Cyber Security: the CIA triad

In this series of stories, I will try to write about Cyber Security. Cyber Security is most relevant these days now that we have almost everything available online.

Cyber Security in it’s most simple terms is a gate through which you guard your resources. This gate either allows or rejects access to the resources. Underlying resources are your APIs or services that you expose to the clients.

In this first story, I will introduce the CIA triad.

The CIA Triad: Confidentiality, Integrity, and Availability

These are the 3 aspects of security that Cyber Security controls are meant to protect for any organization.

a) Confidentiality deals with protecting data from access by unauthorized users. When you are sharing your personal information with any service or business, I am sure you must be reluctant to share.

This reluctance is primarily for two primary reasons: firstly you are not sure how the information is going to be used and the second is even if the service is going to use it for the right purposes, will they be able to protect the data from malicious use by others.

There are quite common breaches of this form of security these days where customer data gets compromised by hackers.

It is important for any organization to secure data from unauthorized access.

b) Integrity is related to the protection of malicious updates or deletion of data. If any change is made to the data, it has to be tracked. If a change is made by an authorized user, it should also be possible to reverse the change.

Integrity is related to the consistency, accuracy, and trustworthiness of data. When an authorized user accesses the data, the user should be confident that the data is not manipulated unintentionally.

c) Availability relates to the fact that the systems, applications, and data when requested by an authorized user, should be available.

The systems and applications that provide services to the end clients should be available to process the incoming requests. Availability makes sure that when an authorized user tries to access a service, the underlying application or systems are able to serve the request.

Availability also relates to making sure that enough processing power is allocated to the resources so that in cases of high volumes of requests, the systems or applications are still able to process.

One of the common threats that impacts availability is the Denial of Service attack. This attack aims at keeping the systems/applications so busy that the authorized or legitimate users are unable to connect to the services.

In the next story, I will list some common methods that help protect this triad.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Me Writes

Here to learn how to write effectively. Love reading books, watching movies and travel