The Fundamentals of Cybersecurity

You may have heard of the CIA triad before, but, as is so often the case with such “technojargon”, you may find yourself asking: “What does it really mean to me?”

Cybersecurity has three fundamental elements that comprise what is referred to as the CIA triad: confidentiality, integrity, and availability. When designing a cybersecurity program, it is important to base the approach around your people, process, and technology (PPT) to address each of these elements. Each part is vital, and only addressing technological aspects, as many technicians are want to do, does not provide a solid defense. Rather, developing the “human firewall” through training, evangelization, and testing, developing systems that have good accountability to ensure integrity, and building highly resilient systems are critical. Lastly, it is important to have a solid compliance program to provide situational awareness to enact response. This last, and often overlooked, element is the most time-consuming portion and is often referred to as cyber hygiene which is how organizations ensure they are complying with their policies on their cyber systems.

Conceptual frameworks like the CIA triad are helpful, but without the ability to mobilize, they can fall flat. Using PPT to implement and cyber hygiene practices to enforce, they become powerful tools to ensure a continually evolving cybersecurity program, which can keep up with the ever-evolving challenges facing all businesses in our current hypersensitive climate.