CYF - CIA Triad (Lesson)

CIA Triad and Authentication Lesson

Goals of Cybersecurity

The goal of this lesson is to establish the framework for the rest of the course by identifying the goals of cybersecurity and the primary tools used to achieve those goals.

Cybersecurity refers to the practice of protecting computer systems, networks, and data from theft, damage, unauthorized access, or disruption. Have you heard of any recent cyber attacks?

Cybersecurity is fundamentally about protecting digital assets, be it data, systems, or networks, from various threats and unauthorized access. At its core, it seeks to ensure confidentiality, integrity, and availability of information. Throughout this course, we will delve deep into various strategies, techniques, and tools that professionals deploy to fend off cyber attacks From understanding the anatomy of a cyber threat to mastering the use of cutting-edge security tools, our journey will offer a comprehensive look at the multifaceted world of cybersecurity.

Introduction to Security Concepts

The goal and actions of cybersecurity can be expressed via a sports cheer:

What do we want? Protection! How will we get it? Prevention and Detection and Response! Go Team!

Cybersecurity professionals use a Model of Computer Security:

Protection = Prevention + (Detection + Response)

Every security technique falls into at least one of the three elements of this equation.

To be more specific,

  • Prevention is anything we can do ahead of time to avoid an attack, like selecting a strong operating system or putting a lock on the server room door or antivirus scans;
  • Detection is what we can do while the system is running so that we will know that an attack is either imminent or is currently happening, such as alarms and event logs, even spam filters fall into this category;
  • Response is what we can do when the previous methods have failed and there has been a breach or an attack. How can we recover and find the culprit?

Response actually falls in the category of Digital Forensics so it will not be covered very much in this class. Our focus will be on the security techniques that achieve Prevention and Detection.

NIST Cybersecurity Framework

Download the NIST Cybersecurity Framework Document Links to an external site..

A more complicated version of the Model of Computer Security is the National Institute of Science and Technology (NIST) Cybersecurity Framework which expands on each element and provides more details. The idea behind the framework was to put all the cybersecurity “smart heads” together to create a set of guidelines that could be distributed to companies that did not have cybersecurity expertise. This would help more companies get up to speed on how to protect themselves and also create a set of best practices for everyone to use. The project has been very successful, primarily because NIST has traditionally been a reliable source of technical expertise.

Introduction to Cybersecurity Concepts Presentation

Capstone Project TIP: Whenever you are researching best practices for cybersecurity, National Institute of Science and Technology (NIST) website should be one of your first stops!

CIA Triad

Now let’s talk about the CIA Triad!

CIA = Confidentiality + Integrity + Availability

CIA = Goal of Network Security

These three words are clearly familiar but how do they apply to data?

  • Confidentiality – the data is not revealed to anyone except the intended users. Even if something is not super-secret, there is a set group of people who should see the data and no one else should be able to see it, for safety reasons.
  • Integrity – most people think of this word in its common definition, as the quality of being honest and having strong moral principles. However, in terms of data, we use the secondary definition for integrity: the state of being whole and undivided. By maintaining the integrity of data, we are ensuring that it stays in its original state and is neither changed nor damaged.
  • Availability – essentially this means we need the data to be there when we need it. If the data is stolen, or goes offline, we cannot reach it, so it is not available!

The public view of cybersecurity is that there is a blanket approach to securing all data. But in fact, there are many different facets to examine before applying the correct type of security. One of those facets is the “state” of the data ‐ if it is in storage, then we can use a certain type of encryption and put certain types of alarms and access controls on it for when someone tries to touch it. If the data is moving across the Internet dynamically, then a completely different type of encryption would be used and methods like firewalls would be used. You see the point, right? Security changes when the data is at rest, in transit, or in use. To protect the CIA of data, we need to know what “state” the data is in and then we can apply the right cybersecurity tool:

  • Data at Rest =  storage → information is at rest; usually files, databases, etc. stored on hard drives, USB drives, memory, DVDs
  • Data in Transit = transmission →  being moved from one system to another or file sharing on a LAN or transfer on the Internet, etc.
  • Data in Use =  processing → file creation by user, data used in an application, being processed or placed in memory, etc.

Breach of CIA Examples Video

Understanding the CIA Triad Activity

In this section, you have learned the building blocks of cybersecurity and the goals of cybersecurity professionals.

  • What are the components of the CIA Triad?
  • How does the protection of the CIA Triad lead to the security of data?

 

 

 

 

[CC BY-NC-SA 4.0 Links to an external site.] UNLESS OTHERWISE NOTED | IMAGES: LICENSED AND USED ACCORDING TO TERMS OF SUBSCRIPTION - INTENDED ONLY FOR USE WITHIN LESSON.  Image(s) used under license from Shutterstock.com and may not be repurposed.