Cybersecurity Studies - 1 (CIA Triad)

Data, information, and intelligence are often used interchangeably. They are interconnected, but they have distinct meanings.

Data, Information, and Intelligence

Data is raw, unorganized facts such as IP addresses, URLs, or hashes. Information can be derived from data by combining multiple data points to answer specific questions, such as how many employees have accessed a website within the month. Intelligence is achieved by analyzing data and information to identify patterns of activity and extracting insights. Data is collected, assembled into information, and handed to an analyst to analyze and transform information into intelligence. ⁷

Information security (InfoSec)

Information systems encompass the entirety of infrastructure and services employed to gather, process, store, and transmit information between various locations, making it accessible to users. Information systems management encompasses all activities related to the effective utilization, compatibility, and development of information systems.

Information security and cybersecurity are often confused. InfoSec is a crucial part of cybersecurity, but it refers exclusively to the processes designed for data security. Cybersecurity is a more general term that includes InfoSec. InfoSec is a set of security procedures and tools that broadly protect sensitive enterprise information from misuse, unauthorized access, disruption, or destruction. ⁸ ⁹

CIA TRIAD

CIA triad stands for confidentiality, integrity, and availability. The CIA triad is a common model that forms the basis for the development of security systems. They are used for finding vulnerabilities and methods for creating solutions. ¹⁰

CIA Triad ¹¹

Confidentiality is about ensuring access to data is restricted to only the intended audience and not others. Try not to give more than necessary access to data to anyone. Data confidentiality can further be compromised by:

• Phishing attacks
• Unauthorized access to the data
• Data leaks
• Non-encrypted data
• Man-in-the-middle (MITM) attacks

Measures to mitigate threats to confidentiality include:

• Encryption: Only authorized parties with the decryption key can access the original information.
• User Access Controls: Implementing access controls ensures that only authorized users can access specific data. This includes user authentication, authorization, and auditing mechanisms.
• Network Segmentation: Segment the network into isolated segments or zones based on the principle of least privilege. By segmenting a network, you can easily prevent unauthorized access to restricted parts of your system. When an attacker gets into a network, they’ll have a harder time finding the sensitive information and they’ll also have a harder time moving across the network.
• Firewalls
• Vulnerability management
• Password
• Two-factor authentication
• Multi-factor authentication (MFA)
• Biometric
• Security tokens

Integrity is about the data being authentic, accurate, and reliable. It is about protecting the data from being modified. Data integrity can further be compromised by:

• Ransomware Attacks
• Hardware failure
• Data corruption caused by software bugs

Measures to mitigate threats to availability include:

• Encryption
• Hashing: Using cryptographic hash functions to generate a fixed-size hash value (checksum) representing the original data. Changes to the data result in a different hash value, allowing integrity verification.
• User Access Controls
• Checksums
• Version Control
• Backups
• Data Validation: Ensuring the accuracy and reliability of data by implementing validation checks. This helps prevent data corruption and unauthorized alterations.
• Digital certificates, or digital signatures

Availability is of utmost importance when it comes to data management. It is imperative to maintain hardware and software in a properly functioning state and ensure the availability of adequate bandwidth to ensure optimal data availability. But these measures alone are not enough because there are external forces at play; data availability can further be compromised by:

• Denial of Service (DoS)
• Power outages
• Natural disasters

Measures to mitigate threats to availability include:

• Off-site backups: It is essential to ensure that we retain copies of the data to facilitate access in the future.
• Disaster recovery: It is important to have a plan for disaster recovery so that a system can be easily fixed after a problem.
• Redundancy: The redundancy helps to maintain availability in case some of the components of the system (like hardware failures, disasters, or cyberattacks) fail.
• Failover: The failover helps to restore availability after a server issue.
• RAID: The RAID (redundant array of inexpensive disks) is an array of drives that provides storage redundancy and high availability.
• High-availability clusters: High-availability clusters are a group of computers that work as one system.
• Distributed Systems: Utilizing distributed systems and cloud technologies enhances data availability and resilience.

INFOSEC DOMAINS

1. Data Security → Published
2. Application Security → Published
3. Network Security
4. Endpoint Security
5. IoT Security
6. Cloud Security
7. Mobile Security
8. Security Awareness And Training
9. Security Governance and Risk Management
10. Identity Access Management (IAM)

Enjoyed this post? If yes, please show some appreciation by clicking on the “clap” button. Fun trivia — you can hit it up to 50 times! It helps the content reach out to more like-minded people.

Please share your thoughts and feedback in the comments below. This will help me improve and also inspire me to create more.

I try to publish regularly on Medium. Follow this account to receive similar content in future, and click here to get each post directly in your email. You can find me on Linkedin and Github as well.

Links

1. https://www.coursera.org/articles/cia-triad
2. https://www.freecodecamp.org/news/the-cia-triad-confidentiality-integrity-and-availability-explained/
3. Garanti BBVA Teknoloji Güvenlik Akademisi
4. https://cloud.google.com/learn/what-is-data-governance
5. https://www.coursera.org/articles/management-information-system
6. https://tryhackme.com/room/cyberthreatintel
7. https://socradar.io/the-difference-between-data-information-and-intelligence/
8. https://www.cisco.com/c/en/us/products/security/what-is-information-security-infosec.html
9. https://www.microsoft.com/en-us/security/business/security-101/what-is-information-security-infosec
10. https://www.fortinet.com/resources/cyberglossary/cia-triad
11. https://medium.com/@yadavtejas249/cia-and-dad-triad-ef84a94f9aee
12. https://www.linkedin.com/pulse/exploring-cyber-security-fields-options-unveiled-anand-mahajan