Definition should include the following:
- Identifying the goals within the confidentiality/integrity/availability (CIA) triad and defining these terms as they apply to cybersecurity:
- Confidentiality: The goal ensures that data are only accessed by authorized person(s) through security measures such as usernames and passwords and access control lists (ACL).
- Integrity: The goal ensures the data are trusted. This means data must be guarded against unauthorized changes. Methods of ensuring integrity include data permissions and encryption.
- Availability: The goal is to provide solutions to ensure that systems can be accessed when requested. This includes providing deploying system protections as well as hardware maintenance and system patching.
- Identifying supplementary goals such as the following:
- Authentication: A process in which credentials are provided to verify the identity of an entity (e.g., user, system).
- Authorization: A process in which a person is provided with access.
- Accountability: A process in which actions and activities are logged and audited.
- Nonrepudiation: A cryptologic technique that provides proof of the integrity and origin of data.
Process/Skill Questions:
- Regarding cybersecurity, CIA stands for what?
- What does availability mean regarding cybersecurity?
- Why is data integrity important?