University Risk Management Report: Big Data Security at ENISA
VerifiedAdded on  2020/02/19
|16
|3327
|50
Report
AI Summary
This report provides a detailed analysis of risk management within the context of big data, focusing on the European Union Agency for Cybersecurity (ENISA). It begins by outlining ENISA's big data security infrastructure and then delves into the top threats, including information leakage, data breaches via web applications, and inadequate design or planning. The report identifies key threat agents such as corporations, cybercriminals, cyber terrorists, and employees, assessing their potential impact and threat probability. It also explores methods for minimizing the impact of threats, including cryptography, improved security design, access control, and staff training. Furthermore, the report examines the ETL (Extract, Transform, Load) process, offering techniques to improve its efficiency and security, such as tackling bottlenecks, incremental loading, table partitioning, and the use of cache data. Overall, the report emphasizes the significance of data loss due to malicious code and software activity as the most critical threat, underscoring the need for robust security measures to protect sensitive information and maintain data integrity.
Running head: RISK MANAGEMENT
Risk Management
Name of the Student
Name of the University
Author’s Note
Table of Contents
Risk Management
Name of the Student
Name of the University
Author’s Note
Table of Contents
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
RISK MANAGEMENT
Introduction..........................................................................................................................3
1. ENISA Big Data Security Infrastructure.........................................................................3
2. Top Threats in Enisa and their significance....................................................................5
2.1. Threat due to Information leakage............................................................................5
2.2. Threat due to leaks of data via web application.......................................................5
2.3. Threat due to inadequate design and planning or incorrect adaption.......................6
2.4. Most significant Threat.............................................................................................7
3. Threat agents, impact and threat probability...................................................................7
3.1. Key Threat Agents....................................................................................................7
3.1.1. Threat Agent: Corporation.................................................................................8
3.1.2. Threat Agent: Cyber criminals..........................................................................8
3.1.3. Threat Agent: Cyber terrorists...........................................................................8
3.1.4. Threat Agent: Script kiddies..............................................................................8
3.1.5. Threat Agent: Hacktivists or online social hackers...........................................8
3.1.6. Threat Agent: Employees..................................................................................9
3.1.7. Threat Agent: Nation States...............................................................................9
3.2. Minimizing the impact of threat...............................................................................9
3.3. Trends in threat probability....................................................................................10
4. Improving ETL process.................................................................................................10
5. Current State of IT security...........................................................................................11
Introduction..........................................................................................................................3
1. ENISA Big Data Security Infrastructure.........................................................................3
2. Top Threats in Enisa and their significance....................................................................5
2.1. Threat due to Information leakage............................................................................5
2.2. Threat due to leaks of data via web application.......................................................5
2.3. Threat due to inadequate design and planning or incorrect adaption.......................6
2.4. Most significant Threat.............................................................................................7
3. Threat agents, impact and threat probability...................................................................7
3.1. Key Threat Agents....................................................................................................7
3.1.1. Threat Agent: Corporation.................................................................................8
3.1.2. Threat Agent: Cyber criminals..........................................................................8
3.1.3. Threat Agent: Cyber terrorists...........................................................................8
3.1.4. Threat Agent: Script kiddies..............................................................................8
3.1.5. Threat Agent: Hacktivists or online social hackers...........................................8
3.1.6. Threat Agent: Employees..................................................................................9
3.1.7. Threat Agent: Nation States...............................................................................9
3.2. Minimizing the impact of threat...............................................................................9
3.3. Trends in threat probability....................................................................................10
4. Improving ETL process.................................................................................................10
5. Current State of IT security...........................................................................................11
RISK MANAGEMENT
Conclusion.........................................................................................................................13
References..........................................................................................................................14
Conclusion.........................................................................................................................13
References..........................................................................................................................14
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
RISK MANAGEMENT
Introduction
The term big data corresponds to the vast amount of data and information present within
a system, which can be utilized for different purposes. The stored data can be analyzed
computationally to reveal the different patterns and trends associated with the human behaviors.
Big data deals with voluminous amounts data both structured and unstructured that different
organizations can use for business purposes (Wu et al., 2014). A wide range of audience can
access this data and therefore, different security and privacy issues remain associated with the
storage of massive amount of digital information. Therefore, different security measures are
needed to be ensured in order maintain the privacy and the integrity of the data. Enisa is facing a
similar big data threat and this report discusses the different threats. The report elaborates the top
threats associated with the organization and the key threat agent (Inukollu, Arsi & Ravuri, 2014).
The report further discusses the steps that could be taken to minimize the impact of the threats on
the system.
1. ENISA Big Data Security Infrastructure
Introduction
The term big data corresponds to the vast amount of data and information present within
a system, which can be utilized for different purposes. The stored data can be analyzed
computationally to reveal the different patterns and trends associated with the human behaviors.
Big data deals with voluminous amounts data both structured and unstructured that different
organizations can use for business purposes (Wu et al., 2014). A wide range of audience can
access this data and therefore, different security and privacy issues remain associated with the
storage of massive amount of digital information. Therefore, different security measures are
needed to be ensured in order maintain the privacy and the integrity of the data. Enisa is facing a
similar big data threat and this report discusses the different threats. The report elaborates the top
threats associated with the organization and the key threat agent (Inukollu, Arsi & Ravuri, 2014).
The report further discusses the steps that could be taken to minimize the impact of the threats on
the system.
1. ENISA Big Data Security Infrastructure
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
RISK MANAGEMENT
RISK MANAGEMENT
Figure 1: Representing the ENISA big data security Infrastructure
(Source: created by author using MS Visio)
2. Top Threats in Enisa and their significance
The threats associated with the Big data architecture of Enisa is mainly due to the
information leakage due to human errors, unintentional intervention and erroneous use of
administration of system. The top threats associated with Enisa and their significance are
elaborated below ( ENISA 2017)-
2.1. Threat due to Information leakage
This threat is can be classified as accidental threats. Accidental threats are those threats
that are caused mainly due to human error. The major reason of the this threat is erroneous
configuration of the system, clerical errors, poor patch management and use of default user id
and passwords.
The most common source of information leakage is however due to erroneous
configuration.
The assets of the organization that are mainly affected by these threats include data and
application back end services.
2.2. Threat due to leaks of data via web application
Figure 1: Representing the ENISA big data security Infrastructure
(Source: created by author using MS Visio)
2. Top Threats in Enisa and their significance
The threats associated with the Big data architecture of Enisa is mainly due to the
information leakage due to human errors, unintentional intervention and erroneous use of
administration of system. The top threats associated with Enisa and their significance are
elaborated below ( ENISA 2017)-
2.1. Threat due to Information leakage
This threat is can be classified as accidental threats. Accidental threats are those threats
that are caused mainly due to human error. The major reason of the this threat is erroneous
configuration of the system, clerical errors, poor patch management and use of default user id
and passwords.
The most common source of information leakage is however due to erroneous
configuration.
The assets of the organization that are mainly affected by these threats include data and
application back end services.
2.2. Threat due to leaks of data via web application
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
RISK MANAGEMENT
This is another top threat associated with the system. Big data is often built with little
security and unsecure APIs therefore can be a major reason of data loss. APIs can be vulnerable
for big data as major big data applications are built on web services models.
CA has reported numerous data breaches in big data due to the use of insecure APIs,
especially in social networks, photo and video sharing services like Facebook and Snapchat.
The threat in this category may deal with injection attacks to different semantic web
technologies with the help of SPARQL. Security threats and errors are common in big data
language like SPARQL. The increasing use of these query language is responsible for
introducing new vulnerabilities into the system. The attack on old query language is well known
and therefore can be easily identified; however, they are equally dangerous.
The assets of the organization that are mainly affected by these threats include data and
storage infrastructure models.
2.3. Threat due to inadequate design and planning or incorrect adaption
The different techniques used for improving the Big data analytics performance and
combination of the heterogeneous data sources increase the number of redundancies in
representation of data and generating the ill protected copies of the data as well. This increases
the vulnerabilities of the stored data. This happens during the replication of the data. Considering
an example, if big data storage replicates the records a number of times and distributes in
different channels, the nodes may end up in acquiring different levels of security robustness. This
in turn may increase the possibility of data threats, which includes data disclosure and data leaks.
Therefore, this is categorized as a specific weakness in big data design.
This is another top threat associated with the system. Big data is often built with little
security and unsecure APIs therefore can be a major reason of data loss. APIs can be vulnerable
for big data as major big data applications are built on web services models.
CA has reported numerous data breaches in big data due to the use of insecure APIs,
especially in social networks, photo and video sharing services like Facebook and Snapchat.
The threat in this category may deal with injection attacks to different semantic web
technologies with the help of SPARQL. Security threats and errors are common in big data
language like SPARQL. The increasing use of these query language is responsible for
introducing new vulnerabilities into the system. The attack on old query language is well known
and therefore can be easily identified; however, they are equally dangerous.
The assets of the organization that are mainly affected by these threats include data and
storage infrastructure models.
2.3. Threat due to inadequate design and planning or incorrect adaption
The different techniques used for improving the Big data analytics performance and
combination of the heterogeneous data sources increase the number of redundancies in
representation of data and generating the ill protected copies of the data as well. This increases
the vulnerabilities of the stored data. This happens during the replication of the data. Considering
an example, if big data storage replicates the records a number of times and distributes in
different channels, the nodes may end up in acquiring different levels of security robustness. This
in turn may increase the possibility of data threats, which includes data disclosure and data leaks.
Therefore, this is categorized as a specific weakness in big data design.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
RISK MANAGEMENT
The assets of the organization that are mainly affected by these threats include data, big
data analytics, software, computing infrastructure models and storage infrastructure models.
2.4. Most significant Threat
The most significant threat associated with the big data is definitely data loss due to the
malicious code and software activity. The different agents of this threat include exploit kits,
worms, Trojans, backdoors and trapdoors, service spoofing and injection attacks. The API
vulnerability also counts in this threat (Chen & Zhao, 2012).
This threat is most significant because after deploying the malicious code into the system
with any of the discussed methods, the attacker may manipulate the data present in the infected
devices leading to a significant data loss. The malware-infected nodes of these files can send
targeted commands to different servers in order to distribute the malicious code, thus leading to
the exposure to number of risks. Numerous examples can be cited of hacking of big data using
malicious code attack. This type of attack is significantly dangerous as the attacker has the power
to manipulate the data using by running the malicious code (Pavlyushchik, 2014).
3. Threat agents, impact and threat probability
The key threat agents, impact of the threat and the threat probability are elaborated in the
following paragraphs-
3.1. Key Threat Agents
The threats or a malicious act is implemented with the help of certain malicious agents or
medium, which is termed as threat agents. The different threat agents associated with this case
are listed below-
The assets of the organization that are mainly affected by these threats include data, big
data analytics, software, computing infrastructure models and storage infrastructure models.
2.4. Most significant Threat
The most significant threat associated with the big data is definitely data loss due to the
malicious code and software activity. The different agents of this threat include exploit kits,
worms, Trojans, backdoors and trapdoors, service spoofing and injection attacks. The API
vulnerability also counts in this threat (Chen & Zhao, 2012).
This threat is most significant because after deploying the malicious code into the system
with any of the discussed methods, the attacker may manipulate the data present in the infected
devices leading to a significant data loss. The malware-infected nodes of these files can send
targeted commands to different servers in order to distribute the malicious code, thus leading to
the exposure to number of risks. Numerous examples can be cited of hacking of big data using
malicious code attack. This type of attack is significantly dangerous as the attacker has the power
to manipulate the data using by running the malicious code (Pavlyushchik, 2014).
3. Threat agents, impact and threat probability
The key threat agents, impact of the threat and the threat probability are elaborated in the
following paragraphs-
3.1. Key Threat Agents
The threats or a malicious act is implemented with the help of certain malicious agents or
medium, which is termed as threat agents. The different threat agents associated with this case
are listed below-
RISK MANAGEMENT
3.1.1. Threat Agent: Corporation
One of the major threat agents associated with the big data threat is the organizations and
enterprises that engage in offensive tactics to gain competitive advantage over their competitors.
These organizations or enterprises pose significant capabilities in technology and human
engineering intelligence (ENISA 2017).
3.1.2. Threat Agent: Cyber criminals
Cyber criminals are another or may be the most significant threat agent. Their motivation
of engaging into criminal acts is mainly financial gain and therefore they can go to any extent
and therefore, the risk associated with this type of threat is generally very high.
3.1.3. Threat Agent: Cyber terrorists
The cyber terrorists are one of the most dangerous threat agents. The motivation of the
cyber terrorists in implementing and spreading these threats include political and religious
reasons. The main target of cyber terrorist is critical infrastructures that include public health,
energy production and telecommunication. This is because; failure of these organizations causes
severe impact in society and government, thus fulfilling the main aim of the cyber terrorists
(Taylor, Fritsch & Liederbach, 2014).
3.1.4. Threat Agent: Script kiddies
This is a non-significant threat agent as script kiddies mainly use programs and codes
developed by others to plan and implement an attack.
3.1.5. Threat Agent: Hacktivists or online social hackers
3.1.1. Threat Agent: Corporation
One of the major threat agents associated with the big data threat is the organizations and
enterprises that engage in offensive tactics to gain competitive advantage over their competitors.
These organizations or enterprises pose significant capabilities in technology and human
engineering intelligence (ENISA 2017).
3.1.2. Threat Agent: Cyber criminals
Cyber criminals are another or may be the most significant threat agent. Their motivation
of engaging into criminal acts is mainly financial gain and therefore they can go to any extent
and therefore, the risk associated with this type of threat is generally very high.
3.1.3. Threat Agent: Cyber terrorists
The cyber terrorists are one of the most dangerous threat agents. The motivation of the
cyber terrorists in implementing and spreading these threats include political and religious
reasons. The main target of cyber terrorist is critical infrastructures that include public health,
energy production and telecommunication. This is because; failure of these organizations causes
severe impact in society and government, thus fulfilling the main aim of the cyber terrorists
(Taylor, Fritsch & Liederbach, 2014).
3.1.4. Threat Agent: Script kiddies
This is a non-significant threat agent as script kiddies mainly use programs and codes
developed by others to plan and implement an attack.
3.1.5. Threat Agent: Hacktivists or online social hackers
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
RISK MANAGEMENT
This threat agent makes us of the computer systems to protest and promote their views.
The main targets of hacktivists are high profile websites, corporations, intelligence agencies and
military institution.
3.1.6. Threat Agent: Employees
This refers to the staff, contractors and the operational staffs of an organization. This
threat includes data manipulation or erroneous data entry. Moreover, this threat agent has a
significant knowledge about the effective attacks in the assets present in an organization and
therefore considered as a dangerous threat.
3.1.7. Threat Agent: Nation States
This threat agent has an increasing cyber capability, which can be used against and
adversary. They are considered as a prominent threat agent due to the launching of sophisticated
attacks using different cyber weapons. The sophistication of this attack prove that Nation State
have high level of skill and expertise.
3.2. Minimizing the impact of threat
In order to minimize the impact of the discusses threat on the system, different measures
should be undertaken. The different measures that can be taken to to minimize the impact of the
threat are listed below-
1) Cryptography: in order to deal with the unintentional leakage and loss of information,
securing the information with proper cryptographic methods can be beneficial. Cryptography
further more prevents the unauthorized access of sensitive and confidential data. However, there
are certain issues associated with the use of cryptography in Big data, which includes protection
This threat agent makes us of the computer systems to protest and promote their views.
The main targets of hacktivists are high profile websites, corporations, intelligence agencies and
military institution.
3.1.6. Threat Agent: Employees
This refers to the staff, contractors and the operational staffs of an organization. This
threat includes data manipulation or erroneous data entry. Moreover, this threat agent has a
significant knowledge about the effective attacks in the assets present in an organization and
therefore considered as a dangerous threat.
3.1.7. Threat Agent: Nation States
This threat agent has an increasing cyber capability, which can be used against and
adversary. They are considered as a prominent threat agent due to the launching of sophisticated
attacks using different cyber weapons. The sophistication of this attack prove that Nation State
have high level of skill and expertise.
3.2. Minimizing the impact of threat
In order to minimize the impact of the discusses threat on the system, different measures
should be undertaken. The different measures that can be taken to to minimize the impact of the
threat are listed below-
1) Cryptography: in order to deal with the unintentional leakage and loss of information,
securing the information with proper cryptographic methods can be beneficial. Cryptography
further more prevents the unauthorized access of sensitive and confidential data. However, there
are certain issues associated with the use of cryptography in Big data, which includes protection
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
RISK MANAGEMENT
of sensitive information and maintaining the performance along with protecting logical and
physical fragments apart from files and disks (Stallings & Tahiliani, 2014).
2) Better security design can further help in data protection by preventing the data risks
associated with unsecure APIs. This can help in data protection with regular integrity checks.
3) Access Control: Access control is a significant area of big data. Information
classification and access control can help in limiting the access of data into the system. The host
of big data, which is cloud provider, should implement access control to fight the loss of data and
data breaches. Moreover, the use of strong hashing functions such as SHA-256 can help
securing the big data (Brucker et al., 2012).
4) Training the staffs can be an effective method of controlling the data loss due to
human error. Information security awareness, education and training is essential for ensuring
data security in big data.
3.3. Trends in threat probability
The threat probability of manipulation of data with due to the effect of malicious code
injected into the system is very high. The probability of this threat is high because it is the most
common method of manipulating the big data. Different threat agents are involved with this
threat, which makes the effect of the threat more dangerous. The probability of threat due to
erroneous data entry is very low and it can be eliminated as well.
4. Improving ETL process
ETL is used as a short form for extract, transform and load, which are three main
database functions. This is a process of data warehousing which is responsible for taking data out
of sensitive information and maintaining the performance along with protecting logical and
physical fragments apart from files and disks (Stallings & Tahiliani, 2014).
2) Better security design can further help in data protection by preventing the data risks
associated with unsecure APIs. This can help in data protection with regular integrity checks.
3) Access Control: Access control is a significant area of big data. Information
classification and access control can help in limiting the access of data into the system. The host
of big data, which is cloud provider, should implement access control to fight the loss of data and
data breaches. Moreover, the use of strong hashing functions such as SHA-256 can help
securing the big data (Brucker et al., 2012).
4) Training the staffs can be an effective method of controlling the data loss due to
human error. Information security awareness, education and training is essential for ensuring
data security in big data.
3.3. Trends in threat probability
The threat probability of manipulation of data with due to the effect of malicious code
injected into the system is very high. The probability of this threat is high because it is the most
common method of manipulating the big data. Different threat agents are involved with this
threat, which makes the effect of the threat more dangerous. The probability of threat due to
erroneous data entry is very low and it can be eliminated as well.
4. Improving ETL process
ETL is used as a short form for extract, transform and load, which are three main
database functions. This is a process of data warehousing which is responsible for taking data out
RISK MANAGEMENT
of the system and transferring it into the warehouse. The different methods that can be used to
improve the ETL process are listed below (Kimball & Ross, 2013)-
1) An important technique of improving the ETL process is tackling the bottlenecks. This
can be done by maintaining a log metrics such as time, number of records and hardware usage.
The resources each process is accessing should be estimated beforehand in order to tackle this
problem.
2) Another significant technique of improving the ETL process is loading the data into
the system incrementally. This means, only the changes between the previous data and the new
data are to be changed. This reduces the threat of erroneous data entry. It is although a bit
difficult to implement, it helps in improving the process of ETL and in removal of threats.
3) Large tables can be partitioned in order to improve the processing of data. A large
table is cut down into smaller tables that help in data better management of data and elimination
of threat as well.
4) The extraneous data is not uploaded into the warehouse. Elimination of irrelevant data
helps in improving the performance of ETL.
5) Use of cache data may help in improving the ETL process. This is because, the cache
memory helps in speeding up of the things and process in an effective way. However, caching
largely depends on the system and the amount of memory the system support and therefore this
may not be that effective for systems with low data storage.
5. Current State of IT security
of the system and transferring it into the warehouse. The different methods that can be used to
improve the ETL process are listed below (Kimball & Ross, 2013)-
1) An important technique of improving the ETL process is tackling the bottlenecks. This
can be done by maintaining a log metrics such as time, number of records and hardware usage.
The resources each process is accessing should be estimated beforehand in order to tackle this
problem.
2) Another significant technique of improving the ETL process is loading the data into
the system incrementally. This means, only the changes between the previous data and the new
data are to be changed. This reduces the threat of erroneous data entry. It is although a bit
difficult to implement, it helps in improving the process of ETL and in removal of threats.
3) Large tables can be partitioned in order to improve the processing of data. A large
table is cut down into smaller tables that help in data better management of data and elimination
of threat as well.
4) The extraneous data is not uploaded into the warehouse. Elimination of irrelevant data
helps in improving the performance of ETL.
5) Use of cache data may help in improving the ETL process. This is because, the cache
memory helps in speeding up of the things and process in an effective way. However, caching
largely depends on the system and the amount of memory the system support and therefore this
may not be that effective for systems with low data storage.
5. Current State of IT security
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 16
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.