Taxonomy for Unsecure Big Data Processing in Security Operations Centers

摘要

While the media constantly describes new attacks, the organizations seriously concerned about their business protection need to be prepared for such sophisticated attacks against their IT infrastructures. Hence a properly designed and formalized information security (IS) management system with Security Operations Center (SOC) as its centric part is required as never before. Among the most important documents for SOC there are two policies: IS policy and IS incident management policy. In order to create a truly effective policy it is vital to adequately describe SOC's operational environment from the IS viewpoint. The paper presents the most demand for these purposes classifications (taxonomy) of IS threats, vulnerabilities, attacks and IS incidents as the negative elements that should be avoided.