Security Topic #1: CIA Triad

 

Security: Introduction to CIA Triad

What do you do to secure a network? In this article, we are going to talk about CIA Triad. When you implement a security solution, you achieve one of the goals out of three security pillars – Confidentiality, Integrity, and Availability, it is often called the CIA triad.  

When a cybersecurity attack hits your network, it violates one of the planes of CIA triads. So, anyone who wants to make a career in the cybersecurity field needs to understand these basic principles. A good grasp of these helps to ensure that all the security solutions are protecting at least one of these principles. Let’s start.

Figure 1: CIA Triad

Confidentiality

The prevention of data disclosure to unauthorized users is called confidentiality. As data or information is the new cash in the digitization world, enterprises spend a lot to ensure data confidentiality to protect critical data. Encryption is a popular implementation of Data confidentiality.

Integrity

The protection of unauthorized modification/alteration of data by unauthorized users is called Data Integrity. Data Integrity ensures that data is consistent while it is in transit or in-rest. Calculating the Hash values against data is an implementation of data integrity.

Availability

Providing data or information access to only intended authorized users is called Data Availability. It ensures data is available to authorized users only to a level that is required a user to perform his job successfully.

Believe it or not, when attackers impact the availability of data or information it is called the successful attempt to breach the system. Access Control Systems are a good example of Data Availability implementation. I hope you find this informative!

Continue Reading...

• What is Smurf attack and the protection? - The Network DNA
• Don't Leave Your Network Vulnerable : Reasons to Switch to a NGFWs
• Cisco DUO & Authentication Flow - The Network DNA
• How to Strengthen Mac Security Using FileVault Encryption?
• How to Make Your Computer Less Prone to Potential Threats
• Top 5 tools to use alongside a firewall for the best network protection in 2020
• Securing Open Source Code Repositories Against Exfiltration Attacks

Further Continue Reading...

• Introduction to DLP: Data Loss Prevention
• Denial-of-Service (DoS) attack
• Introduction to Deep Packet Inspection (DPI)
• Security audit Vs Vulnerability assessment
• GDPR and HANA Compliance
• Compliance, Purpose and why it is important?