in damage of records, leakage of data through various application, losing of storage devices, loss of important information, loss of information form cloud, damage due to penetration testing, improper design and planning of threat, changing data by mistake, undependable way of information and various errors cause by human.
Key Threat Agents and Ways to Minimize their Impact
Deliberate threats are mainly caused due to problems form network traffic, server issues, interception of information, driving of wars, hijacking of sessions. Legal threat comprises of avoidance of regulation, failure to satisfy the requirements, misuse of data containing personal information.
Threat of Technology abuse are leakage of information, problems with social engineering, surplus codes, failure in business, service denial, targeted attacks, improper use of tools, data breach, improper use of audit tools, manipulation of various hardware and software. Organization threats mainly include various shortage of IT skills.
Threat of Technology abuse is the main critical threat during the implementation of Big data technology for the upgradation of proper control techniques (Kubicek & Diederich, 2015). Threat of technology are mainly leaks of information, social engineering, malicious code, failure of various business process, service of denial, data breach. Threat of Technology is considered to be important threat because major problem in adding of various operations. The abuse of technology is mainly done for affecting the organization, various problems in integration of operations. Information leakage can have led to problem of loss of sensitive and important information from the database which can be misused for personal reasons.
Threat agents in the following case study is someone or something with proper capabilities and having clear intention in manipulating a threat and record from past (Lanfer, 2017). The big data asset owner must be important to be aware of the emerging threats from different threat agent group. The key threats agents are cyber criminals, insiders, nation-state, hacktivist, cyber fights, cyber terrorist, script kiddies.
Cyber criminals are considered to be most effective group which records to around two third of various cases that occur in cybercrimes (Reuter, 2015). The group of cybercrimes has changed a lot in the last few years. It has progressed and grown in the last few years. Cybercrimes are famous in e Health and banking sectors.
Insiders attack the cyber space intentionally in some cases and unintentionally in some cases. Intention, error and negligence are the main three types of attacks that are mainly performed by insider of a company. Inside threat mainly attacks the employees or executive manager of a firm.
Nation state and corporation are together known as cyber spines the military organizations and various agency of intelligence (Witt & Freudenberg, 2016). The differentiation between cyber combating and cyber spying are not clear till now because of the lack of maturity of cyber capabilities.
Improving the ETL Process
Hacktivists have emerged in the year of 2016 and they protest it for discrimination, corruption, problems of health, help form minorities, various environmental policies. Olympic games and tournament of football are considered to be active example of hacktivist.
Cyber fights are of aggressive and high capability persons and group lies in grey zone for ideological values. All over the globe this type of threat is spread uniformly.
Cyber terrorist emphasizes on cyber security and is moving to cyber terrorism as per the international agreement with different reports of media against the ISIS. Such attacks are not generally categorized for different cyber-attacks (Weber & Weber, 2015). The main room for cyber terrorist are hijacking social media and hacking.
Script kiddies are known to be type of attackers are known as copy cats or simple attack. These type of attack has mainly low intention and low capability which is used for hacking practices. Script kiddies uses different tools which are available and attack methods to become dangerous.
To reduce the effect of attack on systems defenders have found out some solution and have been improvised for adjusting with the different hackers.
Various agencies intend to defend cyber-attacks from all round the globe and proper infrastructure is needed for it. No statistical proofs of hackers are made from this cybercriminal.
Cybercrime has been capitalized because due increased records at every time. Monetization has helped a lot in turning over the cyber activities due to some trend.
ETL stands for ENISA threat landscape group is nothing but a collection of threats and various process and extensive research (Schneider, 2017). ENISA has faced a number of performance issue due to database problem and it will ultimately help in development of slackness operation for various firms. The process of ETL can be improvised by following practices
Reducing data usage: The technique of batch will be exhausted by considerable amount of memory storage by taking huge amount of data for its operation. Extraction of minimum data will be help in improvisation of the performance of data operation.
Avoidance of row-by-row lookup: ETL process emphasizes on the use of row by row lookup for performing various data operation, when it comes bulk loading this process can be considered to be time consuming and slower process (Schaumüller-Bichl, & Kolberger, 2016). ETL bulk loading process is very helpful for checking very huge amount of data when it comes to operation of data.
Assessing the Current State of IT Security for ENISA
The IT security of ENISA is used for the upgradation of various operations of the company and protection of structure of big data different threats of security. Security of information technology is helpful against the protection of present data and information from various threats and factors of risk (Silva, Rocha & Guimaraes, 2016). Important security in ENISA are KNOX, Ranger, Firewall and Encryption. The above mentioned parameters has been setup at a proper layer of Big data structure for ENISA (Unger, 2014).
The present system structure of ENISA is very simple and it has the privacy of data containing important information for the upgradation of existing techniques. Encryption, KNOX, firewall and ranger can be considered to be helpful in protection of various layers of Big data. The implementation of IDS/ IPS can be helpful in protection of network filtration by detecting and checking the access to ENISA database (Stupka, Horák, & Husák, 2017).
Conclusion
From the above discussion it can be stated that the use of Big data technology has led to some problem and threats of various information that is processing in an organization. The main part of the information processing that uses big data technology. Process of ETL can be improvised by use of low data usage and ignoring lookup row by row. Bulk loading option of ETL is very helpful for faster processing of huge amount of data in the data operation. KNOX, Encryption, Ranger, IDS/IPS and firewall can have considered to be useful method for protection of infiltration of network by checking and blocking the access to ENISA database. Big data technology has a high level of replication in data storage portion and frequent outsourcing of Big Data technology often leads to breach, leakage and others threats which are specific to this big data technology. Additional information created by Big data can increase the effect of data leaks and various breaches. Interest of various big data owners like data owners, data transformers, computation and storage in the big data area may lead to some conflict which ultimately leads to the creation of complex ecosystem where various security measures should be carefully planned and executed.
References
Bartsch, M., & Frey, S. (2017). State-of-the-art approaches. In cyber strategies for enterprises and authorities (pp. 55-71). Springer Specialties Wiesbaden.
Bastl, M., Mareš, M., & Tvrdá, K. (2015). Cybersecurity policy at national, European and international level: a framework analysis. In cyber security (pp. 45-67). Springer Specialties Wiesbaden.
Bendiek, A. (2015, December). Digital Agenda and Cybersecurity. In the Yearbook of European Integration 2015 (pp. 176-181). Nomos publishing company mbH & Co. KG.
Catteddu, D., & Hogben, G. (2015). Cloud computing. Benefits, Risks and Recommendations for Information Security/European Network and Information Security Agency, ENISA (November 2015).
Christou, G. (2017). The EU’s Approach to Cybersecurity.
Eininger, K., Skopik, F., & Fiedler, R. (2015). No cyber security without data protection. Data protection and data security , 39 (11), 723-729.
Exchange, p. (2016). Violation of personal rights through the publication of photos on the Internet . Nomos publishing company mbH & Co. KG.
Hänisch, T., & Rogge, S. (2017). IT security in the industry 4.0. In Industrie 4.0 (pp. 91-98). Springer Specialties Wiesbaden.
Jentzsch, N. (2016). Competition policy in digital markets: Should data protection play a role? (No. 94). DIW Roundup: Policy in focus.
Kleineidam, G., Schmid, LJ, Krasser, M., & Koch, B. (2017). Critical infrastructure security requirements for information and communication technology from the perspective of a utility company. e & i Electrical Engineering and Information Technology , 134 (1), 3-13.
Kubicek, H., & Diederich, G. (2015). Online banking in comparison. In Security in Online Banking (pp. 7-19). Springer Specialties Wiesbaden.
Lanfer, J. (2017). Cyber-security and the (impotence) power of the state. In security production between state, market and civil society (pp. 47-72). Springer Specialties Wiesbaden.
Reuter, C. (2015). Operational Continuity Management in Small and Medium Business Smart Services for Industry 4.0. Mensch und Computer 2015-Workshopband .
Schaumüller-Bichl, I., & Kolberger, A. (2016). Information Security Risk Analysis in complex systems-new challenges and solutions. In GI anniversary(pp. 609-617).
Schneider, F. (2017). Reporting requirements in IT security law . Nomos publishing company mbH & Co. KG.
Silva, KC, Rocha, AA, & Guimaraes, FQ (2016, May). Trust in the Cloud from the Sec-SLA in various models as deployment and service. In Proceedings of the XII Brazilian Symposium on Information Systems on Brazilian Symposium on Information Systems: Information Systems in the Cloud Computing Era Volume 1 (pp. 329-336). Brazilian Computer Society.
Stupka, V., Horák, M., & Husák, M. (2017, August). Protection of personal data in security alert sharing platforms. In Proceedings of the 12th International Conference on Availability, Reliability and Security (p.65). ACM.
Unger, WJ (2014). Cyber ??Defense – a national challenge. S & F Security and Peace , 32 (1), 8-16.
Weber, A., & Weber, D. (2015, December). Governance of critical information technology in open networks. In Responsible Innovation (pp. 151-164). Nomos publishing company mbH & Co. KG.
Witt, T., & Freudenberg, P. (2016). NIS policy. Computer and Law , 32 (10), 657.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
