An old adage goes: "The only computer that is not in danger is a computer that is turned off." Cybersecurity professionals must identify and explain the main vulnerabilities against a company's critical infrastructure.
A cybersecurity vulnerability is any weakness that may compromise the CIA triad (confidentiality, integrity, and availability) of a product. A cybersecurity vulnerability can never be completely eliminated; therefore, countermeasures must be in place to mitigate the potential disaster to a business's ability to operate after a potential attack.
The confidentiality, integrity, and availability (CIA) triad is at the core of information system security. Information system security professionals use the CIA triad as a mechanism for quantifying the key security considerations of an information system. When a system is under development, each of the CIA concepts must be considered as part of the system's design objectives. Below is a model of the CIA triad.
Confidentiality refers to the methods used to protect information from unauthorized disclosure. Protecting the confidentiality of proprietary or sensitive information is of vital importance.
Integrity refers to the processes that ensure accuracy of information.
Availability addresses the need of a system to provide continued, reliable access to information while maintaining an acceptable level of performance. Consider organizations with technology and services that must be nearly 100 percent available 24 hours a day, 365 days a year, such as financial institutions, emergency service providers, power providers, and communication providers. Every moment that these organizations cannot exchange information, there is the potential for serious financial loss, injury, or even death.
Check Your Knowledge
Licenses and Attributions
Confidentiality, Integrity, Availability (CIA) by Janet Zimmer is available under a Creative Commons Attribution-ShareAlike 3.0 Unported license