Assignment 1
Explain the goals of Confidentiality, Integrity, and Availability with respect to Systems Security.
Confidentiality, Integrity and Availability are also known as the CIA triad. This triad is used a as guide for computer and information security in many organizations. Confidentiality is privacy. (Rouse, 1999) Its role in the triad is to make sure items that are supposed to private stay that way. But it doesn’t keep those items from those that are supposed to have them. Information access is restricted and categorized by the damage it could cause. (Rouse, 1999) But the CIA triad are not just for information security. It can also used for recovery. There are other areas in business such as quality assurance or regulatory …show more content…
(DHS, n.d.) Protection helps with being able to limit the potential impact of a hack. (DHS, n.d.). Protection of information services information involves various “activities”. Access Control is one such activity. In access control a user can only get to, access, the information he/she is entitled to. Also the any access control method used should be in line with the classification of the data it protects. Meaning that that more sensitive the data is, the tougher the systems or software used to protect that data should be. (Wikipedia, 2017) Training is another activity of Protection. Organizations should implement some sort of training schedule in cybersecurity to keep it employees up to date on the current trends in cybersecurity. They should also be trained in what to look for encase the system has been compromised so they can be a part of minimizing the threat. (Wikipedia, 2017) It would also be a clever idea for any partners the organization must be involved in security training as well. And of course, any training provided by the organization should be aligned with any policies, procedures, and agreements the organization has created. A third aspect of protection is data security. Data Security means that the confidentiality, integrity, and availability of information on the organizations systems must be protected. (Wikipedia, 2017) The …show more content…
Cybersecurity Framework. Retrieved September 16, 2017, from https://www.us-cert.gov/ccubedvp/cybersecurity-framework
Lord, N. (2017, March 21). What is Data Governance? Data Protection 101. Retrieved September 16, 2017, from https://digitalguardian.com/blog/what-data-governance-data-protection-101
Wikipedia. (2017, September 15). NIST Cybersecurity Framework. Retrieved September 16, 2017, from https://en.wikipedia.org/wiki/NIST_Cybersecurity_Framework
Indika. (2011, July 02). Difference Between Network Security and Information Security. Retrieved September 18, 2017, from http://www.differencebetween.com/difference-between-network-security-and-vs-information-security/
Secureworks. (2017, March 17). Cybersecurity vs. Network Security vs. Information Security. Retrieved September 18, 2017, from https://www.secureworks.com/blog/cybersecurity-vs-network-security-vs-information-security
Valparaiso University. (2014, September 11). Cyber Security Vs. Information Security | MS Cyber Security. Retrieved September 18, 2017, from
Explain the goals of Confidentiality, Integrity, and Availability with respect to Systems Security.
Confidentiality, Integrity and Availability are also known as the CIA triad. This triad is used a as guide for computer and information security in many organizations. Confidentiality is privacy. (Rouse, 1999) Its role in the triad is to make sure items that are supposed to private stay that way. But it doesn’t keep those items from those that are supposed to have them. Information access is restricted and categorized by the damage it could cause. (Rouse, 1999) But the CIA triad are not just for information security. It can also used for recovery. There are other areas in business such as quality assurance or regulatory …show more content…
(DHS, n.d.) Protection helps with being able to limit the potential impact of a hack. (DHS, n.d.). Protection of information services information involves various “activities”. Access Control is one such activity. In access control a user can only get to, access, the information he/she is entitled to. Also the any access control method used should be in line with the classification of the data it protects. Meaning that that more sensitive the data is, the tougher the systems or software used to protect that data should be. (Wikipedia, 2017) Training is another activity of Protection. Organizations should implement some sort of training schedule in cybersecurity to keep it employees up to date on the current trends in cybersecurity. They should also be trained in what to look for encase the system has been compromised so they can be a part of minimizing the threat. (Wikipedia, 2017) It would also be a clever idea for any partners the organization must be involved in security training as well. And of course, any training provided by the organization should be aligned with any policies, procedures, and agreements the organization has created. A third aspect of protection is data security. Data Security means that the confidentiality, integrity, and availability of information on the organizations systems must be protected. (Wikipedia, 2017) The …show more content…
Cybersecurity Framework. Retrieved September 16, 2017, from https://www.us-cert.gov/ccubedvp/cybersecurity-framework
Lord, N. (2017, March 21). What is Data Governance? Data Protection 101. Retrieved September 16, 2017, from https://digitalguardian.com/blog/what-data-governance-data-protection-101
Wikipedia. (2017, September 15). NIST Cybersecurity Framework. Retrieved September 16, 2017, from https://en.wikipedia.org/wiki/NIST_Cybersecurity_Framework
Indika. (2011, July 02). Difference Between Network Security and Information Security. Retrieved September 18, 2017, from http://www.differencebetween.com/difference-between-network-security-and-vs-information-security/
Secureworks. (2017, March 17). Cybersecurity vs. Network Security vs. Information Security. Retrieved September 18, 2017, from https://www.secureworks.com/blog/cybersecurity-vs-network-security-vs-information-security
Valparaiso University. (2014, September 11). Cyber Security Vs. Information Security | MS Cyber Security. Retrieved September 18, 2017, from