Data is the most important resource behind the proper and continuous functionality of an institution irrespective of its dimension and field of operation (Chen, Chiang & Storey, 2012). The institution can be as small as a business or as large as a whole nation. Information is essential to operate any kind of business, governmental or national operations. Not all data carry importance, however, most information that is used for the performance of critical operations in any institution consist of higher level of confidentiality (Ifinedo, 2012). The security of such data is necessary to ensure that it does not fall in the wrong hands. Cyber criminals are always on the look out to retrieve such kind of information that can provide them financial benefit or aid them in carrying out other criminal activities of larger proportion against any target institution.
The advent of Big Data concept has undoubtedly brought huge benefit to every institution. However, its popularity has attracted various cyber threats and the lack of a proper infrastructure and ignorance of the common mass to the gravity of the situation has helped the threats to evolve rapidly (Peltier, 2013). The purpose of the report is to provide the current scenario of cyber crime and its impacts on Big Data in the light of the threat assessment report created by the European Union Agency for Network and Information Security (ENISA).
2. Overview on ENISA and the Big Data Threat Landscape
The European Union Agency for Network and Information Security (ENISA) is formed to house network and information security experts for the European Union, its member states, the private sector and the inhabitants of Europe (Marx, 2013). ENISA is in collaboration with these groups to obtain advice and suggestions on good practice in information security. It provides support to the states that are in membership with EU in implementing relevant EU legislation and works to enhance the flexibility of the critical information infrastructure and networks of Europe (Big Data Threat Landscape and Good Practice Guide, 2016). ENISA is trying to improve the current expertise in EU member states by assisting in the improvement of cross-border communities that is devoted to enhancing information security and network across the EU.
The concept of Big Data includes the digital analysis of extremely large data sets to identify patterns, associations and trends that are related to interactions and human behaviour. The data sets can be obtained from multiple sources (Chen, Chiang & Storey, 2012). For example, mobile telecommunication devices and networks, distributed multimedia sensors on the Internet of Things, web-based applications, distributed business processes are some of the sources that facilitate the resources of Big Data (Boyd & Crawford, 2012). The applications of Big Data are useful in providing exponential development in the efficiency and effectiveness of decision-making in organisations and communities during complicated situations. Due to its beneficial characteristics, it is often subjected to security risks (Dumbill, 2013). The report identifies the existing landscape of security in the field of Big Data.
The diagram provided below shows the infrastructure of ENISA Big Data security.
3. Most Significant Threat to Big Data, Threat Probability and Possible Remedies
Among all the threats that concern the security of Big Data, the most significant threat is interception of data by methods such as eavesdropping, interception and hijacking. This threat is considered as the most essential enemy to Big Data as the operation of Big Data deals with a large amount of big data sets (Fenz et al., 2014). The data sets that are obtained for analysis often contain sensitive information that is not for general use. Interception of such data may cause great issues for the organisation. The intercepted data may contain government and military secrets that will be of great interest to other nations and criminals and hence can fuel future criminal activities. An example can be provided in support of the scenario (Ahmed & Matulevicius, 2014). Suppose a highly confidential data containing a top-secret military project of a nation is being analysed. Due to poor security, the data is intercepted by a hacker. Now the data will be of great importance to the rivals of the nation and in case the hacker exposes the data to those individuals for financial benefits, the military organisation will be heavily affected, which in turn will affect the whole nation (McAfee, Brynjolfsson & Davenport, 2012). In case of organisations, the damage is not nation-wide, although the organisation may be fatally affected; this may even lead to shutting down of the same (Chen, Chiang & Storey, 2012). Therefore, it is evident that data plays a vital role for almost all the operations in every organisation. Hence, a large amount of damage can be caused to an organisation or a government by exposing sensitive data related to the same.
4. Discussion on Principle Threat Agents
The key threat agents of Big Data are as summarised below:
- Cyber Criminals –These individual carry out hostile activities for financial profit. They have high skill sets in this respect and can be organised on a local, national and international level (Gantz & Reinsel, 2012).
- Script kiddies – These individuals are not hacking experts themselves but use tools that are developed by others to carry out attacks on networks and systems.
- Corporations – some organisations conduct cyber crimes to achieve their goal. These organisations generally perform such actions for achieving competitive advantage against rival organisations by causing harm to the competitor rather than developing its own business model (John Walker, 2014).
- Cyber Terrorists –These individuals or group of individuals carry out terrorist activities through cyber attacks specifically with political or religious motivation. The prime targets of these groups are the most essential parts in a society such as the healthcare centres, energy production industries and the telecommunication services (Boyd & Crawford, 2012). This is because these are the sectors whose damage will directly affect the society, which in turn will affect the government as well.
- Employees –The employees of an organisation can be considered as threat agents in both hostile and non-hostile terms. The hostile agents carry out cyber attacks on the organisation intentionally due to any grudge or dissatisfaction that the employee possesses against the company (Labrinidis & Jagadish, 2012). The non-hostile agents are referred to those employees that carry out cyber attacks against their organisation unintentionally. These attacks are generally caused due to various reasons such as distraction and such.
- Online Social Hackers –These individuals or groups are generally disgruntled due to some injustice that has been done to them by the society or the government. They use the cyber-world to bring their grudge and demands to the public. Their target is generally intelligence agencies, high profile websites, organisations and military institutions (Lazer et al., 2014).
- Nation states –There are whole nation states that can be involved in cyber crimes. Such actions are performed generally against another rival nation (Lohr, 2012). This threat agent is considered to be the most critical threat agent at present as a whole nation state will contain a great deal of resources at its disposal to carry out a global cyber attack that can affect a great deal of nations and its people.
To minimise the cyber threats mentioned above, the organisations, governments and even a nation needs to bring certain reforms as well as adopt new strategies to their system (McAfee, Brynjolfsson & Davenport, 2012). General awareness is necessary among every individual in a society regarding the growing threats to the cyber world and the things connected to it (Marx, 2013). Every individual in the current world situation needs to be properly trained to fight the growing cyber crime. Additionally, the infrastructure of the present security services needs to be upgraded considerably so that the cyber attacks can be prevented before it is conducted. The most vital step to mitigating cyber threats is to be able to predict the time, type and location of attack that is going to be conducted (Marz & Warren, 2015). Relevant analysis tools that can predict these three parameters needs to be developed and implemented so that it will reduce cyber threats to near extinction.
The figure provided below shows the trends in threat probability. Three symbols denote the various aspects in the threat probability. The darkened dots denote the main threat agents that are exploiting the mentioned threats. The white dots denote potential secondary threats that are exploiting the mentioned threats. The last symbol denotes the agents that are affected by the mentioned threats (Big Data Threat Landscape and Good Practice Guide, 2016).
5. Improvements to the ETL Process
Newer technologies need to be implemented to the system that will help in the improvement of the security of the same. Various governing institutes like the COBIT 5 or ISO provide technical reports that suggest changes and improvements that need to be applied in the infrastructure (McAfee, Brynjolfsson & Davenport, 2012). Big Data technology involves the collection of large data sets from multiple sources and analyse the same. Due to this reason, the security of the data needs to be ensured with utmost priority (Murdoch & Detsky, 2013). The various threats that are discussed in the report can be solved by the following measures.
Exposure of sensitive information due to human errors as well as the leakage of data in the web applications can be solved by using encryption methods that not only will ensure the access of authentic users only but also protect the data from other cyber attacks. Along with the proposed method, the systems need to have an improved security infrastructure as well (Provost & Fawcett, 2013).
In case of eavesdropping and intercepting risk, the use of cryptography along with strong network security system and firewall will ensure the reduction in occurrence of such attacks (Swan, 2013).
To minimise nefarious activities like identity fraud, user authentication protocols needs to be implemented at different levels that will accurately judge a fraud activity and differentiate a false user from a genuine user (John Walker, 2014). The DDoS attacks can be prevented by using tools that can detect the anomalies in the network traffic using methods like traffic monitoring, ingress filtering and rate limiting (Marz & Warren, 2015).
In addition to this, there are legal threats that involve the availability of a data to all the departments in a business. This can create issues, which can be controlled by segregated data based on its operational area (Wu et al., 2014). This provides for doing business as per the particular area. Skill shortage can be resolved by providing proper training to the concerned personnel related to information security.
6. Response of ENISA to its current state of IT security
The present state of IT security is not satisfying enough for ENISA. This is mainly due to the presence of numerous gaps in the system. The primary gap that is identified within the system is the presence of vulnerability in data security that can be easily exploited by the cyber criminals. Big Data uses an enormous amount of both normal and highly sensitive data for its operations (Fenz et al., 2014). Therefore, the security of data is highly essential. A window within the security of such data can cause an exponential amount of damage to an organisation, government and even a nation (Peltier, 2013). Sophisticated infrastructure comprising of latest hardware and software is essential for ensuring that no vulnerabilities exist within the software or tool that are responsible for protecting the data.
The next gap is the use of cryptography. Although it ensures a secure environment to the stored data, however, it also serves a complex system environment that causes problems for those who are not used to such complicated methods of data protection (Boyd & Crawford, 2012). Loss of the encryption and decryption keys due to the careless activities of any organisational personnel can cause disaster for the organisation, as the secured data no more stays secure. On the other hand, the availability of the data becomes a problem for those who are authenticated to use the data.
The final gap to the security is the lack of computing framework as the big data vendors provide different versions of tools that are poorly secured, which offers with various risks to the users (Ahmed & Matulevicius, 2014). These tools can be easily exploited by the cyber criminals to obtain resources of their interest. In addition to the gaps mentioned above, the most important gap that is the foundation of an insecure infrastructure is the lack of awareness among the general mass. Lack of sufficient training and campaigns in projecting the gravity of the cyber threats and their implications is helping maintain a casual approach to one of the most threatening issues at present (Gantz & Reinsel, 2012). The continuity of ignorance of common people to the necessity of using a stable and secure infrastructure is the most active factor that fuels the rapid growth in cyber crime.
The report concludes with the insight that Big Data is a very important aspect to the improvement of technology and data analysis. It has become the main element for the growth of many industries. Data is the most essential resource for the operation of an institution, be it an organisation, a governing body or a whole nation. Without the availability of proper data, it is impossible to carry out any operation in any institution. The advent of Big Data has revolutionised data mining and made decision making easier for the management of any institute. However, with the rise in popularity of the concept, it has been subject to some serious threats as well. The threats seek to gather and expose sensitive data to achieve different goals that depends solely on the intention of the attacker. These cyber threats to Big Data need to be minimised by employing certain measures in terms of innovative strategies as well as technical advancement in the field of cyber security. In addition, a global awareness is extremely necessary to resolve the rising threat to cyber incrimination as it is practically evident from various instances that ignorance brings chaos.
Ahmed, N., & Matulevi?ius, R. (2014). Securing business processes using security risk-oriented patterns. Computer Standards & Interfaces, 36(4), 723-733.
Big Data Threat Landscape and Good Practice Guide. (2016). Retrieved from https://Big%20Data%20Threat%20Landscape.pdf
Boyd, D., & Crawford, K. (2012). Critical questions for big data: Provocations for a cultural, technological, and scholarly phenomenon. Information, communication & society, 15(5), 662-679.
Chen, H., Chiang, R. H., & Storey, V. C. (2012). Business intelligence and analytics: From big data to big impact. MIS quarterly, 36(4).
Dumbill, E. (2013). Making sense of big data.
Fenz, S., Heurix, J., Neubauer, T., & Pechstein, F. (2014). Current challenges in information security risk management. Information Management & Computer Security, 22(5), 410-430.
Gantz, J., & Reinsel, D. (2012). The digital universe in 2020: Big data, bigger digital shadows, and biggest growth in the far east. IDC iView: IDC Analyze the future, 2007(2012), 1-16.
Ifinedo, P. (2012). Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers & Security, 31(1), 83-95.
John Walker, S. (2014). Big data: A revolution that will transform how we live, work, and think.
Labrinidis, A., & Jagadish, H. V. (2012). Challenges and opportunities with big data. Proceedings of the VLDB Endowment, 5(12), 2032-2033.
Lazer, D., Kennedy, R., King, G., & Vespignani, A. (2014). The parable of Google Flu: traps in big data analysis. Science, 343(6176), 1203-1205.
Lohr, S. (2012). The age of big data. New York Times, 11(2012).
Marx, V. (2013). Biology: The big challenges of big data. Nature, 498(7453), 255-260.
Marz, N., & Warren, J. (2015). Big Data: Principles and best practices of scalable realtime data systems. Manning Publications Co..
McAfee, A., Brynjolfsson, E., & Davenport, T. H. (2012). Big data: the management revolution. Harvard business review, 90(10), 60-68.
Murdoch, T. B., & Detsky, A. S. (2013). The inevitable application of big data to health care. Jama, 309(13), 1351-1352.
Peltier, T. R. (2013). Information security fundamentals. CRC Press.
Provost, F., & Fawcett, T. (2013). Data science and its relationship to big data and data-driven decision making. Big Data, 1(1), 51-59.
Swan, M. (2013). The quantified self: Fundamental disruption in big data science and biological discovery. Big Data, 1(2), 85-99.
Wu, X., Zhu, X., Wu, G. Q., & Ding, W. (2014). Data mining with big data. IEEE transactions on knowledge and data engineering, 26(1), 97-107.