Saturday, December 7, 2019

European Union Agency for Network and Information Security Security I

Question: Discuss about theEuropean Union Agency for Network and Information Securityfor Security Infrastructure. Answer: ENISA An Overview of Case Study ENISA is a centre for the maintenance and implementation of security policies in the European Union and the associated organizations and agencies. It is referred to as European Union Agency for Network and Information Security and came up with the ENISA Technology Landscape (ETL) in 2014. The case study covers the current threats that exist and also lists the top threats for the year 2014 along with a comparison from the ones that were present in 2013. There were a number of measures that were taken to control the threats and ETL was designed with an aim to put a check on all the security loopholes. However, in spite of so many efforts and attempts, there were a number of occurrences. The case study covers the description of the top threats such as data breaches, insider threats, phishing, ransomware and many others. The case study also covers the threat agents that are involved in the execution of these threats and these agents are the cyber based agents such as cyber criminals, cyb er terrorists and many others. Technology is something that is changing at a rapid rate and the emerging technology trends and landscape has also been covered in the case study. The areas to focus upon in order to improve the security have been concluded in the end (Enisa, 2016). ENISA - Security Infrastructure Diagram The diagram depicts the various security areas that must be present in the security infrastructure so that the overall security of the system and its associated components can be enhanced. There are a huge number of entities that are present under ENISA and the same are required to be safeguarded against all the security loopholes. These levels and the sub-parts to be covered in the security aspect of ENISA has been shown in the security infrastructure diagram below. ENISA Security Infrastructure Diagram ENISA Steps to Deal with Insider Threats Administrative Controls The employees should be communicated about the policies and the list of dos and donts as far as the security mechanisms are concerned so that there may be no instances of mistakes or inadequate due diligence. Also, there must be trainings and administrative checks that must take place in a frequent manner to keep the internal employees aware about the security parameters to be followed (Musthaler, 2016). Physical Controls Physical security is something that is mostly overlooked and is not paid due attentions. However, physical controls must be applied such as display of identity cards, checking of the employee bags and likewise at all the entry and exit points (Cert, 2016). Technical Controls There are a number of technical controls and checks that must be applied and installed to make sure that the insider threats are prevented. Technical and automated identity and access management with the use of multi layer authentication and similar measures should be applied. There should also be maintenance of the technical logs and records so that the activities can be scanned and monitored at a non-stop basis. Risk assessment, network monitoring, network scans and many other technical measures should also be adopted. ENISA Data Breaches as Most Significant Threat There are a number of threats that have been listed in the case study as the top threats that were encountered in the year 2014. Data breaches that took place make up the threat that is most significant since its impact, likelihood and the risk ranking as well (Ko Dorantes, 2016). As per the data that has been recorded and analyzed in the case study, data breaches made up for the major portion of the threats that took place in 2014. Also, there were scenarios wherein the impact was extremely severe in nature. This threat has been judged and evaluated to be the most significant threat since it has the potential to hamper the confidentiality, availability and the privacy of the data. The information types that are associated with ENISA can be private or confidential such as there is a lot of healthcare information that the centre deals with. Any violation of the privacy of this category of data can be fatal for the organization and can result in some serious legal punishments. It is b ecause of this reason that the threat has been evaluated to be the most significant out of all (Amato, 2016). ENISA- Threat Agents and their Impact Cyber Criminals: These are the entities that make use of cyber platforms to introduce the web based attacked or inject the malicious code to the machine of the user. The intent behind these agents is to cause severe damage and also to gain unauthorized access. Online social hackers: Social hacking is the issue that is very commonly seen in the current era and these agents are the primary entities behind the execution of the same. Hacktivists: These are the threat agents that make use of a political motive to give shape to a particular threat or attack. Employees: The employees that are associated with a particular firm also add up to the major number of the threat agents and are involved in giving shape to the insider threats. These employees can be current or the ex-employees of a firm (Casey, Koeberl, Vishik, 2010). Script Kiddies: There is a great interest of technology among the young individuals and in their attempt to play with the technology; they may often result in being the part of a threat as a threat agent. These threat agents have a huge impact on the security architecture as these are the prime entities involved in the execution of a threat. It is therefore necessary to control their impact and the same can be done by improving the security infrastructure. Employees as threat agents can be controlled by implementing the administrative, physical and technical controls as described earlier. The other threat agents can be controlled by making sure that the security loopholes do not exist and there is advanced security mechanism applied across all the entry and exit points. ENISA Issues with Social Hacking Social hacking is a type of security assault that is executed by the social programmers as the operators of the dangers and incorporates the endeavor to change the social conduct of a client through various diverse means and methods. The present period is the time of social media and the nearness on this stage is right around an order for each and every person. The social programmers pick up favorable position through this wonder by performing dumpster making a plunge which the disposed of client profiles and information is gotten to recover imperative data and examples, for example, client name, contact data, email address and in like manner. Pretending is additionally a typical type of the social hacking issue that incorporates the pantomime of a specific client or association on a social stage to pick up data. Social hacking has come up a simple approach to break the web and system security as the nearness of the clients on the stage is enormous and it gets to be less demanding fo r the programmers to recover noteworthy data through various instruments. The effect of these social hacking issues can be moderate to amazingly extreme as these can possibly increase touchy and classified data through the medium. Such unapproved instrument of picking up the data can then be abused by the social programmers (Wood, 2016). ENISA- Common trends in the Threat Probability The table displays the comparison between the threats that occurred in the year 2013 and the threats that took place in the year 2014. The inclination and decline of the threats has also been displayed through the medium of the table. The threats that are seen to be more probable in 2014 and in the upcoming years are as listed below: Malicious Codes Web Based Attacks Injection Attacks Denial of Service Phishing Data Breaches Loss and Theft Information Leakage Identity Theft Cyber Espionage (Nichols, 2016) There are also attacks that have been seen and analyzed as less probable in the current era such as those associated with the botnets, spam, explore kits and scareware. There is a newer form of attacks which has been categorized as the insider attack and the probability that is associated with these threats is very high. It is because of the reason that there are lesser control and prevention measures that have been developed in order to put a check on them. The threat probability can therefore be defined as highly probable for the attacks that are on a rise as listed in the points above along with the insider threats. It would be lesser for the threats that are on a decline. ENISA Required Improvements in the ETL Processes The ENISA Technology Landscape was designed and implemented to make sure that the occurrences of the security threats and incidents could be minimized. However, in spite of so many efforts and measures there were still many threats that were seen with low o very severe impact. It is therefore necessary to bring about certain sets of improvements in the ETL processes which are as listed below (Microsoft, 2016). The design and implementation of the security policies must be done throughout the entities that are involved in ENISA rather than doing the same in a step by step manner. The policies that exist around the employee management and the processes involved with the same need to be improved. As soon as an employee quits an organization, the access and credentials allocated to the same must be dissolved. In case of missing the step, there may be access of information to the employee even after quitting the organization which may be dangerous. Cryptography and encryption techniques are still not very strong in the security infrastructure that is associated with ETL. There must be Advanced Data Encryption Standard (AES) that should be utilized to keep the information secure even if the attacker succeeds in the attempt to get hold of the same. Biometrics identity checks should be installed at all the entry and exit points to improve the identity management and keep the entire system automated to prevent any sort of manual intervention in the same. ENISA List of the Challenging Threats There are many of the top threats that have been listed for ENISA in the case study. The most challenging threats out of all are as listed below (Panetta, 2016). Insider Threats: These are the threats that are executed by the staff internal to the organization and thus are often difficult to predict or prevent in advance. The staff members are always aware of the security policies that are associated with the organization and form measures to curb the same. It therefore becomes challenging to put a check on these attacks. Data Braches: The amount of data that is present with the organizations in the current era is huge. It is because of this reason that the policies that are developed to control and prevent the threats associated with data breaches should be as per the type of information. The task can be troublesome to apply varied degree of policy for different type of data. Web Based Attack: The entire world is now using web for one purpose or the other and it is due to this very reason that the number of attacks is also huge from this medium. It is difficult to control these threats due to the amount and the severity of the same. Social Hacking Threat Agents and Issues: Social networking and the information that can be retrieved from these platforms is also an easy way out for the attackers and challenging for the security teams to put a check on the same. ENISA Current State of IT Security ENISA must not be satisfied at all with its present scenario of IT security. The reasons behind this are many such as the technology and the structure of technology is something that is not at all constant. It is changing with every passing second and therefore it would be necessary for ENISA to keep up with the same. There are also a number of security threats and attacks that are introduced in the agencies and organizations that are monitored by ENISA in spite of a number of countermeasures that have been developed. It is necessary to keep up the effort and come up with stronger parameters and mechanisms so that the attackers do not success in security breaches of any kinds and the number of threats also get reduced by a good margin. The effort that is required towards the support, maintenance and updates regarding the security measures must never be put to rest and it is essential to involve an element of innovation and technical advancement with the same to not allow the attacker s to succeed in their attempts (Aws, 2016). References Amato, N. (2016). The hidden costs of a data breach. Journal of Accountancy. Retrieved 22 September 2016, from https://www.journalofaccountancy.com/news/2016/jul/hidden-costs-of-data-breach-201614870.html Aws,. (2016). Overview of Security Processes. Retrieved 22 September 2016, from https://d0.awsstatic.com/whitepapers/aws-security-whitepaper.pdf Casey, T., Koeberl, P., Vishik, C. (2010). Threat agents. Proceedings Of The Sixth Annual Workshop On Cyber Security And Information Intelligence Research - CSIIRW '10. https://dx.doi.org/10.1145/1852666.1852728 Cert,. (2016). Insider Threat Best Practices. Retrieved 22 September 2016, from https://www.cert.org/insider-threat/best-practices/ Enisa,. (2016). ENISA draws the Cyber Threat Landscape 2014: 15 top cyber threats, cyber threat agents, cyber-attack methods and threat trends for emerging technology areas ENISA. Enisa.europa.eu. Retrieved 22 September 2016, from https://www.enisa.europa.eu/news/enisa-news/enisa-draws-the-cyber-threat-landscape-2014 Ko, M. Dorantes, C. (2016). The impact of information security breaches on financial performance of the breached firms: An empirical investigation. Retrieved 22 September 2016, from https://jitm.ubalt.edu/XVII-2/article2.pdf Microsoft,. (2016). Microsoft Core Infrastructure Optimization: IT Security Processes - Best Practices for Business IT. Microsoft.com. Retrieved 22 September 2016, from https://www.microsoft.com/india/infrastructure/capabilities/itprocesses.mspx Musthaler, L. (2016). 13 best practices for preventing and detecting insider threats. Network World. Retrieved 22 September 2016, from https://www.networkworld.com/article/2280365/lan-wan/13-best-practices-for-preventing-and-detecting-insider-threats.html Nichols, A. (2016). A Perspective on Threats in the Risk Analysis Process. Sans.org. Retrieved 22 September 2016, from https://www.sans.org/reading-room/whitepapers/auditing/perspective-threats-risk-analysis-process-63 Panetta, K. (2016). Gartner's Top 10 Security Predictions 2016 - Smarter With Gartner. Smarter With Gartner. Retrieved 22 September 2016, from https://www.gartner.com/smarterwithgartner/top-10-security-predictions-2016/ Wood, P. (2016). Social hacking: The easy way to breach network security. ComputerWeekly. Retrieved 22 September 2016, from https://www.computerweekly.com/tip/Social-hacking-The-easy-way-to-breach-network-security

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.