I checked if the CIA triad is fit for purpose and found it lacking: A Study
Introduction
Information security, also known as cybersecurity, computer security, information assurance or information technology security, is a discipline born with the earliest means of communication of information [1].
The importance of information security has grown as the worldwide economy and society rely more and more on information technology.
Every information system provides a value in an organization. This Study makes the assumption that the analysis of the security of an information system must include both the system and the value it provides. This means the result of the analysis of the security requirements of the same information system in different points in time or in different organizations will render different results.
Information security professionals both in the public and private sector face serious challenges in order to perform effectively for their organizations and clients, among those challenges are:
- Complexity and evolution of organizations, information systems and their environment.
- Limited availability of knowledge about the organization, information systems and their environment.
- Complexity can be analyzed at multiple…
