To begin understanding the concepts behind cybersecurity you should become familiar with the CIA (Confidentiality, Integrity, and Availability) triad.
The CIA triad helps with understanding what goals and objectives must be reached to develop a secure environment for your organization.
Confidentiality ensures the protection of the secrecy of data.
Integrity ensures that data hasn’t been altered.
Availability ensures that resources can be accessed by authorized subjects without interruption.
Common threats to confidentiality can range from discovering password files, releasing information to unauthorized individuals, and even walking away from your monitor while data is present.
Confidentiality countermeasures can include providing encryption, authentication procedures, data classification, and training personnel on protecting their information.
Common threats to integrity are user mistakes and viruses.
Integrity countermeasures can include access control from subject, object, access data padded with encryption, hashing, and applying the principle of least privilege.
Common threats to availability is device, software, and network failures. This can happen due to environmental factors as well as malicious factors such as virus access intrusion.
Availability countermeasures can include remediation testing, proper system configuration, and monitoring system performance.
Different organizations prioritize what’s important to them differently. Ask your organization what is important to them. They may value confidentiality over integrity and availability. Learning what’s important to your organization can help you determine how to best protect it.
Cybersecurity Fundamentals 