What is CIA triad in Cyber Security ? CIA stand for Confidentiality, Integrity, Availability
Also called as CIA triad, three pillars of security.
- It is model which helps in Information security policies of an organization.
- It helps in risk assessment.
- Infosec professionals take care about this.
- It helps to know what went wrong about security breach.
- It can help to find loop holes.
- As Cyber Security Analyst your must be aware of this important concept.
Confidentiality: Ensures data is accessed by authorized individuals/System
Integrity: Ensures data is not modified
Availability: Ensures data is available to users.
1. Confidentiality Important Features:
Prevents sensitive data from unauthorized access.
How to ensure? By Encryption, access points
Best practices:
- Data should be handled as per the desire privacy
- Access lists and file permissions need to be up-to date
2. Integrity Important Features
Unauthorized people should not modified data.
How to ensure? : By Hashing
Best Practices:
- Employee needs to be aware of compliance
- Take help of backup and recovery software
- Use checksums, access control Etc.
3. Availability Important Features
Maintaining of proper infrastructure.
Able to access: Example: book a Railway ticket
How to ensure? : By Load balancers, redundancy,
Best Practices:
- Applications should be updates
- Take help of network monitoring systems
- If there is data loss data recovery and business continuity plan should be well planned in advance.
CIA triad Example:
User is accessing E-commerce website, Here Confidentiality is provided by two factor authentication
( When user enters username and password, OTP receives in Phone)
We know that confidentiality ensures only authorized person can be able to access data
Now : E-Commerce software platform provides integrity, no modification done to users data.
We have availability. After login E-commerce interface is available to authorized users.
Hope you get information about What is CIA triad in cyber security
Cyber Security Interview Questions:
