The term big data corresponds to the vast amount of data and information present within a system, which can be utilized for different purposes. The stored data can be analyzed computationally to reveal the different patterns and trends associated with the human behaviors. Big data deals with voluminous amounts data both structured and unstructured that different organizations can use for business purposes (Wu et al., 2014). A wide range of audience can access this data and therefore, different security and privacy issues remain associated with the storage of massive amount of digital information. Therefore, different security measures are needed to be ensured in order maintain the privacy and the integrity of the data. Enisa is facing a similar big data threat and this report discusses the different threats. The report elaborates the top threats associated with the organization and the key threat agent (Inukollu, Arsi & Ravuri, 2014). The report further discusses the steps that could be taken to minimize the impact of the threats on the system.
Figure 1: Representing the ENISA big data security Infrastructure
(Source: created by author using MS Visio)
The threats associated with the Big data architecture of Enisa is mainly due to the information leakage due to human errors, unintentional intervention and erroneous use of administration of system. The top threats associated with Enisa and their significance are elaborated below ( ENISA 2017)-
This threat is can be classified as accidental threats. Accidental threats are those threats that are caused mainly due to human error. The major reason of the this threat is erroneous configuration of the system, clerical errors, poor patch management and use of default user id and passwords.
The most common source of information leakage is however due to erroneous configuration.
The assets of the organization that are mainly affected by these threats include data and application back end services.
This is another top threat associated with the system. Big data is often built with little security and unsecure APIs therefore can be a major reason of data loss. APIs can be vulnerable for big data as major big data applications are built on web services models.
CA has reported numerous data breaches in big data due to the use of insecure APIs, especially in social networks, photo and video sharing services like Facebook and Snapchat.
The threat in this category may deal with injection attacks to different semantic web technologies with the help of SPARQL. Security threats and errors are common in big data language like SPARQL. The increasing use of these query language is responsible for introducing new vulnerabilities into the system. The attack on old query language is well known and therefore can be easily identified; however, they are equally dangerous.
The assets of the organization that are mainly affected by these threats include data and storage infrastructure models.
The different techniques used for improving the Big data analytics performance and combination of the heterogeneous data sources increase the number of redundancies in representation of data and generating the ill protected copies of the data as well. This increases the vulnerabilities of the stored data. This happens during the replication of the data. Considering an example, if big data storage replicates the records a number of times and distributes in different channels, the nodes may end up in acquiring different levels of security robustness. This in turn may increase the possibility of data threats, which includes data disclosure and data leaks. Therefore, this is categorized as a specific weakness in big data design.
The assets of the organization that are mainly affected by these threats include data, big data analytics, software, computing infrastructure models and storage infrastructure models.
The most significant threat associated with the big data is definitely data loss due to the malicious code and software activity. The different agents of this threat include exploit kits, worms, Trojans, backdoors and trapdoors, service spoofing and injection attacks. The API vulnerability also counts in this threat (Chen & Zhao, 2012).
This threat is most significant because after deploying the malicious code into the system with any of the discussed methods, the attacker may manipulate the data present in the infected devices leading to a significant data loss. The malware-infected nodes of these files can send targeted commands to different servers in order to distribute the malicious code, thus leading to the exposure to number of risks. Numerous examples can be cited of hacking of big data using malicious code attack. This type of attack is significantly dangerous as the attacker has the power to manipulate the data using by running the malicious code (Pavlyushchik, 2014).
The key threat agents, impact of the threat and the threat probability are elaborated in the following paragraphs-
The threats or a malicious act is implemented with the help of certain malicious agents or medium, which is termed as threat agents. The different threat agents associated with this case are listed below-
One of the major threat agents associated with the big data threat is the organizations and enterprises that engage in offensive tactics to gain competitive advantage over their competitors. These organizations or enterprises pose significant capabilities in technology and human engineering intelligence (ENISA 2017).
Cyber criminals are another or may be the most significant threat agent. Their motivation of engaging into criminal acts is mainly financial gain and therefore they can go to any extent and therefore, the risk associated with this type of threat is generally very high.
The cyber terrorists are one of the most dangerous threat agents. The motivation of the cyber terrorists in implementing and spreading these threats include political and religious reasons. The main target of cyber terrorist is critical infrastructures that include public health, energy production and telecommunication. This is because; failure of these organizations causes severe impact in society and government, thus fulfilling the main aim of the cyber terrorists (Taylor, Fritsch & Liederbach, 2014).
This is a non-significant threat agent as script kiddies mainly use programs and codes developed by others to plan and implement an attack.
This threat agent makes us of the computer systems to protest and promote their views. The main targets of hacktivists are high profile websites, corporations, intelligence agencies and military institution.
This refers to the staff, contractors and the operational staffs of an organization. This threat includes data manipulation or erroneous data entry. Moreover, this threat agent has a significant knowledge about the effective attacks in the assets present in an organization and therefore considered as a dangerous threat.
This threat agent has an increasing cyber capability, which can be used against and adversary. They are considered as a prominent threat agent due to the launching of sophisticated attacks using different cyber weapons. The sophistication of this attack prove that Nation State have high level of skill and expertise.
In order to minimize the impact of the discusses threat on the system, different measures should be undertaken. The different measures that can be taken to to minimize the impact of the threat are listed below-
1) Cryptography: in order to deal with the unintentional leakage and loss of information, securing the information with proper cryptographic methods can be beneficial. Cryptography further more prevents the unauthorized access of sensitive and confidential data. However, there are certain issues associated with the use of cryptography in Big data, which includes protection of sensitive information and maintaining the performance along with protecting logical and physical fragments apart from files and disks (Stallings & Tahiliani, 2014).
2) Better security design can further help in data protection by preventing the data risks associated with unsecure APIs. This can help in data protection with regular integrity checks.
3) Access Control: Access control is a significant area of big data. Information classification and access control can help in limiting the access of data into the system. The host of big data, which is cloud provider, should implement access control to fight the loss of data and data breaches. Moreover, the use of strong hashing functions such as SHA-256 can help securing the big data (Brucker et al., 2012).
4) Training the staffs can be an effective method of controlling the data loss due to human error. Information security awareness, education and training is essential for ensuring data security in big data.
The threat probability of manipulation of data with due to the effect of malicious code injected into the system is very high. The probability of this threat is high because it is the most common method of manipulating the big data. Different threat agents are involved with this threat, which makes the effect of the threat more dangerous. The probability of threat due to erroneous data entry is very low and it can be eliminated as well.
ETL is used as a short form for extract, transform and load, which are three main database functions. This is a process of data warehousing which is responsible for taking data out of the system and transferring it into the warehouse. The different methods that can be used to improve the ETL process are listed below (Kimball & Ross, 2013)-
1) An important technique of improving the ETL process is tackling the bottlenecks. This can be done by maintaining a log metrics such as time, number of records and hardware usage. The resources each process is accessing should be estimated beforehand in order to tackle this problem.
2) Another significant technique of improving the ETL process is loading the data into the system incrementally. This means, only the changes between the previous data and the new data are to be changed. This reduces the threat of erroneous data entry. It is although a bit difficult to implement, it helps in improving the process of ETL and in removal of threats.
3) Large tables can be partitioned in order to improve the processing of data. A large table is cut down into smaller tables that help in data better management of data and elimination of threat as well.
4) The extraneous data is not uploaded into the warehouse. Elimination of irrelevant data helps in improving the performance of ETL.
5) Use of cache data may help in improving the ETL process. This is because, the cache memory helps in speeding up of the things and process in an effective way. However, caching largely depends on the system and the amount of memory the system support and therefore this may not be that effective for systems with low data storage.
The current IT security of Enisa is not appropriate and hence proper measures are to be taken in order to prevent data security threats. The current IT state is not appropriate because there are certain issues associated with the security of big data. Absence of access control is an important reason for unauthorized access of data and data manipulation (Von Solms & Van Niekerk, 2013). The data needs to be secured with proper cryptographic means, which would considerably help in data protection. Cryptography along with the process of encryption may considerably help in data security. This is furthermore essential as big data is mainly stored in cloud and therefore, different security measures are furthermore essential. The threats discussed in the report are dangerous and are the risk of such threats is associated with Enisa. Therefore, Enisa should not be satisfied with the current state of IT security. The organization can be easily targeted by the hackers as the system is vulnerable to different types of threats and intrusion. The organization should implement an intrusion detection system to report the different cases of threats, vulnerabilities and attacks. The insecure API can be a major source of malware and therefore Enisa should install proper firewall and vulnerability scanner in order to develop a secure system. The use of vulnerability scanner and firewall may reduce the risk of intrusion into the information system of Enisa and can considerably help in data protection. The absence of these features considerably increases the risk of data breach and data manipulation. Enisa lacks proper risk mitigation approaches and techniques to control the risk. Risk mitigation is an important risk management approach, which includes, risk avoidance, risk monitoring, risk control and risk transfer. Risk transfer deals with transferring the risk to a stakeholder or a different organization that is willing to take that risk. Having an insurance is an effective way of risk mitigation. Absence of proper risk management strategy is another important aspect of the security loopholes Enisa is facing. Therefore, it is concluded that ENISA should not be satisfied with the current state of IT security and should implement proper methods to control and mitigate the risks associated with the big data security of the system.
Conclusion:
Therefore, from the above discussion, it can be concluded that ENISA is associated with different types of threats in relation to the big data. Big data and data mining are one of the most important aspect of today’s business and therefore many dishonest people make incorrect use of big data that gives rise to a number of threats. These people or organization that is associated with the threats is termed as threat agents. The report discusses in detail, the different threat agents associated with ENISA and the probable damage they could cause into the system. The threat agents have different objectives in planning and implementing an attack. The repot discusses the effect of these threats that are associated with big data and their probable causes. Among many threats present in Enisa, the top threat identified is the threat, the system is exposed to due to the involvement of malicious programs and codes. These can involve viruses and ransomwares that further spread from system to system. With the help of these malicious codes, the attacker can access and manipulate the data and thus the threat arises in the process. These threats are to be removed from the information system of ENISA in order to ensure data protection. Different risk control methodologies and approaches are described in the report, which include cryptography, access control and proper security design. These factors are to be kept in mind before implementing proper security measures, which is essential for eliminating the risks associated with the system. ENISA is should not be satisfied with the current state of IT security within the organization because the organization is exposed to a number of threats, which should be controlled mitigated and monitored as soon as possible.
References:
Big Data Threat Landscape — ENISA. (2017). Enisa.europa.eu. Retrieved 6 September 2017, from https://www.enisa.europa.eu/publications/bigdata-threat-landscape
Brucker, A. D., Hang, I., Lückemeyer, G., & Ruparel, R. (2012, June). SecureBPMN: Modeling and enforcing access control requirements in business processes. In Proceedings of the 17th ACM symposium on Access Control Models and Technologies (pp. 123-126). ACM.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on (Vol. 1, pp. 647-651). IEEE.
Inukollu, V. N., Arsi, S., & Ravuri, S. R. (2014). Security issues associated with big data in cloud computing. International Journal of Network Security & Its Applications, 6(3), 45.
Kimball, R., & Ross, M. (2013). The data warehouse toolkit: The definitive guide to dimensional modeling. John Wiley & Sons.
Pavlyushchik, M. A. (2014). U.S. Patent No. 8,713,631. Washington, DC: U.S. Patent and Trademark Office.
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security: principles and practice (Vol. 6). London: Pearson.
Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014). Digital crime and digital terrorism. Prentice Hall Press.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. computers & security, 38, 97-102.
Wu, X., Zhu, X., Wu, G. Q., & Ding, W. (2014). Data mining with big data. IEEE transactions on knowledge and data engineering, 26(1), 97-107.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download