Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Why? Or Why not?

Verified

Added on 2019/11/25

AI Summary

Big data's security aspect is crucial considering the emerging security issues related to cloud computing, internet subscriptions, and social technologies. Unauthorized access can directly affect big data's stored data, while advertisement and exploitation may invite new attack vectors. The concept of big data storage should be considered as the main aspect of improving overall data security. ENISA highlights the importance of trusted components like secure protocols, infrastructure authentication, and public key components to ensure strong encryption and management.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: IT RISK MANAGEMENT
IT RISK MANAGEMENT
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

2IT RISK MANAGEMENT
Table of Contents
Introduction................................................................................................................................3
Question 1..................................................................................................................................3
Question 2..................................................................................................................................5
Question 3..................................................................................................................................6
Question 4..................................................................................................................................7
Question 5..................................................................................................................................8
Conclusion..................................................................................................................................8
References..................................................................................................................................9

3IT RISK MANAGEMENT
Introduction
The term big data can be referred to as designate loosely the palette of algorithm,
system and technology, which are employed mainly to collect data which is of unprecedented
variety and volume with a intention of extracting value from them by means of massive
parallel advanced analytics of parallel computing (Marinos, 2013). The source of Big data are
diverse and many. The candidate of the data providers and generators can be mainly be
considered into many categories which can include mobile communication devices and
network, internet of things and web based application. The usage of big data has increased
over the few years, the various form of algorithm, technology and with it their system
resources are gradually reaching a level of development and suitable maturity level for its
widespread adoption (Marinos, Belmonte &Rekleitis, 2014).
ENISA elaborates on the different thread which are related to the Big data, this
technology have gained much of a traction in the recent years and is forecasted to play a
significant role in the near future which can be estimated to play a role in different sphere of
the society, ranging from climate, food security, intelligent system related to transport and
installation of smart cities. It can be stated that the big data approach can be used in a way to
interact with extremely high tech and novel ICT technology, with very little time to mature
against the cybercrime or attack, it can be a surprise that the impact of the cybercrime is
increasing in trend in both the number associated with it and the sophistication and the impact
produced by the factor.
Question 1
Provide a brief overview of the case study and prepare a diagram for the ENISA Big Data
security infrastructure.

4IT RISK MANAGEMENT
Relating to the case study of ENISA, threads are elaborated on threats that can be
related to the big data. Considering on the various aspect of the society there has be seen a
considerable traction within the time period of few years thus it can be seen that the concept
of information technology and data storage would play a dominant role (Barnard-Wills,
2014). The different field that can be linked with the big data and information technology are
health security, food security, climate and resource factor which are efficient to the energy,
smart city implementation and intelligent system of transport. Acknowledgment have been
from the European commission with regards to the potential impact of the big data with
emphasis on the big data technologies main potential impact (Lévy-Bencheton et al., 2015).
When relating to the economic drive big data can be conceived in the system of organisation.
In the field of research and science there is a big impact of big data which is continuing to
escalate (Karchefsky& Rao, 2017). Thus the launch of big data project are being initiated in
many agencies and institutions all across the globe for exploiting better analysis of data and
cloud computing. It can be applied in the field of military which can be related to assisting in
fighting virtual or combat or real terrorism. Collecting information from heterogeneous
sources in order to identify are considered to have a huge impact on the overall concept.
Highly novel and high tech ICT system are mainly incorporated in the approach of the big
data. On the other hand the use of technology of big data has increased frequently which is
related to the chances of cyber-attacks, hacking and data breaches (Lehto, 2015). The
increase in the kind of challenges of attack has increased the trending in impact and
sophisticated. With the increase of the number of usability relating to the big data in
organisation and business, the attackers get more reward in order to develop and specializes
attack against the concept of analysis of big data (Marinos, Belmonte &Rekleitis, 2014). The
technology has also the capability of focusing its impact on the cyber threats by means of
offering security professional and privacy that has the valuable insight in the management

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

5IT RISK MANAGEMENT
threats and incidents (Rhee et al., 2013). The threat landscapes in the field of big data are
delivered by the ENISA, by the input which comes from ENISA threat landscape activities.
The case study in this scenario relates to the architecture, ENISA threat taxonomy which is
mainly targeted to the audience of the big data approaches, the asset big data taxonomy, the
methodology by which the case study is approached and carried out, gap in the study is
identified and finally a recommendation is being provided in this case (Cho et al., 2016).
In ENISA depiction of the cloud computing is in the infrastructure layer. This can be
related to the infrastructure requirement for example cost effectiveness, elasticity and the
ability which can be related to the scaling up and down. The aspect which is followed by the
big data are:
 Integration processed layer: This layer is mainly concerned with the pre-processing
operation data acquiring which is considered important factor hence as a result of
which dataset is integrated to a structured form.
 Data source layer: This layer is considered with the streaming of the data from the
sensor, data source which are disparate sources of data and information which is
mainly structured, semi structured and unstructured.
 Data store layer: Large variety of resources are available in this layer like for example
No SQL, RDF store, and distributed system of file and New SQL database. This is
mainly suitable for a large number of datasets that facilitate storage persistent.
 Presentation layer: Visualization of the technology like desktop, web browser, mobile
device and web services are considered as the most important task of this layer.
 Computing and analytics layer model: Encapsulating the different data tools like
MAP reduce that mainly run over the resources that are mainly stored with emplaning
on the data management and programming model (Marinos, Belmonte &Rekleitis,
2014).

6IT RISK MANAGEMENT
Figure 1: Big data system security of Layered Architecture.
(SOURCE: (Scott et al., 2016)
Question 2
Out of the ‘’Top threats’’ which threat would you regard to be the most significant and
why?
There are different kinds of thread which can be classified according to the group they
are:
Threat Group: Nefarious abuse/activity

7IT RISK MANAGEMENT
 Denial of service (DOS)
 Identify threat
 Malicious software/code /activity
 Abuse of authorization / misuse of audit tools / unauthorized activities.
 Generation and the aspect related to rogue certificate
 Failure of the process of business.
Threat group: Interception, eavesdropping and hijacking
 data leakage via application of web (unsecured API’s)
 Information human error due to sharing and leakage.
 Inadequate planning and design or adaptation concept wrong.
 Information interception.
Threat group: Legal
 Shortage of skills.
 Breach of legislation/abuse of personal data/ violation of regulations and law.
Comparing the threat groups it can be concluded that the most significant threats are the
“interception, Eavesdropping and hijacking” (Wang, Anokhin&Anderl, 2017). This is due to
the factor that most of the risk related to the privacy and the data are mainly related to this
faces of the threat which directly maximizes the difficulties for example hacking, data breach,
cyber-attack and many more. This results in affecting the major areas related from the
business point of view. The main attack with originates from the threat indicate interception
of resources , no proper planning or adaptation is inaccurate, leak of data due to application
based on web ( mainly APIs) (Lykou, 2016). Indivisibles location, transaction and behaviour
are recorded digitally by means of unprecedented network access among computing platform
and smart devices which act as a contributor in the big data relating to the security concerns.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

8IT RISK MANAGEMENT
The nature of these attack are hostile. The main goal of the attack is the gain related to
financial which incorporates higher skills. Organisation of cybercriminals are on the ground
of local, international and even national level or stage. These agents politically and socially
motivate an individual when using the network or the system of the computer resources for
promoting and protesting cause with regards to the damage. The general target are the high
profile websites along with the intelligence military institutions and agencies (Barnard-Wills,
Marinos&Portesi, 2014).
Question 3
Identify and discuss the key Threat Agents. What could be done to minimize their impact
on the system? Based on the data provided, discuss the trends in threat probability.
ENISA threat landscape stated that, the threat agent as “someone or something with
decent capability, a clear intention in order to manifest a threat and a record of the past
activities with its regard” the organisation in any field should be aware of the threat with its
emerging and from which threat group that are mainly emerging and which focus on the
group from which is originates (Brender& Markov, 2013). There are different categories by
which threats can be divided in:
Corporation: This category mainly refers to the organisation or enterprise that may be
engaged in the activity or engaged in any adapted tactics that may be considered offensive
and unethical to any enterprise (Le Bray, Mayer &Aubert, 2016). These agents can be
considered as hostile agent that they are the main motive of building an advantage in the
competitive advantage over their own competitors. The main target are generally sorted and
the focus point of access is the size and the sectors the enterprise possess capability to the
area with their significance, as well as from the access area of the aspect of the technology
with regards to the intelligence human engineering in the expertise field (Olesen, 2016).

9IT RISK MANAGEMENT
Cyber Terrorism: The threat agent motivation in this field can be either political or
religious, that expands the engagement of the cyber-attacks (Lévy-Bencheton et al., 2015).
The preferring target with the cyber terrorist can be mainly over the infrastructure which are
critical for example energy production, telecommunication or health care system related to
public. This infrastructure which can be stated as complex is chosen generally since the
failure with regards to the organisation can be affected by chaos and can have a severe impact
in the society and in the government (Bugeja, Jacobsson&Davidsson, 2017).
Cyber Criminals: The agent of threat is hostile in nature. The goal of this threat associated
activity is the gain which is related to the financial which mainly has higher level of skills.
Cyber criminals can be manipulated or implemented on a national, local and even
international level.
Script Kiddies: They are mainly unskilled, they usually use scripts and program developed.
They mainly attack the computer system or the network as well as websites.
Employee: With emphasis on the deterioration of the organisation sometimes the employee,
the access to the resource of the company from the inside and hence taking into consideration
as both non hostile and non-hostile agent. This agent mainly include operational staff,
contactors, staff and normal working people. A considerable amount of knowledge is
required for this domain of threat, which help them in successfully incorporating the attack
effectiveness against the asset with regards to the company (Belmonte Martin et al., 2015).
Nation State: Offensive capability with the agents in the security of cyber is seen in this
scenario and may be implemented over an enterprise or a group.
With emphasis on the data which is provided the trend which is followed in the threat
probability can be explained that:

10IT RISK MANAGEMENT
a. Cyber criminals, cyber terrorists, corporate mainly affects the data leak which is
mainly through web application having a APIs which is secured, information
interception, fraud identification, Denial of service (DOI), malicious validation fo
code and use of certificate related to rogue.
b. The damaged which is considered damaged has been taken into consideration by the
script kiddies as they are very much unskilled.
c. Inadequate design, planning or improperly adaptation of the technique, misuse of
tools related to the audit, failure of the process of business, breach related to
legislation or abuse related to personal data that directly threaten the employee.
Question 4
How could the ETL process be improved? Discuss.
The threat related to the threat taxonomy as implemented by ENISA threat landscape
group and this mainly incorporates threat that are mainly applicable for the assists related to
the big data and these can be implemented and improved by the following ways:
 Cache the various data: Caching the data can be used to increasingly increase the
speed of the things. This is due to the factor that memory access perform in a faster
way than the hard drives. It can be stated caching can be limited by maximizing the
amount of the memory that is supported by an individual hardware.
 Load data incrementally: This mainly changes the load between the new and the data
which is previously maintained this may result in saving lot of time as when it is
compared to full load. Maintaining the implementation is very much difficult but it
has to be taken into consideration that it’s difficult but not impossible.
 Use of Hadoop: Apache Hadoop is an open source software which is a library which
includes software. This allows the process of distribution of large set of data across

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

11IT RISK MANAGEMENT
the cluster of computer by simply using program models (Lehto, 2015). It is mainly
designed in order to scale up from one- to multiple machine which is from multiple
server to single server or machines which many offers computation and local storage .
Question 5
To sum up, should ENISA be satisfied with its current state of IT Security? Why? Or Why
not?
The security infrastructure as per the ENISA Big data has few points of consideration:
 Network protocol to application level protocol should be considered as a trusted
components which always be used in the level of the system of the information, which
is usually based on the keep aspect of strong technique of encryption and
management. Some of the example of the infrastructure which is trusted are secure
protocol related to communication, infrastructure authentication public key
components and many more related issues.
 Considering the emerging security issue which is directly related to big data it can be
considered as being on top. Consequences of cloud computing, internet subscriptions
and social technologies. This can be related to a new emerging trend when it is related
to the security issue.
 The unauthorized user’s access can directly affect the security aspect of the big data’s
data which is stored in the server. But when taking into consideration about the
advertisement, exploitation related to big data which may invite new kinds of attack
vectors.

12IT RISK MANAGEMENT
Conclusion
It can be concluded that big data even though the term “ threat” implies that
something problematic is with its direct occurrence, but on the other hand the scenario may
be projected in a way that complex strategies can be sometimes be subjected to threat. It has
been formally discussed in the report putting emphasis on the big data security aspect with it
is direct implementation in the organisation sector. The main idea behind the concept of big
data is that the storage of the data should be considered as the main aspect of improving the
overall concept of the big data.

13IT RISK MANAGEMENT
References
Barnard-Wills, D. (2014). ENISA Threat Landscape and Good Practice Guide for Smart
Home and Converged Media. ENISA (The European Network and Information
Security Agency).
Barnard-Wills, D., Marinos, L., &Portesi, S. (2014). Threat landscape and good practice guide for
smart home and converged media. European Union Agency for Network and Information
Security, ENISA.
Belmonte Martin, A., Marinos, L., Rekleitis, E., Spanoudakis, G., &Petroulakis, N. E. (2015). Threat
Landscape and Good Practice Guide for Software Defined Networks/5G.
Brender, N., & Markov, I. (2013). Risk perception and risk management in cloud computing: Results
from a case study of Swiss companies. International journal of information
management, 33(5), 726-733.
Bugeja, J., Jacobsson, A., &Davidsson, P. (2017, March). An analysis of malicious threat agents for
the smart connected home. In Pervasive Computing and Communications Workshops
(PerCom Workshops), 2017 IEEE International Conference on (pp. 557-562). IEEE.
Cho, H., Yoon, K., Choi, S., & Kim, Y. M. (2016). Automatic Binary Execution Environment based on
Real-machines for Intelligent Malware Analysis. KIISE Transactions on Computing
Practices, 22(3), 139-144.
Gorton, D. (2015). IncidentResponseSim: An agent-based simulation tool for risk management of
online Fraud. In Secure IT Systems (pp. 172-187). Springer, Cham.
Karchefsky, S., & Rao, H. R. (2017). Toward a Safer Tomorrow: Cybersecurity and Critical
Infrastructure. In The Palgrave Handbook of Managing Continuous Business
Transformation (pp. 335-352). Palgrave Macmillan UK.
Le Bray, Y., Mayer, N., &Aubert, J. (2016, April). Defining measurements for analyzing information
security risk reports in the telecommunications sector. In Proceedings of the 31st Annual
ACM Symposium on Applied Computing(pp. 2189-2194). ACM.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

14IT RISK MANAGEMENT
Lehto, M. (2015). Phenomena in the Cyber World. In Cyber Security: Analytics, Technology and
Automation (pp. 3-29). Springer International Publishing.
Lévy-Bencheton, C., Marinos, L., Mattioli, R., King, T., Dietzel, C., &Stumpf, J. (2015). Threat
landscape and good practice guide for internet infrastructure. Report, European Union
Agency for Network and Information Security (ENISA).
Lévy-Bencheton, C., Marinos, L., Mattioli, R., King, T., Dietzel, C., &Stumpf, J. (2015). Threat
landscape and good practice guide for internet infrastructure. Report, European Union
Agency for Network and Information Security (ENISA).
Lykou, G. (2016). Critical Infrastructure Protection: Protecting Public Welfare.
Marinos, L. (2013). ENISA Threat Landscape 2013: Overview of current and emerging
cyber-threats. Heraklion: European Union Agency for Network and Information
Security Publishing. doi, 10, 14231.
Marinos, L., Belmonte, A., &Rekleitis, E. (2014). ENISA Threat Landscape Report 2013. European
Union Agency for Network and Information Security.
Marinos, L., Belmonte, A., &Rekleitis, E. (2014). ENISA Threat Landscape 2015. Heraklion, Greece:
ENISA. doi, 10, 061861.
Olesen, N. (2016). European Public-Private Partnerships on Cybersecurity-An Instrument to Support
the Fight Against Cybercrime and Cyberterrorism. In Combatting Cybercrime and
Cyberterrorism (pp. 259-278). Springer International Publishing.
Rhee, K., Won, D., Jang, S. W., Chae, S., & Park, S. (2013). Threat modeling of a mobile device
management system for secure smart work. Electronic Commerce Research, 13(3), 243-256.
Scott, K. (2016, November). Phobic Cartography: a Human-Centred, Communicative Analysis of the
Cyber Threat Landscape.
Wang, Y., Anokhin, O., &Anderl, R. (2017). Concept and use Case Driven Approach for Mapping IT
Security Requirements on System Assets and Processes in Industrie 4.0. Procedia CIRP, 63,
207-212.

15IT RISK MANAGEMENT

1 out of 15

+13062052269

info@desklib.com

Why? Or Why not?

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Cybersecurity and Critical Infrastructure

Exploring Cybersecurity Threat Landscape and Good Practices

ENISA's Satisfaction with Current State of IT Security

Cybersecurity and Critical Infrastructure

ENISA Threat Landscape

Preventing Insider Threats in Cyber Space: Implementing Strong Hashing Functions