Analysis Of ENISA Case Study: IT Security Threats And Countermeasures Essay.

1 Write a brief overview of the ENISA case study AND draw a infrastructure diagram using viso, rationale,etc., for the ENISA organisation. NO image or pic from the internet is accepted. 

2 Identity the "Top Threats" from the case study and explain which threat is most significant and why? 

3 Discuss what is Threat agent and identify the same from the case study. Compare and explain how the threat agent impact can be reduced. Check the data provided in the case study for your discussion. 

4 Explain what is ETL process? Then Discuss how ETL process can be improved in ENISA organization. 

5 Conclude with your justification whether the ENISA organization is satisfied with its current IT security. If say "Yes" justify how? OR if say "NO" justify how? 

Overview of ENISA organization

In this project, Network and Information Security of the European Union Agency is taken for analysis. The company is network based and it is an expertise of information security for the European Union, its other member states and other citizens of the Europe. The overview of the infrastructure of the company is discussed and the network infrastructure diagram is provided using the visio software. The top most threats involved in the organization is being analyzed and the significant threat among all the threats involved is discussed in detail. The agents that cause threats to the organization and the counter measures that should be taken to prevent the organization from those threat agents are being discussed. The ETL process of the Organization in general is explained in detail and the improvements in ETL process of ENISA is being discussed. The improved steps to be taken in the extraction, transformation and storage process of ENISA is to be explained. The overall justification about the company is being provided regarding its security. The justification talks about whether the ENISA is providing an information security to the data managed by them in the organization.

ENISA Network Infrstructure

The ENISA big data security infrastructure is shown below.

The ENISA network infrastructure provides the high security. It contains the External server, file server, client & communication server and database server. These are connected with the switches and the switches are connected with core swtiches. The ISP provides t he internet for the router. The routers are connected with the firewall to provide the secure connection.

The recent report is portion of the external estimation of ENISA’s activities in 2015. It carries an in-depth aspects at one of the work packages of ENISA organization which is called as WPK. It presents the aim of WPK 3.3 and its particular deliverables, their, outcomes, outputs and results as recognized in the logic of intervention. By achieving the action under SO3, ENISA goal to support the Member States and the Commission in establishing and achieving the policies essential to satisfy the regulatory and legal requirements of Network and Information Security. In its main programme, ENISA involves to assist the commission and Member States with achieving data protection and privacy techniques through privacy plans and new business methods. In doing so a two kind of approach is implemented, namely 1) promoting feedback from the functional  aspects to those working on establishing the legislative framework and 2) recognizing the most cost-effective techniques and mechanism which can support performance of regulation, involving by determine gaps between these mechanism and the legislative proposals. In this concept, WPK 3.3 targets to strengthen the organization’s efforts in the sector of trust and privacy by promoting analysis of the company readiness, private and public departments for the evolution and adoption of privacy techniques, which provisions directly into the overall aim of SO3, namely resolve the use of privacy improving technologies (PETs). Additionally, the WPK also supports objective of ENISA’s to provide an advanced analysis of the threats of data protection, risks and protection measures in the emerging large and landscape of open data. In its approach, ENISA utilizes the WPK 3.3 activities to construct a bridge between data protection law and the actual protection techniques which expected to support policy makers in considering the advances of technologies and the research organization.

• ENISA Big data threat Landscape 2016
• ENISA Big data threat Landscape infrastructure is shown below.

Top Threats

The taxonomy of  Network and Information Security of European Union Agency (ENISA) mainly focuses on the threats involved in the Cyber Security. Threats are being applied to Information and Communication assets of the technology which includes both natural disasters and man made disasters. This taxonomy is being developed by the group ENISA Threat Landscape (ETL). The threats involved in the cyber security are as follows

• Information Leakage

Damage to the Information of the Organization is the major threat which is caused due to the unintentional human errors. Errors in the administration system of the organization in 4 different technologies of Big data includes Redis, MongoDB, Memacache, and ElasticSearch. These technologied by default does not have authorization, authentication, and encryption control.

• Insecured Application Program Interface

Use of insecured APIs are also an important cause. Big data applications in the organization are being developed on the models of the Webservice in which APIs are easily vulnerable to known attacks.

• Issues in Planning and Design

Improper planning and design may also be a threat. The methods that are used for developing the Big Data analysis and the collaboration of heterogeneous sources of the data causes the redundancy in higher range by providing ill-protected copies of the data. One of the threats that is related to the design may include the usage of tools that are not scalable.

• Hacking the Personal Identity

Big Data systems keeps the storage of credentials used for the access of the personal information and financial account with additional details like credit card numbers, bill and payment details that are considered to be the targets for cyber crimes.

• Common threats in Cyber Security

Other common threats involves Eavesdropping, hacking the information and interception of the information.

• DoS Attack

DoS attack is the Deniel of Service attack which is a traditional type of attack. Sending more and more data without getting the acknowledgement from the reciever leads to Deniel of Service from the reciever end. This kind of attacks remove the components of the Big Data from the network.

• Use of viruses

The general threats like sending malicious code that affects on all the components of the infrastructure of the network. Examples for this type of risks are exposed kits which permit viruses and worms which takes the copy of data and send to other nodes for later hacking and trojans which is capable of doing unauthorized access to the network, backdoor and trapdoors are called as entry points to the system that are not documented ("Big Data Threat Landscape and Good Practice Guide", 2016).

Among the above threats hacking the identity of an individual is considered to be the significant threat. If the person's financial credentials which are very confidential is being hacked then it is a serious issue which can take all the transactions of the individual and the organization's name will be spoiled. So hacking the personal identity of the individual should be taken into account very fastly.

According to the Landscape of ENISA 201390, a threat promoter is nothing but someone or something having decent ability, a defined purpose to clear a threat and a record of previous actions in this view. Therefore, It is very essential to be aware of which risk arrive from which risk promoter organization for big data resource provider "Big Data Threat Landscape and Good Practice Guide", 2016. This research would not create a new lexicon on risk promoter. But it uses the 2013’s Threat Landscape of ENISA notification. The threat promoters are categorized into:

Significant Threat of ENISA

It represent to group that adopt. In this framework, companies are referred as adverse agent of threat. Its main aim is to construct competing benefits over adversary, who develop their major target.Association generally obtain indicative ability which extent from technology to engineering brilliance of human, notably in their area of knowledge based upon their sector and size.

They are adverse by nature. Eventhough, their goal is usually made of commercial profit and their expertise level is very high today. Cybercriminals will be conducted on a national, local or international level.

They are broaden their task and employ with in cyber-attacks. Moreover, Their desire would be either political or devotional, and their abilities differs from low level to high level. Cyber terrorists suggested goals are probably critical infrastructures such as social health, telecommunication, energy manufacturing where their defeat may cause serious shock in government as well as society. Therefore, it should have considered, that in the analyses of public materials.

They are untrained professional using programs grown by others for the purpose to attack networks and computer.

They are socially as well as politically inspired individuals that they use computers to promote and challenge their origin. Organization, huge profile sites and intellectual agencies are their usual targets.

They refer to contractors, staff or operational staff of an industry. They have internal access to company resources and they are also referred as aiding risk promoter. This kind of threat promoters obtain a valid number of skills which permits them to locate valid violation against properties of their group.

They contain invasion cyber ability and utilize them across an assaulter. Moreover, Nation states have currently turn into an outstanding threat promoters due to the categorization of practical defeats that are referred as cyber armament. Some particular risk arrive mostly from certain promoters as for occurrence, the exploitation of authority is connected with organization staff, who can utilize their authoritative credentials to access resources.

ETL is a process that consists of 3 steps and it is considered as a kind of data integration. The three steps involved in the ETL process is Extract, Transform, and Load which is used to combine the date from various resources. In the first step called Extract, data is retrieved from the source. In the Transform step, extracted data is transformed into a format that is compatible for analysis and then the last step called load takes place which involves storing the analysed data into the data warehouse (Anand, 2014).

The SIEM application is used by the organization to collect the information from other resources through directory, bank transactions, social media and other mail logs. While extracting these information from the mulitple resources it should make sure that the data is validated well and filtered in an effective manner. This organization collects the data from various sites, so there is a possibility of collecting some unknown credentials of the user. So the best method to improve the extraction process is to validate the source of the data and filtering the extracted data. The supply chain system of the organization should be maintained well  ("Big Data Security Good Practices and Recommendations on the Security of Big Data Systems", 2015).

Threat Agents

The transformation of the Data involves the process of analysing the extracted data from multiple resources. The extracted data is given to the IT professionals for analysing it. To analyse the data, professionals tranform the data into a format which is compatible for analysis. The analysis has to be performed by using historical trends and analysis should be in a predictive way. When historical trends are used for analysis then it is easy to find the attack once it is initiated by the hacker and the steps taken by the hacker can be known. The original hacking of the data may not be found, but the historical correlation can be determined. The effective queries should be used for analyzing the tranformed data  ("Big Data Security Good Practices and Recommendations on the Security of Big Data Systems", 2015).

The ENISA uses a large amount of data every day. So the financial institution of the organization has to make use of the large volume of data in an effective way and it should be stored in the highly secured environment. Adequate amount of security policies have to be initiated for the protected storage of the Big Data ("Privacy, Accountability and Trust – Challenges and Opportunities", 2016).

ENISA organization satisfied with current IT security, the followed space generally result in a group of recommendation that is divided into technical recommendation, recommendation on general and human resource.

They aim to the major Big Data partner named as  Big Data projects holders and policy makers. Morevover, Big Data problem is more than a management sources, scalability problems, and countermeasures of threat assessment and outcome must refer whole 5V features of a big data background. This study is essential for policy creators indicate rules and regulations targeting recent status of ICT as well as partners who controlling big data analytics and platforms. In latter, it evolves basic to classify  i) The present security step by considering  the property enclosed and not enclosed by availabe security techniques, ii) The application performance of goodexercise adapted from old privacy andsecurity techniques. General recommendation needs alateral standardization effect supporting the description of appropriate big data framework and regulation.

They are main big data projects owners as well as developers of respective goods. The above general recommendation of big data particulars, partner should retrict possible the process of adapting the already avail big data products.

Big Data recommend new property environments, threat, risk and challenges. As a result, new goods are required to offer powerful corrective and maximize the stability of environment of big data. After the estimation of such products should kept in the life cycle of Big Data, through pilots, target to verify their exactbehavior. Moreover, big data good developers have to gain from new tools that offering default privacy and security operations. To terminate this, as already mentioned in general recommendations, global organization are always welcome to support this move to security and privacy solution of big data. By indicate a gap research on big data principle, and its new regularity actions based on recognize gaps.

They aim human resources using and maintaining properties of big data. Earlier, the human resources are one of the major resource of risks. To restrict these study, all repective organization should target on practice of functional experts. Top players must support education resource on big data to increase future experts, information of supporting and security attention of communication technology and practice schedule. Big data owner and other honored users must coordinate with the global organization to threat exchange and provide good practices function. Therefore, owner of big data should depend on good methods and record on their employment options in form of risk, corrective, properties and recognized gaps. Therefore, from this it was very clear that ENISA organization satisfied with current IT security.

Conclusion:

In this research, we promote analysis of gap for those cases where analysis are needed in the field of Big Data risks, security, and good exercise. The uses of cryptography may not sufficient and the accurate threats composed to security experts and administrators with identical authorization. Moreover, this case is exactly genuine when threats connected to data flowing and/or distributing due to mistakes made by human are advised. In additions, data leaks through web applications even called as insecure APIs and poor models or plan or improper adaptation required an enhanced computing model and cache infrastructure models, while cascade information from sensors have confidentiality problems that could not ease by recent outcomes. Further, ENISA organization satisfied with current IT security achieved by technical recommendation, general recommendation and human resource recommendation where target human resources using and maintaining assets of Big Data. In technical recommendation new goods are required to offer powerful countermeasures and maximize the stability of Big Data environments and finally, general recommendation the study is essential for policy promoters indicate rules and legislation aiming recent ICT status, and partners controlling big data platforms and analytics.

References:

Analyze Results — ENISA. (2017). Enisa.europa.eu.

Anand, N. (2014). ETL and its impact on Business Intelligence. International Journal of Scientific and Research Publications, 4(2).

Big Data Security — ENISA. (2017). Enisa.europa.eu.

Big Data Security Good Practices and Recommendations on the Security of Big Data Systems. (2015). .

Big Data Threat Landscape and Good Practice Guide. (2016). .

Cloud and Big Data — ENISA. (2017). Enisa.europa.eu.

Data Protection — ENISA. (2017). Enisa.europa.eu.

Measurement Frameworks and Metrics for Resilient Networks and Services: Challenges and Recommendations. (2017). 

Privacy, Accountability and Trust – Challenges and Opportunities. (2016). .

What Is ETL?. (2017). Sas.com.