Delivery in day(s): 4
IT Risk Management Assignment Help
This is the solution of IT risk management assignment help in which we discuss about European Union Agency for Network security infrastructure
European Union Agency for Network and Information Security is the centre of combination and detail security expert of European Union. The current study provides the brief about ENISA with proper diagram and also provides the ENISA security infrastructure. It will identify the strategies for Combating Insider Threats and also find the most important threat among the top threats. The study evaluates the key threat agents and also provides the summary about the Social Hacking issues. The report discusses the data that is being provided in the table 2 and provides the ways to improve the ETL process.
Overview of case study
According to given case scenario, Enisa is networking security tool which is been used for managing the information technology and analysis to achieve the goals and objectives. It helps to maintain the information about the cyber-threat, duplication of data, security analysis and emerging threat landscape. In addition to this, worldwide, the cyber threat landscape and threat analysis in general has been assigned a central role in practical Security Incident and Event Management. The numbers of organization are using this software for managing the cyber security, access and analysis of threats that could have the direct impact on the strategic, tactical and operational activities of organization (Cohen, 2014). A plethora of related services and good practices are available that are based on threat intelligence. They consist mainly of collection, aggregation and correlation of data. The end-user protection and reduce the threat regarding the information in network is major areas of working that helps to maintain the provision of security and improve the maturity of threat removal. For proper balancing of threat and security need of organizations is maintained by the Enisa cyber security. Moreover, cases has provided the information about the typical uses of threat information and planning of the security standards by involving the target assets for managing the information to create the prior plan for removing vulnerabilities, find relevant implementation of control and analysis of error to apply effective strategy to clean the system. This is the case both in the relevant vendor market and within end-user organizations.
Web-based attack and malware defiance would be the major application of Enisa networking and security tool. For that security techniques need to be identified according to requirements of organizational services and products. This is due to the fact that application developers have understood issues with SQL injection and have managed to reduce the attack surface. Moreover, app stores seem to do a good job in testing apps on malicious activities. Despite more efficient coding practices, in the reporting period web application vulnerabilities have increased slightly.
Diagram of Enisa security infrastructure
The security and networking process of Enisa is based on the current IT tools and technology that have significant impact on the business planning of the organization and level of protection to meet the objectives as well overcome the threat of data loss and misuse (Crawford, 2015). This diagram of security information is involving every aspect of current business threat that has significant impact on the networking and cyber security.
Strategy for combating insider threat
IT system and software have probability of keeping the insider threat that could affect the data activities and security level of information within organization. In order to manage the security level and combating the insider threat, there are different kind of strategy could be used that requires funding and planning of the issues. Following are the strategies that would be used for managing the issues:
This would be prior activity of managing risk in the IT as well overcome the security threat that could influence process of managing the information through online systems. For combating the insider issues auditing will help the organization or management to have knowledge about the tools and technology. The organization must take an enterprise-wide view of information security, first determining its critical assets, then defining a risk management strategy for protecting those assets from both insiders and outsiders (Knipp & Danielyan, 2012). Moreover, auditing gives the opportunities to maintain the standard approach for developing the security benchmark to measure the effectiveness of the network and impact of threat. This strategy is being used by leading organizations for implementing the tools and technology for maintaining the security as well meet the objective more convincing manners.
Training and monitoring
In order to overcome the impact of insider security threat, organization could use the strategy of offering training to staff members to implement the policy and use the technology to achieve the higher standard to avoid errors. This kind of strategy is good for having the knowledgeable staff that could handle the situation according to threat and requirements. All employees in an organization must understand that security policies and procedures exist, that there is a good reason why they exist, that they must be enforced, and that there can be serious consequences for infractions.
Out of the ‘’Top threats’’ which threat would you regard to be the most significant
Out of all threats web based attacks are most dangerous attack for the organization that corrupt whole system of organization and reveal all information to the competitors. Web based attacks covers all allotted techniques regarding redirection of the web browser because of the infected web sites like malicious websites thus future malware infections may take place and corrupt whole system of the organization. This threat cover wide network of the website and also deployment of additional methods in mobile devices and mobile applications may infect the system in organization. This is the top threat that affects the efficiency of operating system and covers the space of the computer or other devices. Malware are linked with the URL of websites and automatically installed in systems and affects the space of the devices. The software may decline the available vulnerabilities in the web browsers and still exploit in order to redirection to the malicious sites (da.et.al.2013). This is most significant and most common threat for the systems because no one will able to know about this threat and it affects the system slowly one of the biggest disadvantage of this threat that no one be able to know about the website in which website the malware virus is attached. Malware covers whole worlds system and also reduces the efficacy of the operating system by attaching with the important websites. Around 145 million unique URLs have recognized as malicious that means over 40% of the URL are infected with the malware. So it can be said that Malware is the most significant threat in the world. It is global issue for much organization that Malware infects important files of the business (Theoharidou.et.al.2103). Web based attacks take the first position in the threat landscape America and Europe.
Identify and discuss the key Threat Agents. What could be done to minimize their impact on the system?
Threats are selected in a way that media attention to successful cyber-attacks creates high adaptability for the criminals. Threat agents are those who damage the cyber security of the organization and collect the important information of the organization and share it to the competitor of the organization that kind of criminals are known as Threat Agents. The agents are that break the security of the organization and collects all the necessary information from the users and hack the system of business. Cyber criminals can better target their attacks and be more victorious in finding of susceptibility, while using more efficiently malicious tools and attack methods (Hufnagle, 2012). Threat agents are biggest threat for the organization that hamper the confidential information of organization and become the threat for the management in terms of security. Following are the threat agents in the market:
Table 1 Trade Agents
Business to business
Nation to nation
Cyber Criminals: Cyber criminals are the group of agents and their main objective is to earn profit from the illegal activities through online means. The main means of their motivation is money and intelligence. They are online cyber crime criminals who work to earn the reward by doing anti-social activities and earn money through unethical means (Hargreaves and Prince, 2013). One of the main characteristic is the suitability of the large time and money budgets and technically they are well equipped.
Hacktivists: They are the threat agents and their main motive is to generate the attention of media because they are politically motivated activists. Their motivation behind this kind activity is dynamically set groups, sub-groups and central organization structure. Their reactions can be viewed at the time of riots, international sport events, election and any other major event that creates the international attention.
Cyber fighters: Cyber fighters are the groups of nationally motivated people or citizens that plays vital role in striking the power. Their attacks based on the politics in the similar manner of the Hacktivists. They are the self motivated groups who work to exploit the politics in the country and create the environment of riots.
Cyber Terrorists: Cyber terrorists are targeting large scale sabotage that national and international security in the country and also influence the people of national and international boundaries to create the environment of riots in the country (Bendersky and Tinsley, 2015).
Provide a brief summary of Social Hacking issues
Social hackers are the biggest treat for all the nations because they did not feel the online platform safe and secure due to social hacking. Abdulhamid.et.al (2014) stated that online social hackers are skilled with social engineering knowledge that help them to hack the website of any other online source of the organization and misuse the information of the organization. Main tools used for the social hacking are based on the social targets thus evading privacy of the capable employees. The hackers various sources to hack the websites like Using loggers, waste data, social media accounts etc. High tech techniques are used by the social hackers to hack the social platform of the organization that create the treat for the organization. According to Kumar.et.al (2013) this kind of groups may cause the important privacy influence mainly in the area like identity theft, collection of private information, personalized data, user documents, cyber maltreatment etc. It can be said that with increment in the usability of social media then social hackers will also plays important role in the hacking of the websites.
Threat probability according to table 2
According to table 2 provided in the case, there are various type of trends and threats have significant impact on the planning and implementation of landscape information security activities. The table has suggested the data about worms, code injection, web application attacks and insider threats that influencing the operational and tactical activities of organization to meet the goals and standard. Moreover the denial services and phishing of the data is one of the major problems of security threats (Stallings & Stallings, 2010). These kinds of security threats are creating the issues like leakage of information, fraud, cyber espionage and attack of the website. A plethora of related services and good practices are available that are based on threat intelligence. They consist mainly of collection, aggregation and correlation of data. According to table the process of managing the information as well utilization of resources provided to the employees to manage the data having the major threat from Trojans and web-based attack. The end-user protection and reduce the threat regarding the information in network is major areas of working that helps to maintain the provision of security and improve the maturity of threat removal.
How could the ETL process be improved? Discuss.
Due to high amount of data in ETL process, it becomes necessary to improve its performance by smoothing the process as possible. Hence, the following are some of the ways through which ETL process can be improved:
Loading of only those rows which are changed: The high amount of data can be reduced by extracting only those rows in ETL which are either been changed or which are new from the preceding ETL. This process will speeds up the high volume ETL processes. These rows can be extracted by creating an extract tables holding data from previous ETL run date. Use of this method would transfer the stack of CPU from the performing server to the data source (Jin.et.al, 2014). This method performs only for added and modified rows but it cannot be used for deleted row.
Use of batching: Batching can be used for improving the performance of ETL process either extracting the rows by dividing logically or by recurrently using the extracted data. The logically isolating of data assists in achieving extraction at different intervals. This would help in decreasing the volume of data communicated for each ETL load implementation. This will ultimately diminishes the load on the network and conflict of resources at the performing database.
Use of SQL Server Destination in a data flow task: If the data is needed to be pushed in the local SQL Server database then the use of SQL Server Destination is suggested because it improves the performance of ETL by reducing the limitations and increasing the benefits (Turajli?.et.al, 2014). It also facilitates with the enable and disables options while loading the data so as to diminish the problems which affect the ETL performances.
Based on Table 10 and your own research, identify and discuss threats that (in your opinion) will be most challenging for ENISA to combat in the year 2016 onwards.
The threats observed through a deep research and from based on the reference includes denial of service attacks which includes hypervisor, packet flooding, malicious codes which includes worms and Trojans, web application or injection attacks, insider threats which involves intentional or unintentional, any physical damage, theft or loss, fraud and phishing which infect IT and also steals identity information (Papp and Buttyan., 2015). According to the research the most challenging threat for ENISA is the concerned with the region of surrounded systems and hardware programming. ENISA is engaged in covering all the threats related to this area because they attack to the apparatus which are closure to the physical coating of hardware devices. They are very complex and are not detected easily. They can be removed simply by replacing the devices which are prone to these attacks. Therefore, it is required to identify the significant assets and proper assessment of their exposure. The significant assets include hardware programming, firmware architectures, standard device interfaces, graphic cards, memory sub-systems, etc.
The software defined networks and network virtualization are having centralized control over the networks (Bhunia.et.al, 2014). This includes management of network and issues related to data flow. Due to concentration of the network at a single point may be affects the whole network. Therefore, attacks on the components of network can also affect the central control functions via coupling over data transmission through switches. The malware such as Trojans and worms are also one of the challenging threats. The Trojans are common type of malware as well as newly introduced.
To sum up, should ENISA be satisfied with its current state of IT Security? Why? Or why not?
According to the research it can be concluded that the ENISA could be satisfied with its current state of IT security because they have worked on the threats by prioritizing them and founding optimum solutions to them. The reduction in web application attack surfaces is also noticed. The injection attacks, exploit kits, spam, phishing, scareware, malicious code, etc is also reduced to greater extent (Christmann.et.al, 2015).
The measures obtained by the ENISA not only helps in reducing the effects of the threats but also it proven best in securing the data, and easy transferring of the data without any interferences. The ETL process is also been improved by extracting the only those rows which are either being inserted or modified. This leads to smoothening the operations and functions of ETL process. This is achieved by using the batching system and applying only the changed rows. The threats related to the areas of embedded systems and hardware devices are also solved by removing the components which are prone to the attacks. The threats related to data breaches are also lessen by using the strong passwords and strong networks. Basically the data breaches are occurred due to vulnerable networks, incorrect user authentication, database error, and tampering and insider threats (Purser, 2014). The issue related to information leakage is also removed by introducing high security and highly secured passwords and allowing access to only limited users.
From the study, it is been considered that Enisa security standard has provided the support to the networking and improvement in the cyber security that could influence the process of working and operations of organization in IT sector. Report has discussed the strategies that would be used for combating insider threats as well top threats from the case study for analyzing the impact on the tactical and operational security. In the next part report has provided the detail information about the Threat Agent and social hacking issues that affecting the work of organization. At the end report has provided the information about the IT security tools and their impact on the services.
- Abdulhamid, S. M., Ahmad, S., Waziri, V. O., & Jibril, F. N. (2014). Privacy and national security issues in social networks: The challenges. arXiv preprint arXiv:1402.3301.
- Bendersky, C., & Tinsley, C. H. (2015). Finding Cyber Terrorists: The Influence of Status on Inter-agency Counter Terrorism Taskforces.
- Bhunia, S., Hsiao, M. S., Banga, M., & Narasimhan, S. (2014). Hardware Trojan attacks: threat analysis and countermeasures. Proceedings of the IEEE, 102(8), 1229-1247.
- Christmann, C., Falkner, J., Horch, A., & Kett, H. (2015). Identification of IT Security and legal requirements regarding Cloud services. CLOUD COMPUTING 2015, 16.
- Cohen, F. (2014). Managing network security: Simulating network security. Network Security