Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Analysis of Cyber-Security Threats and Recommendations for Improvement

Verified

Added on 2019/11/26

AI Summary

The provided content discusses the threat probability of various cyber-security breaches, including manipulation of network traffic, interception of radiation, and leakage of data and application. The trend and probability of these threats are also highlighted. Additionally, the importance of improving the Extract, Transform, and Load (ETL) process using Hadoop for big data management is emphasized. Furthermore, the evaluation of the current state of IT security on ENISA is discussed, highlighting the major problem of scalability in big data management. Finally, recommendations for securing sensitive data are provided, including adapting practices to changing circumstances and using standardized activities and rules.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

IT risk management
2017

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

IT risk management
Contents
Overview of the case study:.......................................................................................................2
Introduction:...............................................................................................................................2
ENISA Big data security infrastructure:....................................................................................3
Threats associated with the ENISA Big data:............................................................................6
Significance:...............................................................................................................................8
Key threat agents:.......................................................................................................................9
Steps to minimize their impact on the system:...........................................................................9
Trends in the threat probability:...............................................................................................11
Improvement in the ETL process:............................................................................................12
Evaluation of the current state of IT security on ENISA:........................................................13
Recommendation:....................................................................................................................13
Conclusion:..............................................................................................................................14
References:...............................................................................................................................14
1

IT risk management
Overview of the case study:
The European Union agency for network and information security (ENISA) is the centralised
network authority which is perform the function of identifying threats and provides
mitigation techniques associated with the information security. This research study focuses
on the threats associated with the Big Data assets.
Introduction:
The threats associated with the Big data are far beyond the threat associated with the ordinary
data. The high level replication strategy should be built for deploying the storage of big data.
The outsourcing of big data results into the introduction of new types of breaches and
degradation and leakages of the threats associated with the specification of big data. “The
significant impact can be seen on the privacy and data protection methods used in storing the
big data” (Singh, 2015). The links should be created for specifying the key requirement to
impose parallelization for improving the process of data collection. The big data analytics
performance can be improved by adding the additional information on the data leakages and
increasing rate of breaches. There are different assets owners which are associated with the
big data are categorised as data owners, computation providers, data transformers, and
storage service providers. The activities and conflicts are aligned in the big data management
processes. The complex ecosystem can be created for involving the security measures in the
planning and execution phases associated with big data management processes. The overall
privacy and security is declining in the management of the big data with the increasing
demand of big data on the request of the user. The emerging paradigm should be constructed
by making use of security principles to minimize the risks of security and privacy associated
with the storage of big data. The gap between the identification of the threats and adopting
the mitigation policies can b filled with the construction of big data security infrastructure.
From the research, it has been identified that there is a lack of technology which can be used
for providing security to the big data environment. The management of the big data involves
focus on the identification of the threats, traditional approaches used for handling big data,
defining the solutions which are specific to the deployment of big data, planning of the
activities, security procedures for big data environment, identification of the big data assets,
and mitigation procedures. The ENISA aligns the data protection methods which are
convenient for securing the Big data. The critical infrastructure should be developed for
2

IT risk management
aligning the activities. The tools and technologies should be used to develop the mitigation
plan for securing the big data and to cope up with the threats associated with the handling and
storage program used for big data. “The potential impact can be seen with the deployment of
the security measures in the curriculum of the activities” (Wang, 2014).
ENISA Big data security infrastructure:
The strategies should be developed for carrying out the process of threat analysis on cyber
security. “The emerging risks should be identified by collecting relevant information
associated with the development of big data security infrastructure” (Jaseena, 2013). The high
level conceptual model should be for providing security requirement in the management of
big data. “The infrastructure of the big data involves the interrelationship between
computational power, analysis, storage, and analytics (Terzi, 2015). The consideration should
be given on the security massive data collected on the internet to provide digital information,
privacy issues, and data protection methods. The three dimension model can be created by
focusing on the 6V’s associated with the deployment of big data over the network which is
described below:
 Volume: The significant amount of data volume should be collected
 Velocity: The velocity refers to sending and retrieval of data on the demand of the
user. The speed should be considered for managing the flow of data packets.
 Variety: The variety of data types and associated sources should be maintained for
storing the big data on the internet platform.
 Veracity: The authenticity of the data helps in analysing and improving the quality of
data.
 Variability: The variability is the term used for managing proper scheduling between
the inconsistencies in the arrival of data. The process can be used for handling the big
data effectively.
 Value: The value should be associated for collecting the potential revenues from the
big data.
The security infrastructure of the big data constitutes of five layer which are categorised as
data source layer, integration process layer, data storage layer, use of analytical and
computing model layer, and lastly, the presentation layer. The following table shows the
layered infrastructure of the big data management.
3

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

IT risk management
The tabular representation of the architecture is depicted in the table below:
Big data management
infrastructure
Layers Modules and processes
Presentation layer Use of Web browsers
Use of Desktops and laptops
Use f mobile devices
Use of web services
Analytics and computing
model layer
Query and reporting tools
Use of map reducing
technique
Use of stream analytics
Use of advanced analytics
4

IT risk management
Data Storage layer Development of New SQL
databases
Use of distributed file system
Use of RDF stores
Integration of processes Use of messaging and API’s
Use of Data sources Streamlining of the data
Development of the
unstructured data
Development of the semi-
structured data
Development of structured
data
Function of Layer:
 Data source layer: The data source layer is comprised of disparately data sources,
development of range for streamlining and alignment of the data and information.
The infrastructure is composed of semi-structured and structured developed on the
relational databases.
 Integration process layer: The integration process layer is used for focusing data and
integration of datasets for managing the pre-processing operation.
 Data storage layer: “The data storage layer is used for comprising the resource pool.
The data set is used for managing distributed file system, new SQL databases, use of
NoSQL, and RDF stores” (Munaye, 2016). The large number of data sets which are
used for persistent storage.
 Analytics and computing models: “The model is used for encapsulation for various
tools such as technology of map reduce, storage of resources, and inclusion of data
management technology” (Bertino, 2013).
5

IT risk management
 Presentation layer: The programming model is developed for the visualization of
technologies.
The cloud computing technologies should be used for the development of infrastructure for
the management of big data. “The cost effective and elasticity model should be developed for
scaling up and down of the virtual assets” (Wuest, 2016). The following diagram shows the
taxonomy of the big data assets:
Threats associated with the ENISA Big data:
The consideration should be given on the cyber-security threats because threats are associated
with the assets of the information and communication technology. The following table shows
the list of threats associated with the Big data analytics:
Category Types of threats
Eavesdropping Manipulation of network traffic
Interception Comprising emission interception
6

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

IT risk management
Intercepting radiation
Messages replay
Hijacking Man in the middle attack
Unintentional damage to the IT assets Record destruction
Leakage of data and application
Loss of media storage devices
Loss of sensitive information
Information loss on the cloud
Result in penetration testing
Third party damage
Inadequate design
Changes done in the information system
Information collected from unreliable sources
Administration errors
Organization threats Shortage of skills
Shortage of resources
Legal threats Violation of the laws and regulation
associated with the data management
Failure of assigning contractual requirement
Inadequacy in personal data
Judiciary decision
Other associated threats with big data Leakage of information
Deployment of the social engineering
concepts
Deployment of the malicious code and
activity
Inefficiency in authorization and
authentication
Brute force attacks
Failure of the business methodology and
processes
Denial of service attacks
Association of target attacks
7

IT risk management
Unsolicited receiving of emails
Execution of remote activity
Identification of fraud and theft
Compromising with the sharing of
confidential information
Unauthorized installation of the software.
Misusing of the audit tools and information
Information manipulation
Generation of certificates
Significance:
The analysis of the threats present the extensive reviewing of actual threats associated with
the big data sets. “The threats result into the malfunctioning of the infrastructure which is
used for handling big data” (Do, 2013). The threat affects the unauthorised access of the big
data, destruction of activities, disclosure of information, data modification, and occurrence of
the denial of service attacks. The redundancy procedure of big data is used for mitigating the
effects of threats. The threat is an event which adversely affects the functioning of the big
data processes and management schemes. The big data asset is the collection of big volumes
of resources which are collected from different sources. There are two categories of threats
which are classified as big data leak and big data breach. “The big data breaches occur when
the theft of digital information takes place from the information and communication
technologies” (Sebaa, 2014). The big data leak is the disclosure of information which occurs
in the deployment project life cycle. The accidental threats are occurred by the human due to
misconfiguration of activities or due to the poor management of processes undertaken to
handle the big data. The interception in the communication is the common issue which exist
with the deployment of ICT technologies.
Key threat agents:
The following are the list of key threat agents which are associated with the management of
Big data:
8

IT risk management
 Corporations: “Sometimes offensive tactics are used by the organizations. The
organization is categorised as hostile threat agent” (Bouchard, 2012). It is successful
in taking competitive advantage associated with the competitors. The capabilities of
the corporation depend on the size, sector, range of human intelligence, and area of
expertise.
 Association of cyber criminals: Cyber criminals are treated as hostile threat agents
because they motivate to increase financial gain of the enterprise. They are
categorised as international, national, and local.
 Association of cyber terrorist: The activities of cyber-attack can be expanded with the
inclusion of cyber-terrorist. There can be political and religious issues to motivate the
cyber terrorist. The failure of the critical infrastructure can have an adverse effect on
the society.
 Script Kiddies: The unskilled individuals are called as script kiddies. They can attack
on the network of the system by using script and programs.
 Online social hackers: The hackers are politically motivated to steal the information
from high profile website, database of the corporation, use of intelligence agencies,
and military institution.
 Employees: The employees of the company can attack on the computer resources of
the corporation to steal the confidential information of the organization.
Steps to minimize their impact on the system:
The steps which should be taken to minimise the effect of threats on the big data management
are:
Steps Description
Protection of the information The sensitive information should be handled
carefully. The protection mechanism should
be used for protecting the sensitive
information. The personal information should
not be shared.
Reducing the data transfer rate The shifting of the data should be banned
within the working curriculum of the
organization
Putting restriction on downloading The restriction of downloading helps in
9

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

IT risk management
reducing the data transfer rate. The data will
not be carry out to any external sources
Sharing of files “The files and folders should be shared
within the organization before disposing of
the information” (Garg, 2013).
Restriction on unencrypted devices The restriction should be put not to use any
unencrypted devices within the infrastructure
of the organization
Promote secure transfer The transfer of data should be securely done
with the use of security methods such as
cryptography, encryption methods, and use
of private and public key.
Use of strong password The password policies should be used for the
creation of password.
Automatic security procedures The automatic security system should be
incurred in the working curriculum of the
organization because it helps in periodic
checking of the password, updating of the
firewall configuration, and reducing the risks
associated with the sensitive information
Identification of the threats The suspicious activity should be identified
on the network to take proactive action to
overcome the situation of cyber-attack.
Tracking of data The flow of data packets should be
monitored and tracked periodically.
Accessibility The sensitive data is accessible for bringing
down the risks associated with the malicious
user
Training and development programs The skills of the team members should be
sharpen to take proactive action before the
occurrence of cyber-attack.
Stopping incursion The management of activities and security
solution helps in preventing from the
10

IT risk management
occurrence of attack.
Response of breach “The quick response should be generated
with the breaches attack. The notification
should be generated on the occurrence of
breaches attack” (Crane, 2014).
Trends in the threat probability:
Types of threats Trend and probability
Manipulation of network traffic High
Comprising emission interception Low
Intercepting radiation Low
Messages replay Low
Man in the middle attack Medium
Record destruction High
Leakage of data and application Low
Loss of media storage devices Low
Loss of sensitive information High
Information loss on the cloud High
Result in penetration testing Low
Third party damage High
Inadequate design Medium
Changes done in the information system Medium
Information collected from unreliable sources Low
Administration errors Low
Shortage of skills Low
Shortage of resources Low
Violation of the laws and regulation
associated with the data management
High
Failure of assigning contractual requirement High
11

IT risk management
Inadequacy in personal data High
Judiciary decision Medium
Leakage of information Low
Deployment of the social engineering
concepts
Low
Deployment of the malicious code and
activity
High
Inefficiency in authorization and
authentication
High
Brute force attacks High
Failure of the business methodology and
processes
High
Denial of service attacks Low
Association of target attacks Low
Unsolicited receiving of emails High
Execution of remote activity Low
Identification of fraud and theft Low
Compromising with the sharing of
confidential information
Medium
Unauthorized installation of the software. High
Misusing of the audit tools and information High
Information manipulation Low
Generation of certificates Low
Improvement in the ETL process:
Extract, transform, and load process is can be improved with the use of Hadoop in handling
the big data management activities. The business intelligence problems can be resolved with
the use of Hadoop. The scalability of the data can be improved by using the technique of map
reduces. The mapping of the task helps in splitting the problem into multiple chunks which
can separately handle. The traditional data management architecture of the organization
should be replaced with the following Hadoop architecture for the management of big data:
12

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

IT risk management
Evaluation of the current state of IT security on ENISA:
The scalability is the major problem associated with the current state of big data management
program. The big data environment in characterised with the 5V values associated with the
data management. The evaluation of the big data platform depends upon the security level
used for covering asset management, the security measures used for bringing effectiveness in
the good practice application, and the use of tools and technologies to resolve the issues
associated with the inclusion of data management practices.
Recommendation:
The practise of securing data should be adapted according to the occurrence of sensitive data.
The management of the big data involves the use of new assets, risks, threats, and challenges.
The evaluation of the big data life cycle helps in verifying the correct behaviour of the
processes. The analysis of the gap should be done with the use of standardized activities and
a set of rules and policies.
Conclusion:
The consideration should be given on the cyber-security threats because threats are associated
with the assets of the information and communication technology. . sThe automatic security
system should be incurred in the working curriculum of the organization because it helps in
periodic checking of the password, updating of the firewall configuration, and reducing the
13

IT risk management
risks associated with the sensitive information. The scalability is the major problem
associated with the current state of big data management program.
References:
Bertino, E. (2013). Data security challenges and research opportunities. Retrieved from
https://www.cs.purdue.edu/homes/bertino/sdm13.pdf
Bouchard, M. (2012). Big data for advanced threat protection. Retrieved from
http://www.trendmicro.co.in/cloud-content/us/pdfs/about/wp_aimpoint_group_big-
data-for-advanced-threat-protection.pdf
Crane, L. (2014). Big data analytics: A threat or an opportunity for knowledge management.
Retrieved from
https://www.researchgate.net/publication/265531901_Big_Data_Analytics_A_Threat
_or_an_Opportunity_for_Knowledge_Management
Do, H. (2013). Data cleaning problem and current approaches. Retrieved from
http://citeseerx.ist.psu.edu/viewdoc/download?
doi=10.1.1.98.8661&rep=rep1&type=pdf
Garg, N. (2013). Big data analytics for security intelligence. Retrieved from
https://downloads.cloudsecurityalliance.org/initiatives/bdwg/Big_Data_Analytics_for
_Security_Intelligence.pdf
Jaseena, N. (2013). Issues, challenges, and solution: Big data mining. Retrieved from
http://airccj.org/CSCP/vol4/csit43111.pdf
Munaye, Y. (2016). Big data security issues, challenges, and future scope. Retrieved from
http://www.iaeme.com/MasterAdmin/uploadfolder/IJCET_07_04_002-2/IJCET_07_0
4_002-2.pdf
Sebaa, A. (2014). Research in big data warehousing using hadoop. Retrieved from
http://www.google.co.in/url?sa=t&rct=j&q=Research%20paper%20pdf%20on
%20Improvement%20in%20the%20ETL%20process%20associated%20with%20Big
%20data&source=web&cd=6&cad=rja&uact=8&ved=0ahUKEwixoaOy_pfWAhXJR
o8KHeAJBIMQFghEMAU&url=http://www.lectitopublishing.nl/Article/Download/
82&usg=AFQjCNEzCls0O7hknNNCk_ibyxj0o77Qvg
14

1 out of 15

+13062052269

info@desklib.com

Analysis of Cyber-Security Threats and Recommendations for Improvement

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Designing an Efficient Hadoop File System for Secured Big Data Management

Improving ETL Process for Big Data Analysis

Preventing Insider Threats in Cyber Space: Implementing Strong Hashing Functions

Cybersecurity Risks and Cloud Computing

Cyber Security Risks and Solutions in Cloud Computing

Threats to ENISA from Big Data