Enhancing Cybersecurity in Big Data Environment
VerifiedAdded on 2019/11/29
|9
|2695
|202
Report
AI Summary
The report highlights the risks associated with big data, including identity theft, phishing, and malware attacks. It emphasizes the importance of secure data processing and sharing, as well as the need for enhanced security measures to protect against these threats. The report also discusses the concept of trusted computing and its potential to provide reliable data traffic. Furthermore, it notes that cryptography in big data includes complex infrastructure and can negatively impact execution.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
ANSWERS
1) Provide a brief overview of the case study and prepare a diagram for the ENISA Big
Data security infrastructure.
In the report of Big data Threat Landscape, ENISA explains various risks that are identified with
Big Data which is an innovation that is in demand these days. This concept of Big Data is
required to assume a noteworthy part influencing different parts of our society, running from
wellbeing, food security, and atmosphere and asset proficiency to vitality, better transport
frameworks and the smart cities. The European Commission has recognized the influence of Big
Data in a flourishing information driven economy by defining the methodology of Big Data6.
This contextual analysis of Enisa describes gap analysis that presents a correlation between
distinguished Big Data dangers and its countermeasures. This case study is to discuss about the
effects of lack of countermeasures in this innovative era.
Specifically, the main query emerges of the pattern of current countermeasures of adjusting
existing arrangements against conventional information dangers to the Big Data solution by
concentrating on the information's volume. This concept of countermeasure targets adaptability
issues as well as does not fit in the characteristics of Big Data and brings about incomplete and
inadequate methodologies. Many existing information concentrated conditions have lately
embraced a Big Data approach. This report adds to the meaning of the landscape of threat, by
giving a review of current as well as rising dangers pertinent to Big Data advances, and their
related patterns.
ENISA Threat Landscape (ETL) Group developed the risk taxonomy which needs to be
analyzed. Various risks like network outage or any type of malfunction are the main reasons to
1) Provide a brief overview of the case study and prepare a diagram for the ENISA Big
Data security infrastructure.
In the report of Big data Threat Landscape, ENISA explains various risks that are identified with
Big Data which is an innovation that is in demand these days. This concept of Big Data is
required to assume a noteworthy part influencing different parts of our society, running from
wellbeing, food security, and atmosphere and asset proficiency to vitality, better transport
frameworks and the smart cities. The European Commission has recognized the influence of Big
Data in a flourishing information driven economy by defining the methodology of Big Data6.
This contextual analysis of Enisa describes gap analysis that presents a correlation between
distinguished Big Data dangers and its countermeasures. This case study is to discuss about the
effects of lack of countermeasures in this innovative era.
Specifically, the main query emerges of the pattern of current countermeasures of adjusting
existing arrangements against conventional information dangers to the Big Data solution by
concentrating on the information's volume. This concept of countermeasure targets adaptability
issues as well as does not fit in the characteristics of Big Data and brings about incomplete and
inadequate methodologies. Many existing information concentrated conditions have lately
embraced a Big Data approach. This report adds to the meaning of the landscape of threat, by
giving a review of current as well as rising dangers pertinent to Big Data advances, and their
related patterns.
ENISA Threat Landscape (ETL) Group developed the risk taxonomy which needs to be
analyzed. Various risks like network outage or any type of malfunction are the main reasons to
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
effect the Big data innovation. As we know that Big Data consist of a large number of bits of
information and every part might be in a different physical area. This design prompts a heavier
dependence on the interconnections between servers. ENISA reports have managed the depth
study of threats like network outages or malfunctions that influence the communication links32.
Consequently, in this report, ENISA doesn't take these dangers into account.
The utilization of cryptography might be not generally adequate and there are evident dangers
related to network administrator as well as security experts with comparable benefits. The
concept of big data develops the potential issue of information residency. If the data is saved in
Cloud computing that provides the solution of multi-national storage must be under various
legitimate jurisdictions. When Big data systems are based over cloud foundation, a danger to
clients' identity is that the control of a framework interface, in Big Data framework can be based
on public or private cloud infrastructure.
Methods for enhancing Big Data analysis execution and the combination of heterogeneous
information sources enhances the redundancy of information portrayal by creating poorly
ensured duplicates. This difficulties conventional systems to secure confidentiality as well as its
effect must be considered. In a conventional data frameworks the loss of control of a support
interface could cause constrained data storage, in Big Data the impact is opened up and the effect
is more serious.
information and every part might be in a different physical area. This design prompts a heavier
dependence on the interconnections between servers. ENISA reports have managed the depth
study of threats like network outages or malfunctions that influence the communication links32.
Consequently, in this report, ENISA doesn't take these dangers into account.
The utilization of cryptography might be not generally adequate and there are evident dangers
related to network administrator as well as security experts with comparable benefits. The
concept of big data develops the potential issue of information residency. If the data is saved in
Cloud computing that provides the solution of multi-national storage must be under various
legitimate jurisdictions. When Big data systems are based over cloud foundation, a danger to
clients' identity is that the control of a framework interface, in Big Data framework can be based
on public or private cloud infrastructure.
Methods for enhancing Big Data analysis execution and the combination of heterogeneous
information sources enhances the redundancy of information portrayal by creating poorly
ensured duplicates. This difficulties conventional systems to secure confidentiality as well as its
effect must be considered. In a conventional data frameworks the loss of control of a support
interface could cause constrained data storage, in Big Data the impact is opened up and the effect
is more serious.
2) Out of the ‘’Top threats’’ which threat would you regard to be the most significant and
why?
According to me, the most significant threat to the security of Big data is loss of identity by
hackers which leads to the loss of financial details of the users. It mainly effects economy of the
country. The main function of Big data framework is to store as well as to accreditations in order
to access the personal information as well as financial budgetary records having details like visa
card number, payment details, billing details. These details always remain on target for the
hackers. This framework can also store profiling information that can depict client behavior,
preferences, propensities, travel, and media utilization with a detailed framework and can also
help the hackers in more intricate types of impersonation fraud that creates an opportunity to
steal the identity of client.
why?
According to me, the most significant threat to the security of Big data is loss of identity by
hackers which leads to the loss of financial details of the users. It mainly effects economy of the
country. The main function of Big data framework is to store as well as to accreditations in order
to access the personal information as well as financial budgetary records having details like visa
card number, payment details, billing details. These details always remain on target for the
hackers. This framework can also store profiling information that can depict client behavior,
preferences, propensities, travel, and media utilization with a detailed framework and can also
help the hackers in more intricate types of impersonation fraud that creates an opportunity to
steal the identity of client.
As we know that Big data frameworks are based over cloud computing which is a main reason
for theft of user identity. Eg: when the overall control of a framework interface, is based on
either public or private cloud infrastructure, the information gets lost. If the entire data gets
hacked successfully by the hacker, the hacker gets control over the victim's data. The control
interfaces could be comprised by means of novel sign wrapping as well as progressed XSS
methods, and it leads to the theft of identity. In case of Big Data the impact is increased and the
effect is more extreme.
The identity fraud hard to analyze or indict in light of the fact that it frequently crosses legitimate
jurisdictions. Social networking or environment mainly leads to identity theft because of increase
in trend of Facebook and Twitter. It is mainly powerful risk to people's social cultural practices
in interpersonal interaction. The hackers use this personal data to create fake cards or some
terrorist activities. By stealing the personal information like Name, Address, social insurance
number of a user, the hacker's ability to open new account (bank, in-store, cell phone etc.) by
using the theft details. Hence, it increases the chance of criminal activities all throughout the
world which is very dangerous.
As effectively revealed in this report, a few instances of identity misrepresentation because of
capturing the traffic as well as data mining have been analyzed. Phishing is related to identity
theft that is done by using malware and can be interpreted as an individual identity related digital
crime, yet prevalently Phishers likewise utilize malware. It is the process of doing financial
frauds like credit card, identity theft. This process mainly uses spoofed messages and deceitful
sites intended to trick beneficiaries for accessing individual financial information, for example,
Visa numbers, account usernames and passwords, government managed savings numbers, and so
on.
for theft of user identity. Eg: when the overall control of a framework interface, is based on
either public or private cloud infrastructure, the information gets lost. If the entire data gets
hacked successfully by the hacker, the hacker gets control over the victim's data. The control
interfaces could be comprised by means of novel sign wrapping as well as progressed XSS
methods, and it leads to the theft of identity. In case of Big Data the impact is increased and the
effect is more extreme.
The identity fraud hard to analyze or indict in light of the fact that it frequently crosses legitimate
jurisdictions. Social networking or environment mainly leads to identity theft because of increase
in trend of Facebook and Twitter. It is mainly powerful risk to people's social cultural practices
in interpersonal interaction. The hackers use this personal data to create fake cards or some
terrorist activities. By stealing the personal information like Name, Address, social insurance
number of a user, the hacker's ability to open new account (bank, in-store, cell phone etc.) by
using the theft details. Hence, it increases the chance of criminal activities all throughout the
world which is very dangerous.
As effectively revealed in this report, a few instances of identity misrepresentation because of
capturing the traffic as well as data mining have been analyzed. Phishing is related to identity
theft that is done by using malware and can be interpreted as an individual identity related digital
crime, yet prevalently Phishers likewise utilize malware. It is the process of doing financial
frauds like credit card, identity theft. This process mainly uses spoofed messages and deceitful
sites intended to trick beneficiaries for accessing individual financial information, for example,
Visa numbers, account usernames and passwords, government managed savings numbers, and so
on.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
3) Identify and discuss the key Threat Agents. What could be done to minimize their
impact on the system? Based on the data provided, discuss the trends in threat probability.
As per ENISA Threat Landscape report, a threat agent can be defined as the individual or
product who has some better abilities and a reasonable goal to show a risk and a record of past
activities. For Big Information resource proprietors it is vital to know about which dangers rise
up out of which risk group. Big Data frameworks are found to be as the target for attack focused
by threat agents as well as more intricate and specific assaults will be contrived to misuse
vulnerabilities and shortcomings. This Threat Landscape and Good Practice Guide for Big Data
gives a diagram of the present condition of security in the Big Data framework. Specifically, it
recognizes Big Data resources as the research for threat agents that focuses to rising great
practices and new investigates in the field. The classification of threat agents is described as
following:
Corporation - The organizations that embrace and additionally are occupied with hostile
strategies. In this unique circumstance, companies are considered as unfriendly risk agents and
their source of inspiration is to fabricate competitive advantages over contenders, who
additionally make up their principle target. Contingent upon their size and segment, the
corporations have critical capacities, extending from innovation by manpower particularly in
their specialized topic.
Terrorists - This is also a category who are involved in digital crime. Their main reason for
being involved can be political or it can be religious. They mainly attack critical infrastructures
like health framework, telecommunication etc. Their failure can cause serious effect in the public
eye and government. It must be noticed, that in people in general material investigations, the
profile of digital fear based oppressors still is by all accounts obscured.
impact on the system? Based on the data provided, discuss the trends in threat probability.
As per ENISA Threat Landscape report, a threat agent can be defined as the individual or
product who has some better abilities and a reasonable goal to show a risk and a record of past
activities. For Big Information resource proprietors it is vital to know about which dangers rise
up out of which risk group. Big Data frameworks are found to be as the target for attack focused
by threat agents as well as more intricate and specific assaults will be contrived to misuse
vulnerabilities and shortcomings. This Threat Landscape and Good Practice Guide for Big Data
gives a diagram of the present condition of security in the Big Data framework. Specifically, it
recognizes Big Data resources as the research for threat agents that focuses to rising great
practices and new investigates in the field. The classification of threat agents is described as
following:
Corporation - The organizations that embrace and additionally are occupied with hostile
strategies. In this unique circumstance, companies are considered as unfriendly risk agents and
their source of inspiration is to fabricate competitive advantages over contenders, who
additionally make up their principle target. Contingent upon their size and segment, the
corporations have critical capacities, extending from innovation by manpower particularly in
their specialized topic.
Terrorists - This is also a category who are involved in digital crime. Their main reason for
being involved can be political or it can be religious. They mainly attack critical infrastructures
like health framework, telecommunication etc. Their failure can cause serious effect in the public
eye and government. It must be noticed, that in people in general material investigations, the
profile of digital fear based oppressors still is by all accounts obscured.
Content kiddies -These people are unskilled for writing a program for attacking the system.
They use programs written by others in order to hack the entire framework.
Online social programmers (hacktivists) - These people are influenced by politically or
socially infrastructure that uses PC frameworks to challenge and advance their motivation. Their
average targets are prominent sites, enterprises, intelligence agencies as well as military
organizations.
Staff - This category includes internal staff, contractors, operational staff etc. They can have
insider access to organization's assets, and are considered as both non-friendly risk specialists
(i.e. staff who are distracted from their work) and antagonistic specialists. This category of threat
operators has a lot of learning that enables them to put compelling assaults against resources of
their association.
Countermeasures as well as great practices are relied upon to be executed to expand security of
single group, and of other related group when pertinent. One more wellspring of potential
controls and specialized countermeasures originates from the utilization of Big Data analysis as a
big tool for expanding framework and information security, and enhancing interruption detection
and it’s avoidance. The trend for threat probability in number as well as sophistication and
impact. The trend for data security mainly focus on the volume of data.
4) How could the ETL process be improved? Discuss.
Big Data is the collection of information channels that is collected from sensors, systems, storage
or computing systems and provides a better result to the clients. Therefore, it is the responsibility
of both for securing the infrastructure. Each group ought to be cognizant that its own particular
security likewise relies upon the security of its neighbors. Appropriate countermeasures and
They use programs written by others in order to hack the entire framework.
Online social programmers (hacktivists) - These people are influenced by politically or
socially infrastructure that uses PC frameworks to challenge and advance their motivation. Their
average targets are prominent sites, enterprises, intelligence agencies as well as military
organizations.
Staff - This category includes internal staff, contractors, operational staff etc. They can have
insider access to organization's assets, and are considered as both non-friendly risk specialists
(i.e. staff who are distracted from their work) and antagonistic specialists. This category of threat
operators has a lot of learning that enables them to put compelling assaults against resources of
their association.
Countermeasures as well as great practices are relied upon to be executed to expand security of
single group, and of other related group when pertinent. One more wellspring of potential
controls and specialized countermeasures originates from the utilization of Big Data analysis as a
big tool for expanding framework and information security, and enhancing interruption detection
and it’s avoidance. The trend for threat probability in number as well as sophistication and
impact. The trend for data security mainly focus on the volume of data.
4) How could the ETL process be improved? Discuss.
Big Data is the collection of information channels that is collected from sensors, systems, storage
or computing systems and provides a better result to the clients. Therefore, it is the responsibility
of both for securing the infrastructure. Each group ought to be cognizant that its own particular
security likewise relies upon the security of its neighbors. Appropriate countermeasures and
great practices are relied upon to be executed to expand security of both parties. The other source
of technical countermeasures originates from the utilization of Big Data analysis which is
considered to be as tool for expanding framework and information security, and enhancing
interruption location and counteractive action. The analysis of risks and some rising patterns in
digital security are a critical theme in the Cyber Security Strategy for the ETL. Besides, the new
ENISA regulation features the requirement for finding some rising trends for risks and manages
that the Agency, in collaboration with Member States and, as proper, with measurable bodies and
others, gathers significant data.
Using cryptography concept is not adequate as various risks are related to overseers as well as
security experts with equal benefits. This is particularly genuine when risks identified with data
leakage as well as sharing because of human mistakes are considered. Moreover, breaks of
information by means of Web applications (unsecure APIs) as well as insufficient outline or we
can say that its adjustment require an enhanced plan of registering and capacity framework
models, while the stored information from sensors may have issues of classification that can't be
alleviated by current arrangements.
Individual identifiable data is in danger rather security practices have been made. Malevolent
code or any other such type of activity represent a risk for processing framework and capacity
because of the troubles of managing patch in a Big Data heterogeneous condition, while
infringement of laws or controls, break of enactment as well as identity fraud may influence last
clients. All these breaks requires Big Data particular countermeasures, and, on the opposite side,
the inclusion of arrangement creators to reflect changes in current IT condition in EU laws and
enactments.
of technical countermeasures originates from the utilization of Big Data analysis which is
considered to be as tool for expanding framework and information security, and enhancing
interruption location and counteractive action. The analysis of risks and some rising patterns in
digital security are a critical theme in the Cyber Security Strategy for the ETL. Besides, the new
ENISA regulation features the requirement for finding some rising trends for risks and manages
that the Agency, in collaboration with Member States and, as proper, with measurable bodies and
others, gathers significant data.
Using cryptography concept is not adequate as various risks are related to overseers as well as
security experts with equal benefits. This is particularly genuine when risks identified with data
leakage as well as sharing because of human mistakes are considered. Moreover, breaks of
information by means of Web applications (unsecure APIs) as well as insufficient outline or we
can say that its adjustment require an enhanced plan of registering and capacity framework
models, while the stored information from sensors may have issues of classification that can't be
alleviated by current arrangements.
Individual identifiable data is in danger rather security practices have been made. Malevolent
code or any other such type of activity represent a risk for processing framework and capacity
because of the troubles of managing patch in a Big Data heterogeneous condition, while
infringement of laws or controls, break of enactment as well as identity fraud may influence last
clients. All these breaks requires Big Data particular countermeasures, and, on the opposite side,
the inclusion of arrangement creators to reflect changes in current IT condition in EU laws and
enactments.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
The concept of big data embrace distinctive methodologies. For instance, Hadoop can be
customized to identify all information that enters and leaves the system. This design has been
utilized to get odd exercises like infected system. The proposed Early Warning System
methodological framework actualizes a precise procedure to gather all security information and
set up various baselines that distinguish typical conduct, accumulate outer insight (risk support)
from outsiders, and uses Big Data investigation to examine this data for specific risks. Future
headings for examine in Big Data for security go for tending to business analysis for the entire
organization. Actually, without a risk based methodology to deal with security, associations
could squander significant ICT assets for vulnerabilities that are not causing in actuality big data
risks to the business. Likewise it will be vital to channel security Big Data to the data that is quite
applicable to particular partners' roles and obligations.
5) To sum up, should ENISA be satisfied with its current state of IT Security? Why? Or
Why not?
No, ENISA should not be satisfied with the current state of IT security. Significant loophole are
found because of dangers to protection (e.g., the distinguishing proof of individual data) as well
as the privacy of sensor information streams. As officially detailed in this report, a few instances
of ID theft because of capturing the traffic or we can say data mining that have been analyzed.
Big Data analysis has encouraged the interruption of protection by fortifying the strategies. Since
countermeasures, that are analyzed like anonymization did not turn out to be constantly
compelling against Big Information mining, new research endeavors must be defined to devise
controls. Eg: the main concept for PPDM (privacy-preserving data mining) is to adjust the
information in such a path in order to perform algorithms for data mining without making the
security of confidential data at risk.
customized to identify all information that enters and leaves the system. This design has been
utilized to get odd exercises like infected system. The proposed Early Warning System
methodological framework actualizes a precise procedure to gather all security information and
set up various baselines that distinguish typical conduct, accumulate outer insight (risk support)
from outsiders, and uses Big Data investigation to examine this data for specific risks. Future
headings for examine in Big Data for security go for tending to business analysis for the entire
organization. Actually, without a risk based methodology to deal with security, associations
could squander significant ICT assets for vulnerabilities that are not causing in actuality big data
risks to the business. Likewise it will be vital to channel security Big Data to the data that is quite
applicable to particular partners' roles and obligations.
5) To sum up, should ENISA be satisfied with its current state of IT Security? Why? Or
Why not?
No, ENISA should not be satisfied with the current state of IT security. Significant loophole are
found because of dangers to protection (e.g., the distinguishing proof of individual data) as well
as the privacy of sensor information streams. As officially detailed in this report, a few instances
of ID theft because of capturing the traffic or we can say data mining that have been analyzed.
Big Data analysis has encouraged the interruption of protection by fortifying the strategies. Since
countermeasures, that are analyzed like anonymization did not turn out to be constantly
compelling against Big Information mining, new research endeavors must be defined to devise
controls. Eg: the main concept for PPDM (privacy-preserving data mining) is to adjust the
information in such a path in order to perform algorithms for data mining without making the
security of confidential data at risk.
As we know that cryptography frameworks are difficult to execute when a substantial number of
sensors is included, the utilization of Trusted Computing (TC) has been a trademark of being a
promising innovation. Trusted figuring depends on Trusted Platform Modules (TPMs) and
related hardware to demonstrate uprightness of programming, procedures, and information. The
devices that are enabled with TPM must be fitted in sensors. These devices can be a reason for
reliable data traffic.
Thee cryptography in Big Data includes complex infrastructure as well as contrarily influences
execution. Processing Infrastructure and capacity models in Big Data confront new difficulties
like the absence of institutionalization and convenience of security controls among various
ventures and also Big Data vendors, as well as the poor outline of security highlights.
These principles don't exist or are still a work in progress. A case of absence of principles is seen
by NIST. The status of the dispatched things (e.g., extraordinary identity proof number, GPS
organizes, sensors data, and so forth.) is not gone through the whole chain. A remarkable
recognizable proof mapping is a work in progress inside an ISO specialized advisory group.
From a security viewpoint, we take note of that in a customary administration framework as, in a
SQL relational database, security has gradually developed and numerous new controls have been
proposed over a long time. The security of Big Data segments has not experienced a similar level
of ideas or assessment because of the immature of Big Data innovative work.
References
Damiani, E. & Ardagna, C., A. (2016). Big Data Threat Landscape and Good, Retrieved from -
https://www.enisa.europa.eu/publications/bigdata-threat-landscape.
sensors is included, the utilization of Trusted Computing (TC) has been a trademark of being a
promising innovation. Trusted figuring depends on Trusted Platform Modules (TPMs) and
related hardware to demonstrate uprightness of programming, procedures, and information. The
devices that are enabled with TPM must be fitted in sensors. These devices can be a reason for
reliable data traffic.
Thee cryptography in Big Data includes complex infrastructure as well as contrarily influences
execution. Processing Infrastructure and capacity models in Big Data confront new difficulties
like the absence of institutionalization and convenience of security controls among various
ventures and also Big Data vendors, as well as the poor outline of security highlights.
These principles don't exist or are still a work in progress. A case of absence of principles is seen
by NIST. The status of the dispatched things (e.g., extraordinary identity proof number, GPS
organizes, sensors data, and so forth.) is not gone through the whole chain. A remarkable
recognizable proof mapping is a work in progress inside an ISO specialized advisory group.
From a security viewpoint, we take note of that in a customary administration framework as, in a
SQL relational database, security has gradually developed and numerous new controls have been
proposed over a long time. The security of Big Data segments has not experienced a similar level
of ideas or assessment because of the immature of Big Data innovative work.
References
Damiani, E. & Ardagna, C., A. (2016). Big Data Threat Landscape and Good, Retrieved from -
https://www.enisa.europa.eu/publications/bigdata-threat-landscape.
1 out of 9
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.