Call (716) 373-4467

The CIA Triad is an information security concept that consists of three core principles, (1) Confidentiality, (2) Integrity and, (3) Availability. These core principles become foundational components of information security policy, strategy and solutions. Cybersecurity professionals and Executives responsible for the oversight of cybersecurity programs should have a deep understanding and appreciation for each of the three core principles.

 

Ultimately, all vulnerabilities and risks should be evaluated based on the threat they pose to one or more of the CIA Triad core principles. In addition, all security controls, or countermeasures, should be evaluated on how well they address the core principles of the CIA Triad.

 

Confidentiality

This core security principle is defined as the ability to restrict unauthorized subjects from accessing data, systems, objects or resources. Imagine an employee punches the timeclock and goes home for the evening but forgets to shut down or lock their computer. Even worse, they are still logged into the client database that contains all sorts of Personally Identifiable Information (PII) like your client’s names, addresses, and social security numbers. What happens if the janitorial service shows up to clean the office space and one of the cleaners notices the unlocked computer and helps themselves to the valuable info? This example illustrates the importance of Confidentiality.

 

There are many cyber-attacks used to violate confidentiality including, social engineering, theft of credentials or passwords, eavesdropping and network sniffing. Here are a few controls that you should consider incorporating into the program:

  1. Inventory of Devices and Software – It is very difficult to manage access to devices, applications and systems unless you have an accurate inventory of those assets. Once you understand what assets you own, only then can you begin to think about who is authorized to access and use them. At Databranch, our Managed Services clients have their inventory maintained for them by their Databranch Account Manager
  2. Data Classification – You must understand what data or information resides on your information systems. More importantly, you have to classify this data so that it can be protected according to value, sensitivity, and regulatory compliance.
  3. Access Controls – Systems and information should be physically and / or logically segregated based on data classification efforts.  Access to systems and information should be granted to authorized users on a need to know basis. Procedures for granting and revoking access should be documented and enforced. Strong password policies should be implemented and enforced. Privileged accounts should be minimized and monitored very closely using logging and notification technologies. Multifactor Authentication (MFA) should be used by authorized users when accessing systems and data according data classification efforts and regulatory requirements.
  4. Encryption – Information should be encrypted at rest and in transit according to data classification, regulatory requirements and the annual risk assessment. 
  5. Personnel Training – Many confidentiality breaches occur by accident or mistake. Authorized users need to be properly trained. They should understand your data classification policy and acceptable use policy. They should understand why certain security controls are in place, how to properly use them and why they should never attempt to circumvent them. Lastly, they should understand the threat landscape as it relates to confidentiality and what their actions and behaviors can do to help mitigate those risks. Click here to learn more about Databranch’s Annual Security Awareness training.

 

Integrity 

This core security principle is defined as the ability for data and information to retain truth or, accuracy and be intentionally modified by authorized users only. Imagine a patient under the care of doctors and nurses at a hospital. The patient requires 100mg of medication every six hours. What happens if the nurse accesses the patients’ medical records and the 100mg has been modified (with malicious intent or by accident) and now reads 1000mg? This example illustrates the importance of integrity.

 

There are many cyber-attacks used to violate integrity including, computer viruses, malware, logic bombs, database injections and altering system configurations.  Your cybersecurity program should absolutely work to promote integrity and defend against these attacks. Here are a few controls that you should consider incorporating into the program:

  1. Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS) – IPS / IDS examines network traffic flows to detect and prevent vulnerability exploits. Many times this technology is embedded in perimeter defenses such as firewalls but, it needs to be enabled and configured to work properly.
  2. Anti-Virus / Anti-Malware – This powerful tool can be used to detect, quarantine and even remove malicious code from computers and systems. It is imperative that Antivirus software is installed and configured on all computing devices.
  3. Vulnerability Management – There should be a process for identifying known vulnerabilities across systems and applications and then remediating those vulnerabilities typically by installing patches. Click here to request your free Databranch baseline security assessment.
  4. Log Monitoring and Analysis – The ability to collect system and application logs and then monitor / analyze them is critical. It can detect anomalies in system behaviors and be used in forensic efforts post incident.

 

Availability 

This core security principle is defined as the ability to grant authorized users uninterrupted access to systems and information. Imagine logging into your computer on Monday morning. You are refreshed from the weekend, ready to work and conquer the world. Then suddenly, a message flashes across your computer screen. The message explains that your computer and everything on it has been encrypted by ransomware, and you must pay a fee to receive the decryption key and resume regular work activities. You no longer have access to email, customer records, financial records, etc. What would you do if the applications and data on your computer were no longer available to use? This example illustrates the importance of Availability.

 

There are many cyber-attacks used to violate availability including, computer viruses, malware and denial of service (DoS). There are also circumstantial events that violate availably such as hardware failure and natural disasters. Your cybersecurity program should absolutely be influenced by the availability principle. Here are a few controls that you should consider incorporating into the program:

  1. Data Backup Systems – Effective data backup strategies should be defined, implemented and monitored for success. If systems or data suddenly become unavailable, recovery efforts almost always start with restoring from a successful backup job.
  2. Disaster Recovery (DR) and Business Continuity Planning (BCP) – Documenting DR and BCP plans is an absolute must. In addition, these plans should be tested, at least annually to verify effectiveness. Learn more about our Dataguard Backup and Recovery solution here!
  3. System Monitoring – Critical systems and applications should be continuously monitored for performance and capacity requirements. Proactive monitoring can often prevent unwanted outages or disruptions.
  4. Incident Response Plan – Having a plan to contain, eradicate, and recover from a cybersecurity incident is invaluable. Incidents create stress and chaos. Having an incident response plan introduces confidence and organization. 

As one can see, the core principles of the CIA Triad (Confidentiality, Integrity and Availability) are simple information security concepts that when properly applied to policy and program creation can have a real meaningful impact our ability to stay safe and protected.

Contact Databranch today at 716-373-4467 x115 or [email protected] for any questions about the information above. You can also fill out the form below to set up a meeting with one of our experienced team members to discuss how we can help enhance your businesses cybersecurity.

Article used with permission from Huntress.

Access Control Administrative Privileges AI AI algorithms AI in Cybersecurity Annual Security Training Anti-Virus Artificial Intelligence Authenticator App Automation Backup and Recovery Backup Redundancy BCDR BEC breach prevention Breach Prevention Platform Breaches business continuity Business Continuity and Disaster Recovery Business Email Compromise Business Email Compromises Business Growth Business Phone System Business Software BYOD Call Directory Channel Futures MSP 501 Cisco Cloud Accounts Cloud Data Backup Cloud Infrastructure Cloud Security Cloud Solutions Compliance Comprehensive Cybersecurity Compromised Credentials Computer Installation computer support Computer Upgrades Conditional Access Credential Theft Cyber Attacks Cyber Criminals Cyber Defenses Cyber Insurance cyber liability insurance Cyber Risk Management Cyberattacks Cyberinsurance cybersecurity Cybersecurity Awareness month Cybersecurity Breach Cybersecurity Culture Cybersecurity Strategy Cybersecurity Training Cybersecurity Webinar Dark Web Dark Web Monitoring Data Backup Data Backup and Recovery Data Backup Solution Data Breach Data Breaches Data Governance Data Loss Data Management Data Privacy Compliance Data Privacy Regulation data protection Data Recovery Data Restoration Data Security deepfake Deepfakes Defense in Depth Denial of Service Device Security Disaster Recover Disaster Recovery DNS Filtering doug wilson employee cybersecurity training Encryption Endpoint Detection and Response Endpoint Protection field technician Foundation Security Gift Card Scams Hackers Hosted VoIP Hybrid work i.t. service provider Identity Theft incident response plan Incident Response Planning Insider Threats Internet Explorer Internet of Things Intrusion Detection Intrusion Prevention IoT Devices IT Budget IT Budgeting IT Compliance IT Infrastructure IT Myths IT Partner IT Policies IT Resource IT Security IT Service Provider IT Services IT Support Juice Jacking Local Admin local admin privileges Lost Devices M365 malware Managed Clients Managed Detection and Response Managed IT Managed IT Provider Managed IT Services managed service provider managed services Manages Services MDR MFA Microsoft Microsoft 356 Microsoft 365 Copilot Microsoft End of Support Microsoft Office Mobile Devices MSP MSP 501 Winner MSP501 Multi-Factor Authentication Network Monitoring Network Security Network Testing Networking New Computer NIST Framework Offboarding Office 365 Outlook Outsourced IT password management Password Manager Password Managers Password Protection password security Passwords Patch Management Patches Patching PC Performance Penetration Testing Personal Data phishing Phishing Attacks PII Proactive Monitoring Processor productivity Professional Tune-Up Public WiFi Push-Bombing RAM Ransomware Ransomware Prevention Recovery point objective Recovery Time Calculator Recovery time objective Remote Monitoring Remote Working repeatbusinesssystems Ring Groups risk assessment Risk Management Risk Tolerance Rock-It VoIP RPO RTO RTO Costs SaaS SaaS Backup Scammers Scams security Security Assessment Security Assessments Security Awareness Training Security Defaults Security Key Security Scans SLAM Method Smart Tech Smishing SMS Social Engineering Social Media Security Software Integration Software-as-a-Service Solid-State Drive Sponsored Google Ads SSD stolen credentials Storage Teams technical support scam technology best practices Technology Budget Technology Infrastructure Technology Management Technology Plan Technology Policies Technology Review Threat Detection Threat Identification Threat Modeling top-performing managed service providers Updates virus VoIP Systems VPN Vulnerabilities Vulnerability Assessment Vulnerability Management Warning Signs Webinar Windows 10 Windows 11 Windows 8.1 Work Computers World Backup Day zero trust policy