There are various data security threat which have been discussed in ENISA report; some of the top threat which could be considered most important and which have great effect particularly when it comes to the security of the Big Data assets and the infrastructure are discussed below;
Based on this landscape report (2016), the nefarious activities usually manipulate the existing data infrastructure through the hackers who uses various software or perhaps a tool (Chance & Brooks, 2015). Their actions usually leads to interferences to the security of the infrastructure of the Big data for example the software, computing models, hardware as well as the storage models. The major security threats which relates to the nefarious activities are; utilization of the malicious code which is referred to as virus in order to paralyze on the operations of the infrastructure of the Big Data (Chance & Brooks, 2015). Another activity is the identity theft which usually involves stealing of the data systems logins by unauthorized individuals. Another activity is the denial of the service information, which involves the use of the certificate that are rogue as well as the misuse of the audit tools. The nefarious activities in most of the case are rated high due to the fact that in most cases where there is use of the malicious code, it target the large sources of data particularly in big organization or perhaps the government entities. An example was the use of the WannaCry Ransome attack which targeted the major organization data system in 2017.
This occurs when the packets travel across the network, these are prone to getting altered, looked at or perhaps hijacked. Hijacking generally occurs whenever a malicious party intercepts the network traffic session and postures as one of the session endpoints. The attacker has the capacity to monitor on the data sources to or perhaps from the target, to have the ability to gather the most susceptible data (McNeil, Frey & Embrechts, 2015). This attacks is focused on sniffing the network traffic, but could possibly include observing other type of information streams. Sniffing or even eavesdropping is basically the act of monitoring the traffic on the network when it comes to the data for instance the plaintext passwords or perhaps configuration data. With merely a simple sniffer packet, the attacker could read conveniently all the plaintext traffic. This threat is amongst the leading most since it is executed via the net as soon as the attacker is able to gain access to a connection using the packet sniffer to the victim system, they can do a lot of damage for example steal the information, or even modify on it.
Loss of data/unintentional damage
This is human error, unintentional intervention or perhaps the erroneous use of the administration of system which leads to the data loss or destroyed by failures or neglect in the storage and it may end up in the unintended individuals (Pahi & Skopik, 2016). Such leakages of the data could be due to unintended data sharing for example through the emails, web programs or perhaps inadequate information on to the system data that is in use. This kind of threat could damage individuals greatly. For example, in the event that the data which was contained in the information system belong to a patients in the hospital, and it leaked the patient medical data is no longer confidential as it is required.
Based on ENISA threat landscape (2013), defines the threat agent as somebody or perhaps something that possess reliable functionality, an obvious intention to be able to manifest a threat as well as document of past actions (Cornelissen & Cornelissen, 2017). With regards to the Big Data asset owners it is essential to be familiar with the danger agents which have emerged from threat agent group. The key threat agents are as follows;
These are individuals who undertake unauthorized activities through use of the internet or perhaps a network channels by targeting the data system. These kind of people usually conduct such activities for the purpose of personal gain (Cornelissen & Cornelissen, 2017). The basis of carrying such activities would be for information theft or even modify the data for example, the point of sales, or even then the banking system among other for the sole purpose of gaining financial independence. The cybercriminal can target organization that are locally, or internationally such as the banks or the insurance companies to get the insurance policies data (Cornelissen & Cornelissen, 2017). Based on the landscape report it has highlighted that the countries such as Russia, and China have been affected by many instance of cybercrime between the period of 2011 and 2013. Despite this increase number of criminal activities it is possible to control them in different ways.
One way would be through control in Access security feature. In the use of this security features in the Big Data infrastructure it enable a way for the authorization level in order to classify the process of access where each user of the system has their own access security credentials which are defined to a given part of the information system. This would assist in preventing the unauthorized individuals from gaining access to unauthorized data hence reduce on the rate of the cybercrime activities (Khan, Yaqoob, Hashem, Inayat, Mahmoud, Alam & Gani, 2014). Another way to prevent the cyber criminals from accessing the system would be through use of an Anti-virus in the business as well as keeping it up to date. This program ensures that any malicious software or perhaps a code that is used by the cybercriminals so that they do not penetrate to the data systems (Richards & King, 2014). Additionally, it is important to note that the design as well as the implementation of the data systems, it is vital to put the security protocol that integrate into the system to be able to counter any attack from the cyber criminals. It is also vital to control on the cybercrime through monitoring of the data system infrastructure as well as scanning on the data which is contained in the system. This ensures that every behavior which is unauthorized can be detect and appropriate action is undertaken.
According to the ENISA reports highlights on the issues of the cyber terrorist as one of the threats of the system security (Pritchard & PMP, 2014). The cyber terrorist are individuals who use the internet to enable an attack by use of either a malware, or the virus and infect the network of computer that belongs to different organization and individuals. The motivation which is pegged on the cyber terrorism activities is based on political or religious and the capability could vary from low to high (Pritchard & PMP, 2014). The cyber terrorists usually prefer critical infrastructure for attack such as public health, energy production as well as telecommunication. These individuals causes severe impact in the society as well as the government.
To minimize on the cyber terrorism there are various measures which could be employed. Some of the security procedures which can be implemented are; one is the design of the data system security mechanism from the beginning (Taylor, Schroeder & Meyer, 2014). This is rather a preventive technique which makes sure that the system is secure from any attacks. When there is integration of the security measure during the design it ensures that the intention of the attackers are prevented and no damages could occur. Other security measures which could be incorporated would be the physical isolation to the data systems (Taylor, Schroeder & Meyer, 2014). This could ensure that any physical attack such as stealing of the information system or the devices could be prevented. Other ways world be through cryptography security techniques. These are techniques for securing communication in presence of the third parties regarded as adversaries. It all about constructing as well as analyzing the protocols in order to prevent third parties or the public from reading private information by encrypting the data. When the business assets have been encrypted it become difficult for the cyber terrorists to penetrate the system.
Online social hackers or hacktivists: This is another key threat to the information systems. Based on the report of ENISA agency, these hackers motivated both politically and socially to use the computer system especially when protesting or even promoting their cause. Their target are mainly the high profile websites, corporations, military institutions or perhaps intelligence agencies (McNeil, Frey & Embrechts, 2015). Their subversive use of the computers as well as the computer networks would be to promote the political agenda and even the social alterations. In relation to the roots in hacker culture in addition to the hacker ethics it ends tend to be more often associated with free speech, or the freedom of information movements. These kind of hackers obtain people information or organization without their consent (McNeil, Frey & Embrechts, 2015). The general function of the social hackers would be to get access to the data to the constrained information or physical space without appropriate permission. In many of the cases they achieve their goal by means of impersonating a group or even a person; who is directly or simply indirectly known to the victims or maybe by representing an individual or group in high position of authority. This is achieved by means of a pre-medicated research as well as planning to gain the confidence of the victim.
There are various measures which can be put in place to prevent the online social hackers some of them are as follows; one is to be cautious with your password. Besides having strong credential of password which is hard to guess, it is important to be scholastic about other individual knowing about it (McNeil, Frey & Embrechts, 2015). Do not share it with any individual and when not in the system always log yourself out. The second security measure would be to have a two-factor authentication. This could offer an extra layer of protection to your password. With the use of the two-factor authentication one is able to eliminate any threat of individuals breaching the social media accounts or any other account.
Based on the facts which have been provided on the report in regards to threats agent by ENISA, it is evident that these threats could be caused by any of threats agents for example the cybercriminals, online social hackers, script kiddies and the cyber terrorist (Morabito, 2015). This clearly highlights that there is no specific threat to which could be associated by any given threat agent (Morabito, 2015). Therefore, it is observed that any agent could be arise from any threat and thus the information systems can be protected against any security threat agent that arises to make it more secure from any attack.
Discussion on improvement of ETL process
As a result of the huge volume of data in the processes of the ETL, improvement to its performance is very vital to enable the whole process to run smoothly. This process may be improved in the following ways; one way would be to load the data incrementally. Merely loading only changes between the previous and the new data which can save a lot of time as compared to the full load (McNeil, Frey & Embrechts, 2015). It can be difficult in implementing as well as maintaining, but difficult does not mean impossible. The second thing would be to partition of the large tables. In case one uses relational databases and you intend to improve on the data processing window, one can partition large tables (McNeil, Frey & Embrechts, 2015). This could cut big table down to be physically smaller maybe by date. Each of the partition would have its own indices as well as the indices tree which is more shallow hence enabling quicker access to the data. Moreover, this would allow switching of the data in and out of the table in quick Meta data operation as compared to the actual insertion (McNeil, Frey & Embrechts, 2015). Another way would be through batching. This may be used in improving the performance of the ETL process by extracting numerous rows by means of separation logically or through recurring used data that has been extracted (Rivers & Lewis, 2014). This ensures that the data has been extracted at various intervals hence making the process much efficient. Moreover, this process is important because it reduces on the amount of data which is utilized in each implementation load of ETL.
Whether ENISA should be satisfied with current state of Information Technology security?
Based on this research I believe that ENISA should be satisfied with their current state of the information technology strategy. This is because this organization has been able to identify the security threats and they have been able to group them into various categorizes and provide techniques on how to mitigate them (Chance & Brooks, 2015). The measures which have been employed by ENISA provide a platform for securing the information through different infrastructures without any cause of interferences. Moreover, in the research it has identified the various strategies used in improving ETL operations (Chance & Brooks, 2015). ENISA has been able to resolve different threats which are embedded in the systems as well as other hardware devices. Additionally, the report has highlighted on other threats which could bring about the information leakages or unauthorized access that could be controlled by use of the control access mechanism and presence of secure credentials. In my view, ENISA should appreciate on the current state of their IT security strategy.
Ballard, C., Compert, C., Jesionowski, T., Milman, I., Plants, B., Rosen, B., & Smith, H. (2014). Information Governance Principles and Practices for a Big Data Landscape. IBM Redbooks.
Barocas, S., & Nissenbaum, H. (2014). Big data’s end run around anonymity and consent (pp. 44-75). Cambridge University Press, NY.
Chance, D. M., & Brooks, R. (2015). Introduction to derivatives and risk management. Cengage Learning.
Cornelissen, J., & Cornelissen, J. P. (2017). Corporate communication: A guide to theory and practice. Sage.
Davis, T. A., Wong, M. L. M., & Paterson, N. M. (2015). The Data Security Governance Conundrum: Practical Solutions and Best Practices for the Boardroom and the C-Suite. Colum. Bus. L. Rev., 613.
Khan, N., Yaqoob, I., Hashem, I. A. T., Inayat, Z., Mahmoud Ali, W. K., Alam, M., ... & Gani, A. (2014). Big data: survey, technologies, opportunities, and challenges. The Scientific World Journal, 2014.
McNeil, A. J., Frey, R., & Embrechts, P. (2015). Quantitative risk management: Concepts, techniques and tools. Princeton university press.
Morabito, V. (2015). Big data and analytics: strategic and organizational impacts. Springer.
Pahi, T., & Skopik, F. (2016). A Public-Private-Partnership Model for Na-tional Cyber Situational Awareness.
Pritchard, C. L., & PMP, P. R. (2014). Risk management: concepts and guidance. CRC Press.
Richards, N. M., & King, J. H. (2014). Big data ethics.
Rivers, C. M., & Lewis, B. L. (2014). Ethical research standards in a world of big data. F1000Research, 3.
Taylor, L., Schroeder, R., & Meyer, E. (2014). Emerging practices and perspectives on Big Data analysis in economics: Bigger and better or more of the same?. Big Data & Society, 1(2), 2053951714536877.