- Donn Parker - Information security researcher and consultant
The main purpose of cyber security is to ensure Confidentiality, Integrity, and Availability (CIA) of data and services. The CIA three principles are commonly referred to as the CIA Triad. The triad is a widely used information security model in the industry. It is considered a vital security feature because it helps to avoid compliance issues, ensure business continuity, and prevent reputational damage to the organization.
Confidentiality
Confidentiality refers to the protection from unauthorized access. In essence, it is a set of measures that make sure only authorised people have access to the files in question while denying access for other parties.
In the context of Network security, it can be done using the policies to deny user access to specific information.
Integrity
Integrity refers to the protection of data being tempered, modified, or altered with in any unauthorized way. It ensures that information is reliable as well as accurate.
This measure ensures that the data or information is not changed while in transit. Also, it ensures that the data cannot be modified by an unauthorized person. Restricted file permissions and user access control are some of the tools used.
Availibility
Availability ensures that data is available and accessible whenever it is needed. This protection measure ensures that the information and network resources are available to the authorized people.
Security controls for availability include data backups, patches, and redundant systems.
Confidentiality, Integrity, and Availability are considered as core goals of any security approach. Click on the following flashcards to learn some useful CIA Triad terminology
How does it seem so far? All clear? The following video introduces you to the five laws of cyber security. Pay attention, and complete the following exercises after the video.
Youtube-video: https://www.youtube.com/watch?v=nVq7f26-Uo(target="blank")