University Risk Analysis and Security: ENISA Case Study Report
VerifiedAdded on 2019/11/26
|15
|3776
|213
Report
AI Summary
This report presents a comprehensive analysis of the European Union Agency for Network and Information Security (ENISA) case study, focusing on risk analysis and security within a big data environment. It begins with an overview of ENISA's big data security infrastructure, illustrating its components and functions. The report then identifies and categorizes the top threats faced by ENISA, including unintentional, legal, organizational, intentional, and hijacking/interception threats, with a particular emphasis on the severity of malicious software. Key threat agents, such as cybercriminals, are discussed along with methods to minimize their impact. The report also touches upon ETL process improvements and the overall IT security of ENISA. The case study highlights the importance of risk management and the implementation of various security measures, such as cryptography and firewalls, to ensure data integrity, confidentiality, and availability.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
Risk Analysis and Security: ENISA Case Study
Name of the Student
Name of University
Author’s note
Risk Analysis and Security: ENISA Case Study
Name of the Student
Name of University
Author’s note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
Table of Contents
Introduction......................................................................................................................................2
1. Overview of ENISA Case Study and Illustration of ENISA Big Data Security Infrastructure. 2
2. The Top Threats in ENISA..........................................................................................................5
3. Key Threat Agents and Ways to Minimize their Impact.............................................................9
4. ETL Process Improvement........................................................................................................10
5. IT Security of ENISA...............................................................................................................11
Conclusion.....................................................................................................................................11
References......................................................................................................................................12
Table of Contents
Introduction......................................................................................................................................2
1. Overview of ENISA Case Study and Illustration of ENISA Big Data Security Infrastructure. 2
2. The Top Threats in ENISA..........................................................................................................5
3. Key Threat Agents and Ways to Minimize their Impact.............................................................9
4. ETL Process Improvement........................................................................................................10
5. IT Security of ENISA...............................................................................................................11
Conclusion.....................................................................................................................................11
References......................................................................................................................................12
2RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
Introduction
ENISA stands for European Union Agency for Network and Information Security. It is
known be centre part or core of the expertise of information security of network. ENISA is
responsible for the development of communities across the borders. It provides great support to
the members of EU and helps to implement EU legislation. They have big data that is a huge
collection of set of data. The big data is analyzed in details to find patterns. Implementation of
risk management is mandatory for every organization for effective operation (Mahajan, Gaba &
Chauhan, 2016).
This report discusses about the several top threats that exist in ENISA. It also talks about
the most significant threat among the rest. This report points out the main threat agents (Kao et
al. 2014).The case study’s overview is provided along with the security infrastructure of ENISA.
Risk or threat minimization methods have also been discussed here. Improvement process of
ETL is explained in brief. At the end of the report it says gives an explanation why ENISA is
satisfied with its existing security infrastructure or not.
1. Overview of ENISA Case Study and Illustration of ENISA Big Data
Security Infrastructure
Big data is used in ENISA. Big data contains a collection of information. Data is
integrated from several functional departments in order to point out any type of commonality so
that customer or consumer preferences can be identified. In this case of ENISA, there are many
threats of top level that are playing role (Patil & Seshadri, 2014). Big data analytics figures out
Introduction
ENISA stands for European Union Agency for Network and Information Security. It is
known be centre part or core of the expertise of information security of network. ENISA is
responsible for the development of communities across the borders. It provides great support to
the members of EU and helps to implement EU legislation. They have big data that is a huge
collection of set of data. The big data is analyzed in details to find patterns. Implementation of
risk management is mandatory for every organization for effective operation (Mahajan, Gaba &
Chauhan, 2016).
This report discusses about the several top threats that exist in ENISA. It also talks about
the most significant threat among the rest. This report points out the main threat agents (Kao et
al. 2014).The case study’s overview is provided along with the security infrastructure of ENISA.
Risk or threat minimization methods have also been discussed here. Improvement process of
ETL is explained in brief. At the end of the report it says gives an explanation why ENISA is
satisfied with its existing security infrastructure or not.
1. Overview of ENISA Case Study and Illustration of ENISA Big Data
Security Infrastructure
Big data is used in ENISA. Big data contains a collection of information. Data is
integrated from several functional departments in order to point out any type of commonality so
that customer or consumer preferences can be identified. In this case of ENISA, there are many
threats of top level that are playing role (Patil & Seshadri, 2014). Big data analytics figures out
3RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
the risk exposure area. Threats occur due to presence of key agents of threat. Risk management is
needed for the risk mitigation purpose. There are five main groups of threats. The privacy factor
of big data plays a major role which focuses on the model for potential development of risk
mitigation and analysis (Patil & Seshadri, 2014). The effectiveness of ENISA will reach the
highest level if they deploy proper strategy for big data analysis. Solutions that are based on
information and communication technology are implemented for the purpose of minimizing the
risk factor in ENISA. The operations will become effective if data and threats are managed in a
proper way (Vatsalan et al., 2017). There is a gap analysis presented in this case study of ENISA.
The comparison of threats with their countermeasures is done in gap analysis. Data is oriented in
the traditional data threats. There needs to be replacement of the legacy system with big data.
The big data architecture, environment, assets as well as taxonomy are discussed in this case
study. The key agents of threats are pointed out. Cryptography is the main mitigation scheme
that is deployed by ENISA. These mitigation scheme falls under the category of good practices
that are present in the case study.
The main aim for protecting data is to bring about four main characteristics of data like
integrity, non repudiation, availability as well as confidentiality.
the risk exposure area. Threats occur due to presence of key agents of threat. Risk management is
needed for the risk mitigation purpose. There are five main groups of threats. The privacy factor
of big data plays a major role which focuses on the model for potential development of risk
mitigation and analysis (Patil & Seshadri, 2014). The effectiveness of ENISA will reach the
highest level if they deploy proper strategy for big data analysis. Solutions that are based on
information and communication technology are implemented for the purpose of minimizing the
risk factor in ENISA. The operations will become effective if data and threats are managed in a
proper way (Vatsalan et al., 2017). There is a gap analysis presented in this case study of ENISA.
The comparison of threats with their countermeasures is done in gap analysis. Data is oriented in
the traditional data threats. There needs to be replacement of the legacy system with big data.
The big data architecture, environment, assets as well as taxonomy are discussed in this case
study. The key agents of threats are pointed out. Cryptography is the main mitigation scheme
that is deployed by ENISA. These mitigation scheme falls under the category of good practices
that are present in the case study.
The main aim for protecting data is to bring about four main characteristics of data like
integrity, non repudiation, availability as well as confidentiality.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
Figure 1: ENISA Big Data security infrastructure diagram
(Source: Created by the author in Ms-Visio)
The diagram that is presented above depicts the security infrastructure of the big data
security of ENISA. The purpose of any infrastructure of security is to process information in an
efficient and safe manner (Patil & Seshadri, 2014). There are structured, unstructured as well as
semi structured data. Structured data are the records in the database. Messages and logs fall
under the category of messages and logs. Other forms of data are volatile and streaming data.
The infrastructure consists of virtualized components, devices and hardware resources. The
infrastructural model for computing and storage deals with the computational as well as storage
mechanism respectively. Big data analytics deal with algorithms and protocols that help in
analyzing data in an effective manner. The privacy and security techniques are used for securing
Figure 1: ENISA Big Data security infrastructure diagram
(Source: Created by the author in Ms-Visio)
The diagram that is presented above depicts the security infrastructure of the big data
security of ENISA. The purpose of any infrastructure of security is to process information in an
efficient and safe manner (Patil & Seshadri, 2014). There are structured, unstructured as well as
semi structured data. Structured data are the records in the database. Messages and logs fall
under the category of messages and logs. Other forms of data are volatile and streaming data.
The infrastructure consists of virtualized components, devices and hardware resources. The
infrastructural model for computing and storage deals with the computational as well as storage
mechanism respectively. Big data analytics deal with algorithms and protocols that help in
analyzing data in an effective manner. The privacy and security techniques are used for securing
5RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
the different types of asset involved in ENISA. The key agents are responsible for occurrence of
threat. The security infrastructure consists of the various threat mitigation strategies that can be
deployed in the organization. Cryptography is considered to be the most vital type of measure
that can be taken to overcome any security issues. Encryption can be considered to be the best
security method where the information is modified so that it cannot be accessed by any
unauthenticated source. This plays role in the data storage layer of ENISA. Another security
method is firewall. Firewall can be implemented for protecting the network of an organization
from any outsider attacks (Sagiroglu & Sinanc, 2013). It plays role in the presentation layer.
2. The Top Threats in ENISA
The case study of ENISA has pointed out five top threat groups that are present (Wu et
al., 2014). The different groups of threats are unintentional, legal, organizational, and intentional
as well as hijacking and interception. The description of top threats is given as follows:
1. Accidental Threats: These can also be referred to as unintentional threats of a
company. The cause behind the occurrence of this threat can be misconfiguration if system,
device loss, human errors as well as unintentional intervention. There are no specific motives
behind the occurrence of such threats (Hashem et al., 2015). There are many threats falling under
the category of unintentional threats:
Information leakage: These type threats are unintentional in nature. There are no wrong
intentions behind the leak of information in the system. The employees of a company can make a
wrong entry in the database or there can be a deletion of data by mistake. This can cause problem
in the future. Sometimes there can be major problem when the updated version of software is not
the different types of asset involved in ENISA. The key agents are responsible for occurrence of
threat. The security infrastructure consists of the various threat mitigation strategies that can be
deployed in the organization. Cryptography is considered to be the most vital type of measure
that can be taken to overcome any security issues. Encryption can be considered to be the best
security method where the information is modified so that it cannot be accessed by any
unauthenticated source. This plays role in the data storage layer of ENISA. Another security
method is firewall. Firewall can be implemented for protecting the network of an organization
from any outsider attacks (Sagiroglu & Sinanc, 2013). It plays role in the presentation layer.
2. The Top Threats in ENISA
The case study of ENISA has pointed out five top threat groups that are present (Wu et
al., 2014). The different groups of threats are unintentional, legal, organizational, and intentional
as well as hijacking and interception. The description of top threats is given as follows:
1. Accidental Threats: These can also be referred to as unintentional threats of a
company. The cause behind the occurrence of this threat can be misconfiguration if system,
device loss, human errors as well as unintentional intervention. There are no specific motives
behind the occurrence of such threats (Hashem et al., 2015). There are many threats falling under
the category of unintentional threats:
Information leakage: These type threats are unintentional in nature. There are no wrong
intentions behind the leak of information in the system. The employees of a company can make a
wrong entry in the database or there can be a deletion of data by mistake. This can cause problem
in the future. Sometimes there can be major problem when the updated version of software is not
6RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
used (Erl, Khattak & Buhler, 2016). The system administration also needs to be carried out
properly to maintain system in a proper manner. Most of the threat agents are involved in this
category. Data assets are affected. If the sensitive data are disclosed then this leads to major
issues in organization.
Data leak via Web application: All the key threat agents are involved in this threat
category. Unsecure APIs are the main cause of this type of security threat. Disclosure of
sensitive data to the outside world can lead to major issues. There can be deletion as well as
modification of data that can take place here.
Inappropriate Design: If any system is not designed in a proper way then it has a high
probability of attracting various types of dangerous threats. There must be proper planning for
the designing of infrastructure. Adaptations that are not proper can also lead to major issue. Data
leakage probability increases in this manner (Kim, Trimi & Chung, 2014). Affected assets are
storage infrastructure, data, software, big data as well as computational infrastructure. This can
be considered to be a typical threat category in big data.
2. Hijacking, Interception and Eavesdropping: The communication process is
manipulated or altered in this type of threat. In the case of communication using information and
communication technology, there are high chances of interception between the interacting nodes
in the network. If proper and effective protocols are not implemented then this leads to problem.
There will be integrity as well as confidentiality related issues in the applications that are used
for communication. Applications like back end servers are affected in case of hijacking,
interception as well as eavesdropping.
used (Erl, Khattak & Buhler, 2016). The system administration also needs to be carried out
properly to maintain system in a proper manner. Most of the threat agents are involved in this
category. Data assets are affected. If the sensitive data are disclosed then this leads to major
issues in organization.
Data leak via Web application: All the key threat agents are involved in this threat
category. Unsecure APIs are the main cause of this type of security threat. Disclosure of
sensitive data to the outside world can lead to major issues. There can be deletion as well as
modification of data that can take place here.
Inappropriate Design: If any system is not designed in a proper way then it has a high
probability of attracting various types of dangerous threats. There must be proper planning for
the designing of infrastructure. Adaptations that are not proper can also lead to major issue. Data
leakage probability increases in this manner (Kim, Trimi & Chung, 2014). Affected assets are
storage infrastructure, data, software, big data as well as computational infrastructure. This can
be considered to be a typical threat category in big data.
2. Hijacking, Interception and Eavesdropping: The communication process is
manipulated or altered in this type of threat. In the case of communication using information and
communication technology, there are high chances of interception between the interacting nodes
in the network. If proper and effective protocols are not implemented then this leads to problem.
There will be integrity as well as confidentiality related issues in the applications that are used
for communication. Applications like back end servers are affected in case of hijacking,
interception as well as eavesdropping.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
3. Deliberate or Nefarious Activity: This type of threat falls under the classification of
intentional threat. Here the ICT infrastructure is attempted to be changed. This type of threat
leads to severe problem (Chen & Zhang, 2014). There are many threats falling under the
category of intentional threats:
Indentify Fraud: Big data stores various information integrated from different
departments. Financial information is extremely important to the organization. Big data also
stores personal details. Hackers generally target this type of data to steal sensitive information
for the purpose of exploiting the users. The hackers or attackers can even achieve huge power or
control over the organization in this type of fraud activity. Applications and services that are
associated with back end are the affected assets.
Denial of Services: This is one of the main threats of the big data. The main attacker of
this threat is to consume the resources of the server by keeping it busy in different activities that
are not useful in nature. The server slows down affecting the performance of the server
Malware: Malware stands for malicious software. These malicious programs are
responsible for affecting the information and communication technology process and
components. These malicious programs are built in order to inject in a system and harm the
system. There are different types of malware like viruses, worms as well as Trojan horses.
Remote attackers get the scope to access the data of a system by using the Trojan horse.
Sometimes the attacker can hide their own identity to get access or control over certain
credentials of the system. It has been seen that there are points that are undocumented. Attackers
treat these points as backdoors to enter the system and harm the system. Web attacks are
3. Deliberate or Nefarious Activity: This type of threat falls under the classification of
intentional threat. Here the ICT infrastructure is attempted to be changed. This type of threat
leads to severe problem (Chen & Zhang, 2014). There are many threats falling under the
category of intentional threats:
Indentify Fraud: Big data stores various information integrated from different
departments. Financial information is extremely important to the organization. Big data also
stores personal details. Hackers generally target this type of data to steal sensitive information
for the purpose of exploiting the users. The hackers or attackers can even achieve huge power or
control over the organization in this type of fraud activity. Applications and services that are
associated with back end are the affected assets.
Denial of Services: This is one of the main threats of the big data. The main attacker of
this threat is to consume the resources of the server by keeping it busy in different activities that
are not useful in nature. The server slows down affecting the performance of the server
Malware: Malware stands for malicious software. These malicious programs are
responsible for affecting the information and communication technology process and
components. These malicious programs are built in order to inject in a system and harm the
system. There are different types of malware like viruses, worms as well as Trojan horses.
Remote attackers get the scope to access the data of a system by using the Trojan horse.
Sometimes the attacker can hide their own identity to get access or control over certain
credentials of the system. It has been seen that there are points that are undocumented. Attackers
treat these points as backdoors to enter the system and harm the system. Web attacks are
8RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
extremely harmful category of threats. Sometimes the users download a file from a website. This
file can contain virus that can harm the system.
Business Process and its failure: If the business processes are mismanaged then this
can cause failure of the entire process of business.
4. Legal Threat: If the organization does not obey certain regulations or law that is
enacted by the government then there can be legal proceedings against the company.
5. Organizational Threat: Internal issues in the organization can lead to this problem. The
employees in the company might not be well skilled to tackle all types of situations and
problems.
Among the top threats that have been discussed above. Most significant of all the threats
is the malicious program. It is an extremely harmful type of software. It injects in the system and
modifies or removes the sensitive data present there (Kshetri, 2014). Web attacks are extremely
harmful category of threats. Sometimes the users download a file from a website. This file can
contain virus that can harm the system. There are different types of malware like viruses, worms
as well as Trojan horses. Remote attackers get the scope to access the data of a system by using
the Trojan horse. Sometimes the attacker can hide their own identity to get access or control over
certain credentials of the system. It has been seen that there are points that are undocumented.
Attackers treat these points as backdoors to enter the system and harm the system. The worms
have the capability to duplicate an existing file from the system and sending it to another system
or network. This malicious attack is considered to be significant because there is a complete
wrong intention behind this threat. The attacker aims to delete or misuse the information of a
extremely harmful category of threats. Sometimes the users download a file from a website. This
file can contain virus that can harm the system.
Business Process and its failure: If the business processes are mismanaged then this
can cause failure of the entire process of business.
4. Legal Threat: If the organization does not obey certain regulations or law that is
enacted by the government then there can be legal proceedings against the company.
5. Organizational Threat: Internal issues in the organization can lead to this problem. The
employees in the company might not be well skilled to tackle all types of situations and
problems.
Among the top threats that have been discussed above. Most significant of all the threats
is the malicious program. It is an extremely harmful type of software. It injects in the system and
modifies or removes the sensitive data present there (Kshetri, 2014). Web attacks are extremely
harmful category of threats. Sometimes the users download a file from a website. This file can
contain virus that can harm the system. There are different types of malware like viruses, worms
as well as Trojan horses. Remote attackers get the scope to access the data of a system by using
the Trojan horse. Sometimes the attacker can hide their own identity to get access or control over
certain credentials of the system. It has been seen that there are points that are undocumented.
Attackers treat these points as backdoors to enter the system and harm the system. The worms
have the capability to duplicate an existing file from the system and sending it to another system
or network. This malicious attack is considered to be significant because there is a complete
wrong intention behind this threat. The attacker aims to delete or misuse the information of a
9RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
system or network for its own advantage. The degree of risk in this case is extremely high. This
category of threat is extremely dangerous in nature. Proper implementation of protective as well
as preventive measures can be incorporated in the system to resolve such issues.
3. Key Threat Agents and Ways to Minimize their Impact
The origin of any threat is due to the presence of the threat agents. The threat agents form
the origin for security threats (Lu et al., 2014). Threat agents can take advantage of the weakness
of the system. There are several key agents like:
Cyber criminals: These are hostile agents. They aim to access sensitive financial data of
the system or network.
Cyber terrorists: They are influenced by some regional or political issue. They are
responsible for harming public infrastructures as well as other sectors like telecommunication.
Corporation: Organizations that use wrong tactics become a key agent of threat.
Employees: They fall under the category of insider threat. Sometimes the employees of
the company use the sensitive data and pass the data to other company or network.
Script kiddies: Scripts are developed by several attackers in order to attack the system.
Hacktivists: Some people gain motivation from political issues and try to target websites
and institutes for their benefit.
Nation: Sometimes nations as well as states cause harm to any company or system.
system or network for its own advantage. The degree of risk in this case is extremely high. This
category of threat is extremely dangerous in nature. Proper implementation of protective as well
as preventive measures can be incorporated in the system to resolve such issues.
3. Key Threat Agents and Ways to Minimize their Impact
The origin of any threat is due to the presence of the threat agents. The threat agents form
the origin for security threats (Lu et al., 2014). Threat agents can take advantage of the weakness
of the system. There are several key agents like:
Cyber criminals: These are hostile agents. They aim to access sensitive financial data of
the system or network.
Cyber terrorists: They are influenced by some regional or political issue. They are
responsible for harming public infrastructures as well as other sectors like telecommunication.
Corporation: Organizations that use wrong tactics become a key agent of threat.
Employees: They fall under the category of insider threat. Sometimes the employees of
the company use the sensitive data and pass the data to other company or network.
Script kiddies: Scripts are developed by several attackers in order to attack the system.
Hacktivists: Some people gain motivation from political issues and try to target websites
and institutes for their benefit.
Nation: Sometimes nations as well as states cause harm to any company or system.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
Minimization of Impact: The most effective method for mitigating the impact is use of
encryption. Algorithms of cryptography play a major role in protecting any system. Plain texts
can be encrypted to protect it from other attacks. Integrity checks must be performed on a regular
basis (Thuraisingham, 2015). Implementation and incorporation of security policies can be
effective. The methods for controlling the access of data should be made for secured by
authentication (Cardenas, Manadhata & Rajan, 2013).
Threat Probability Trend: The case study shows that every threat is associated with a
probability trend. Employees are a threat agent that can cause information leak as well as other
types of problem for business process failure. Corporations as well as cyber criminals are
responsible for interception information (Chen, Mao & Liu, 2014). The probability of identity
threat can be associated with every agents of threat. Effective organizational functioning is
dependent on risk management strategy (Demchenko et al., 2013). The threat probability is
increasing very fast with time.
4. ETL Process Improvement
Big data is storage of huge quantity of data. Extract, transform and load can be improved
in many ways (Bansal, 2014). ETL helps in the analysis of big data. Following steps need to be
taken in order to improve the process of ETL:
In case of processing data in batch leads to wastage of database storage. Storing
important data can utilize the database in an optimal manner (Bansal & Kagemann, 2015).
Extracting most important data will result in the improvement of the performance.
Minimization of Impact: The most effective method for mitigating the impact is use of
encryption. Algorithms of cryptography play a major role in protecting any system. Plain texts
can be encrypted to protect it from other attacks. Integrity checks must be performed on a regular
basis (Thuraisingham, 2015). Implementation and incorporation of security policies can be
effective. The methods for controlling the access of data should be made for secured by
authentication (Cardenas, Manadhata & Rajan, 2013).
Threat Probability Trend: The case study shows that every threat is associated with a
probability trend. Employees are a threat agent that can cause information leak as well as other
types of problem for business process failure. Corporations as well as cyber criminals are
responsible for interception information (Chen, Mao & Liu, 2014). The probability of identity
threat can be associated with every agents of threat. Effective organizational functioning is
dependent on risk management strategy (Demchenko et al., 2013). The threat probability is
increasing very fast with time.
4. ETL Process Improvement
Big data is storage of huge quantity of data. Extract, transform and load can be improved
in many ways (Bansal, 2014). ETL helps in the analysis of big data. Following steps need to be
taken in order to improve the process of ETL:
In case of processing data in batch leads to wastage of database storage. Storing
important data can utilize the database in an optimal manner (Bansal & Kagemann, 2015).
Extracting most important data will result in the improvement of the performance.
11RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
To improve the performance the method of lookup that is done one row at a time can be
avoided (Baumer, 2017). This is an efficient method in comparison to bulk loading.
5. IT Security of ENISA
The satisfaction level of ENISA regarding its IT security is low. The presence of the top
security threats are the main reason behind this dissatisfaction. There are many key agents of
threat present in ENISA. There are unintentional and intentional threats in the system. Indentify
fraud can take place where they target financial information. Other threats also exist like
malware, denial of service, insider threat and legal threats. The most efficient and useful solution
that can be applicable in case of ENISA is cryptography. Encrypting the important information
will improve the existing security policies of the system. Implementation of firewalls can prevent
the entry of any unwanted threat in the private network and also will not allow any outsider to
steal data. Infiltration of network can be done by IPS. This will disallow the access of
unauthorized user to access the database.
Conclusion
This report concludes that there are many top threats that exist in ENISA. Cryptography
and strong security policies can be used in order to avoid the chances of threats. This report
pointed out the main threat agents. The case study’s overview is provided along with the security
infrastructure of ENISA. Risk or threat minimization methods have also been discussed here.
To improve the performance the method of lookup that is done one row at a time can be
avoided (Baumer, 2017). This is an efficient method in comparison to bulk loading.
5. IT Security of ENISA
The satisfaction level of ENISA regarding its IT security is low. The presence of the top
security threats are the main reason behind this dissatisfaction. There are many key agents of
threat present in ENISA. There are unintentional and intentional threats in the system. Indentify
fraud can take place where they target financial information. Other threats also exist like
malware, denial of service, insider threat and legal threats. The most efficient and useful solution
that can be applicable in case of ENISA is cryptography. Encrypting the important information
will improve the existing security policies of the system. Implementation of firewalls can prevent
the entry of any unwanted threat in the private network and also will not allow any outsider to
steal data. Infiltration of network can be done by IPS. This will disallow the access of
unauthorized user to access the database.
Conclusion
This report concludes that there are many top threats that exist in ENISA. Cryptography
and strong security policies can be used in order to avoid the chances of threats. This report
pointed out the main threat agents. The case study’s overview is provided along with the security
infrastructure of ENISA. Risk or threat minimization methods have also been discussed here.
12RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
References
Bansal, S. K. (2014, June). Towards a semantic extract-transform-load (ETL) framework for big
data integration. In Big Data (BigData Congress), 2014 IEEE International Congress
on (pp. 522-529). IEEE.
Bansal, S. K., & Kagemann, S. (2015). Integrating big data: A semantic extract-transform-load
framework. Computer, 48(3), 42-50.
Baumer, B. S. (2017). A Grammar for Reproducible and Painless Extract-Transform-Load
Operations on Medium Data. arXiv preprint arXiv:1708.07073.
Cardenas, A. A., Manadhata, P. K., & Rajan, S. P. (2013). Big data analytics for security. IEEE
Security & Privacy, 11(6), 74-76.
Chen, C. P., & Zhang, C. Y. (2014). Data-intensive applications, challenges, techniques and
technologies: A survey on Big Data. Information Sciences, 275, 314-347.
Chen, M., Mao, S., & Liu, Y. (2014). Big data: A survey. Mobile Networks and
Applications, 19(2), 171-209.
Demchenko, Y., Grosso, P., De Laat, C., & Membrey, P. (2013, May). Addressing big data
issues in scientific data infrastructure. In Collaboration Technologies and Systems (CTS),
2013 International Conference on (pp. 48-55). IEEE.
Enisa.europa.eu. (2017). Big Data Threat Landscape — ENISA. [online] Available at:
https://www.enisa.europa.eu/publications/bigdata-threat-landscape [Accessed 5 Sep.
2017].
References
Bansal, S. K. (2014, June). Towards a semantic extract-transform-load (ETL) framework for big
data integration. In Big Data (BigData Congress), 2014 IEEE International Congress
on (pp. 522-529). IEEE.
Bansal, S. K., & Kagemann, S. (2015). Integrating big data: A semantic extract-transform-load
framework. Computer, 48(3), 42-50.
Baumer, B. S. (2017). A Grammar for Reproducible and Painless Extract-Transform-Load
Operations on Medium Data. arXiv preprint arXiv:1708.07073.
Cardenas, A. A., Manadhata, P. K., & Rajan, S. P. (2013). Big data analytics for security. IEEE
Security & Privacy, 11(6), 74-76.
Chen, C. P., & Zhang, C. Y. (2014). Data-intensive applications, challenges, techniques and
technologies: A survey on Big Data. Information Sciences, 275, 314-347.
Chen, M., Mao, S., & Liu, Y. (2014). Big data: A survey. Mobile Networks and
Applications, 19(2), 171-209.
Demchenko, Y., Grosso, P., De Laat, C., & Membrey, P. (2013, May). Addressing big data
issues in scientific data infrastructure. In Collaboration Technologies and Systems (CTS),
2013 International Conference on (pp. 48-55). IEEE.
Enisa.europa.eu. (2017). Big Data Threat Landscape — ENISA. [online] Available at:
https://www.enisa.europa.eu/publications/bigdata-threat-landscape [Accessed 5 Sep.
2017].
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
Erl, T., Khattak, W., & Buhler, P. (2016). Big data fundamentals: concepts, drivers &
techniques. Prentice Hall Press.
Guo, L., Wenqi, H., Xiaokai, Y., Fuzheng, Z., Chengzhi, C., & Shitao, C. (2016). Research and
realization of improved extract–transform–load scheduler in China Southern Power
Grid. Advances in Mechanical Engineering, 8(11), 1687814016679055.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
Systems, 47, 98-115.
Kao, R. R., Haydon, D. T., Lycett, S. J., & Murcia, P. R. (2014). Supersize me: how whole-
genome sequencing and big data are transforming epidemiology. Trends in
microbiology, 22(5), 282-291.
Kim, G. H., Trimi, S., & Chung, J. H. (2014). Big-data applications in the government
sector. Communications of the ACM, 57(3), 78-85.
Kshetri, N. (2014). Big data׳ s impact on privacy, security and consumer
welfare. Telecommunications Policy, 38(11), 1134-1145.
Lu, R., Zhu, H., Liu, X., Liu, J. K., & Shao, J. (2014). Toward efficient and privacy-preserving
computing in big data era. IEEE Network, 28(4), 46-50.
Mahajan, P., Gaba, G., & Chauhan, N. S. (2016). Big Data Security. IITM Journal of
Management and IT, 7(1), 89-94.
Erl, T., Khattak, W., & Buhler, P. (2016). Big data fundamentals: concepts, drivers &
techniques. Prentice Hall Press.
Guo, L., Wenqi, H., Xiaokai, Y., Fuzheng, Z., Chengzhi, C., & Shitao, C. (2016). Research and
realization of improved extract–transform–load scheduler in China Southern Power
Grid. Advances in Mechanical Engineering, 8(11), 1687814016679055.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
Systems, 47, 98-115.
Kao, R. R., Haydon, D. T., Lycett, S. J., & Murcia, P. R. (2014). Supersize me: how whole-
genome sequencing and big data are transforming epidemiology. Trends in
microbiology, 22(5), 282-291.
Kim, G. H., Trimi, S., & Chung, J. H. (2014). Big-data applications in the government
sector. Communications of the ACM, 57(3), 78-85.
Kshetri, N. (2014). Big data׳ s impact on privacy, security and consumer
welfare. Telecommunications Policy, 38(11), 1134-1145.
Lu, R., Zhu, H., Liu, X., Liu, J. K., & Shao, J. (2014). Toward efficient and privacy-preserving
computing in big data era. IEEE Network, 28(4), 46-50.
Mahajan, P., Gaba, G., & Chauhan, N. S. (2016). Big Data Security. IITM Journal of
Management and IT, 7(1), 89-94.
14RISK ANALYSIS AND SECURITY: ENISA CASE STUDY
Patil, H. K., & Seshadri, R. (2014, June). Big data security and privacy issues in healthcare.
In Big Data (BigData Congress), 2014 IEEE International Congress on (pp. 762-765).
IEEE.
Sagiroglu, S., & Sinanc, D. (2013, May). Big data: A review. In Collaboration Technologies and
Systems (CTS), 2013 International Conference on (pp. 42-47). IEEE.
Thuraisingham, B. (2015, March). Big data security and privacy. In Proceedings of the 5th ACM
Conference on Data and Application Security and Privacy (pp. 279-280). ACM.
Vatsalan, D., Sehili, Z., Christen, P., & Rahm, E. (2017). Privacy-Preserving Record Linkage for
Big Data: Current Approaches and Research Challenges. In Handbook of Big Data
Technologies (pp. 851-895). Springer International Publishing.
Wu, X., Zhu, X., Wu, G. Q., & Ding, W. (2014). Data mining with big data. IEEE transactions
on knowledge and data engineering, 26(1), 97-107.
Patil, H. K., & Seshadri, R. (2014, June). Big data security and privacy issues in healthcare.
In Big Data (BigData Congress), 2014 IEEE International Congress on (pp. 762-765).
IEEE.
Sagiroglu, S., & Sinanc, D. (2013, May). Big data: A review. In Collaboration Technologies and
Systems (CTS), 2013 International Conference on (pp. 42-47). IEEE.
Thuraisingham, B. (2015, March). Big data security and privacy. In Proceedings of the 5th ACM
Conference on Data and Application Security and Privacy (pp. 279-280). ACM.
Vatsalan, D., Sehili, Z., Christen, P., & Rahm, E. (2017). Privacy-Preserving Record Linkage for
Big Data: Current Approaches and Research Challenges. In Handbook of Big Data
Technologies (pp. 851-895). Springer International Publishing.
Wu, X., Zhu, X., Wu, G. Q., & Ding, W. (2014). Data mining with big data. IEEE transactions
on knowledge and data engineering, 26(1), 97-107.
1 out of 15
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.