According to Inukollu, Arsi and Ravuri (2014), big data is defined as a term that helps in describing large volume of data both structured as well as unstructured that generally helps inundating a business. It is identified that big data can be use or analyzing various patterns as well as structure of data, which can be used in order to understand the trends of data, as well as associated human behavior. Different types of security issues as well as challenges generally arise, as big data remains accessible to the public. Thus, it is identified that various types of risks as well as threats that are associated with big data can be removed from the system by utilizing proper mitigating strategies (Wu et al., 2014). The paper mainly elaborates various types of issues as well as challenges that are faced by ENISA, the security threat infrastructure and various types of threat key agents. It is identified that various type of threat as well as ETL procedure are generally elaborated in this report.
Overview
The case study mainly discusses various types of threats of big data, which are mainly associated with frequency of data outsourcing as well as big data storage. This lead to occurrence of new type of data breaches, leakage as well as degradation threat that are associated with big data. It is identified that ENISA is facing number of privacy as well as security issue that mainly reflects the entire level of performance of the organization. The case study of ENISA generally presents as well as discusses big data threats and various types of countermeasures that are quite helpful in eliminating or mitigating the threats (Wright & De, 2012). It is found that the major issues lies in the defective security system of the organization, which is considered significant for providing appropriate level of data security. ENISA generally elaborates various types of threats that are mainly related with big data and it is analyzed that the threats creates impact of different sections of the society. Powerful approaches must be undertaken for fighting against the threat that is mainly related big data. In addition to this, the case study mainly elaborates different type of concept that is mainly associated with threat landscape by making proper comparison with big data threat. It mainly focuses on assets, threats as well as significance of various data system (ENISA, 2017).The case study is of appropriate use that assists in implementing proper plan of risk management that further assists providing big data security. The architecture of big data that is mainly illustrated in this case study is quite complex and thus the level of conceptual model needs enhancing security related requirements. The entire big data architecture includes various types of data sources, integration procedure, and data storage as well as various models of computing. It is identified that the layers of various types of work as well as functions (Gonzalez et al., 2012). The concept of cloud computing can be properly deployed as the infrastructure layer for meeting various requirements of effective storage of big data that mainly include elasticity, cost effectiveness, scaling ability and more. However, the data storage in cloud has various types of security issues, which are mainly associated with the case study.
Figure 1: Representing the ENISA big data security Infrastructure
(Source: created by author using MS Visio)
ENISA helps in providing the opportunity to store various types of data, which can be structured, semi-structured or unstructured. It is identified that the threats that are mainly related with the data storage are mainly illustrated below:
Denial of service: The various components of big data are prone to this type of attack. This attack mainly involves in removing the entire components from the network for exploiting various types of vulnerabilities. In this particular attack, the attacker generally makes the resources unavailable to various authorized user either permanently or temporarily (ENISA, 2017).
The denial of service attack generally minimizes the performance of the system that further causes loss of various types of information as well as data.
The assents that are generally targeted with the help of this attack are generally networks as well as servers. The level of risk is considered low and thus it can be mitigated or prevented by using proper strategy of risk management.
Threats related with malicious code or software activity: This threat is considered as one of the major threat that is mainly associated with the various component of big data. Various types of threat agents include viruses, worms, Trojan horse, trap doors, service spoofing are found to be responsible for this type of threat (Tan et al., 2014). Threat agents are generally deployed within the entire system and thus with the help of malicious code, the attackers generally manipulate various types of injected data. Various types of threat agents are generally deployed within the system and thus it is identified that by utilizing various types of malicious code, the attackers generally helps in manipulating data within the entire infected system (Theoharidou, Tsalis & Gritzalis, 2013). It is identified that various types of treat agents are generally deployed within the entire system and thus with the help of this malicious code, the attacker can easily manipulate data within the infected system (Seshardi et al., 2012). It is found that various types of malware infected nodes of the system generally helps in sending various types o malicious command to various targeted servers for spreading the entire infection from one system to another. This type of threat can be easily spread and thus elimination of this type of threat becomes very much essential.
The assets that are mainly targeted by this type of attack generally include database management system, computing infrastructure model as well as relational SQL.
Generation of rogue certificates: It is identified that both generation as well as utilization of rogue certificates act as a major threat in big data. It is identified that signing within the devices as well as media encryption are generally bypassed with the utilization of various threat agents for implementing the attack properly (Pearson, 2013). These certificates are generally utilized for accessing data storage, which in turn causes leakage of data and its misuse.
The assets are mainly targeted by various types of threat that include big data analytics, software as well as hardware.
Improper designing of security features: It is identified that improper planning as well as designing of various security measures causes number of challenges as well as issues. It is identified that improper adoption of security measures causes manipulation of various data and production of various ill-protected data copies (Theoharidou et al., 2013). It is found that the threat challenges of the big data security system can be resolved by implementing proper risk mitigation technique that is required to be implemented for avoiding the risk. This threat can cause storage of redundant data that is present within the database.
The assets are generally targeted by the attacks that include storage infrastructure models, software as well as data.
Interception information: The offender generally causes interception of communication for transferring data in various nodes by targeting the various communication links
Out of the threats that are discussed, the most significant threat that is mainly associated with big data is loss of information, which mainly affects various types of software activity as well as malicious codes. The various types of threat generally include malicious ransom ware viruses; injection attacks (Chen & Zhao, 2012). The utilization of insecure API generally causes vulnerability.
The threat that mainly rises due to number of malicious programs as well as code are considered significant as the attackers can manipulate various data as well as information. This types of threat easily spread and it is mainly dependent on the spreading of various malicious code (Pavlyushchik, 2014). Hacking is considered as one of the procedure that includes various types of malicious codes within the system after the attacker’s gains control over the entire system
The various key threat agents for ENISA big data strategy are provided below:
Corporation: The various types of threat agents that are related with security threats of big data include organization that generally uses various types of offensive tactics for gaining competitive advantage over various competitors (Taylor, Fritsch & Liederbach, 2014). These organizations generally have proper capability of manipulating various types of data as well as information.
Cyber terrorists: It is identified that cyber criminals are the major threat agents for the security infrastructure of big data. The cyber terrorist mainly targets various types of infrastructures that include telecommunication, energy production as well as public health. They mainly helps in targeting the organizations as failure as well as various types of data breach within the organization mainly creates major impact both on the government as well as on the society.
Script Kiddies: They are considered as minor agents o threat as they generally poses attack that generally developed either with the help of the codes or with the help of the programs. They do not have appropriate power of manipulating as well as breaking a proper cyber security system.
Hacktivists: They are also considered as minor agents of threats. They generally utilizes computer for protecting as well as promoting the views (Roberts, Indermaur & Spiranovic, 2013). They also involve in targeting various types of high profile website as well as agencies for reaching wider number of audiences.
Employees: It is found that the employees of the organization have significant knowledge about the entire security system of the company on which they are generally working. Thus, it is analyzed that employees can be considered as one of the significant threat agent who can easily manipulate as well as modify data.
There are number of threats that are associated with the utilization and accessing the big data and thus minimization of such impact are very much essential. The various procedures, which can be utilized for minimizing the impact of threat, are as follows:
Appropriate security measures: Proper security measures like cryptography as well as encryption must be implemented for protecting the data that helps in preventing various types of unauthorized access (Stallings & Tahiliani, 2014). Ensuring data encryption as well as appropriate methodology of cryptography can be found beneficial for an organization as it assists in protecting data.
Accessing control: One of most effective procedure of data security is access control. It helps in preventing various types of unauthorized access of information as well as data. The host of different cloud service provides must implement proper access control for preventing various types of unauthorized access.
Training staff: Training the staff of the organization is very much needed for preventing the data entry as well as data manipulation by mistake (Brucker et al., 2012). It is identified that creating proper awareness of information security as well as proper measures are needed for ensuring the big data security.
The threat that is mainly associated with big data in enhancing and thus the various attackers are planning various types of new technologies. It is identified that the threat probability can be minimized by providing proper security related measures for protecting the data (ENISA, 2017). The threat that are mainly related with data manipulation as well as data breaches are generally enhancing which must be properly controlled for ensuring proper data security. Appropriate ensures must be developed for getting positive result and for identifying various types of threat that must be controlled for mitigating the threats.
ETL generally refers to the threat landscape of ENISA, which mainly reflects the various threats that are generally related with the organization. ETL helps in identifying various types of threats that are generally applicable to the communication as well as information technology assets, which are mainly associated with big data. The major problem those are associated with ENISA threat landscape assist in identifying the threat that is mainly associated with the assets of big data (Cherdantseva et al,. 2016).The procedure of ETL can be improved by including proper risk agent as well as for classifying the report properly. The attack patterns that are mainly included within the report is mainly identified as well as included within the details of the report. The various types of threat agent have enhanced sophistication of attack that utilizes more innovative tool and thus ETL must include proper scanning for identifying various risk sources. The attack patterns must be indicated properly in the report so that the threat can be managed properly.
It is identified that the current IT security of ENISA can be improved and thus ENISA must be satisfied with its current security state. The enhancing concern with the big data security is alarming and thus proper measures required to be taken as soon as possible. Absences of proper as well as data security are considered as important reason for data loss as well as enhancing threat. It is identified that proper security measures must be considered for enhancing the security of big data (Von Solms & Van Niekerk, 2013). The various types of security measures including access control, training as well as encryption must be provided for the security system in order to provide proper security. The security measures are quite helpful in reducing the different types of risks that are mainly associated with big data Effective risk control as well as mitigation strategies are very much important for minimizing the risk impact. APIs must be avoided for eliminating the risk intrusion into the entire system (Albakri et al., 2014). It is analyzed that absence of proper security related ensures enhances the chances of data manipulation as well as breach therefore ENISA should not be satisfied with its current state of security infrastructure. Therefore, it is quite important to implement proper risk management as well as risk mitigation approaches for minimizing the impact of risk.
Conclusion
It can be concluded from the entire discussion that ENISA faces number of attacks and thus proper security measures requires to be implemented for avoiding the challenges that are mainly associated with big data breach as well as data loss. It is identified that the report mainly discusses number of threats that are mainly related with the security system of ENISA. It is analyzed that the effect as well as impact of the different threats are quite widespread and it is analyzed that the sources of this threat are dependent on various threat agents. The report also discusses various threat agents that are generally responsible for implementing as well as planning the attacks of big data that causes data loss and data breach. The report discusses various types of threat agent that carets affect on ENISA. It is identified that the procedure of ETL is quite necessary for eliminating the threats and various procedures that assists in mitigating the risk are generally discussed in the report. The report mainly illustrates the present IT security state of ENISA that helps in suggesting various types of measures in order to eliminate as well as control the risks, which are mainly related with current security state of ENISA.
References
Albakri, S. H., Shanmugam, B., Samy, G. N., Idris, N. B., & Ahmed, A. (2014). Security risk assessment framework for cloud computing environments. Security and Communication Networks, 7(11), 2114-2124.
Big Data Threat Landscape — ENISA. (2017). Enisa.europa.eu. Retrieved 6 September 2017, from https://www.enisa.europa.eu/publications/bigdata-threat-landscape
Brucker, A. D., Hang, I., Lückemeyer, G., & Ruparel, R. (2012, June). SecureBPMN: Modeling and enforcing access control requirements in business processes. In Proceedings of the 17th ACM symposium on Access Control Models and Technologies (pp. 123-126). ACM.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on (Vol. 1, pp. 647-651). IEEE.
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., & Stoddart, K. (2016). A review of cyber security risk assessment methods for SCADA systems. computers & security, 56, 1-27.
Gonzalez, N., Miers, C., Redigolo, F., Simplicio, M., Carvalho, T., Näslund, M., & Pourzandi, M. (2012). A quantitative analysis of current security concerns and solutions for cloud computing. Journal of Cloud Computing: Advances, Systems and Applications, 1(1), 11.
Inukollu, V. N., Arsi, S., & Ravuri, S. R. (2014). Security issues associated with big data in cloud computing. International Journal of Network Security & Its Applications, 6(3), 45.
Pavlyushchik, M. A. (2014). U.S. Patent No. 8,713,631. Washington, DC: U.S. Patent and Trademark Office.
Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and Security for Cloud Computing (pp. 3-42). Springer London.
Roberts, L. D., Indermaur, D., & Spiranovic, C. (2013). Fear of cyber-identity theft and related fraudulent activity. Psychiatry, Psychology and Law, 20(3), 315-328.
Seshardi, V., Ramzan, Z., Satish, S., & Kalle, C. (2012). U.S. Patent No. 8,266,698. Washington, DC: U.S. Patent and Trademark Office.
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security: principles and practice (Vol. 6). London: Pearson.
Tan, Z., Jamdagni, A., He, X., Nanda, P., & Liu, R. P. (2014). A system for denial-of-service attack detection based on multivariate correlation analysis. IEEE transactions on parallel and distributed systems, 25(2), 447-456.
Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014). Digital crime and digital terrorism. Prentice Hall Press.
Theoharidou, M., Tsalis, N., & Gritzalis, D. (2013, June). In cloud we trust: Risk-Assessment-as-a-Service. In IFIP International Conference on Trust Management (pp. 100-110). Springer, Berlin, Heidelberg.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. computers & security, 38, 97-102.
Wright, D., & De Hert, P. (2012). Introduction to privacy impact assessment. In Privacy Impact Assessment (pp. 3-32). Springer Netherlands.
Wu, X., Zhu, X., Wu, G. Q., & Ding, W. (2014). Data mining with big data. IEEE transactions on knowledge and data engineering, 26(1), 97-107.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download