FUNDAMENTALS OF SECURITY
Welcome to today’s discussion on the subject of security fundamentals and their relevance in today’s digital world.
As the world becomes increasingly interconnected and reliant on technology, the importance of security in protecting sensitive information and assets has become more pronounced. At the core of any successful security program are the fundamental principles and practices that ensure the confidentiality, integrity, and availability of information and systems.
The security fundamentals, also known as the CIA triad, encompasses the three key elements of security: Confidentiality, Integrity, and Availability. These security fundamentals serve as the building blocks for any organization’s security program and must be considered in all aspects of security, from planning and design to operations and maintenance. By understanding and implementing these security fundamentals, organizations can develop a strong foundation for protecting their critical information and assets, both now and in the future.
WHAT ARE SECURITY FUNDAMENTALS
Security fundamentals refer to the basic principles, concepts, and practices that form the foundation of information security. They encompass a range of technical and non-technical measures that are used to protect sensitive information and systems from unauthorized access, theft, damage, or other forms of compromise.
Some of the key security fundamentals includes Confidentiality, Integrity, Availability, Authentication, Authorization, Encryption, Risk management, Incident response, Disaster recovery. These security fundamentals form the foundation of a comprehensive information security program and help organizations to better protect their sensitive information and systems.
THE CIA TRIAD CONCEPT
The CIA Triad is a security model that provides a framework for understanding the three fundamental components of information security: confidentiality, integrity, and availability. These three components are known as the “CIA Triad.”
- Confidentiality refers to the protection of sensitive information from unauthorized access or disclosure. It involves controlling who can access sensitive information and what actions they can perform with it. It means keeping secret information secret and not telling anyone who shouldn’t know about it. An example would be that your medical history is only available to your doctor and nobody else. We also tend to encrypt data to keep it confidential.
- Integrity refers to the accuracy and completeness of information. It involves protecting sensitive information from unauthorized changes, modifications, or deletions. It means making sure that important information is always correct and complete. We use a technique called hashing that takes the data and converts it into a numerical value called a hash or message digest.
- Availability refers to the ability of authorized users to access information when they need it. It involves ensuring that sensitive information and systems are accessible and functioning properly at all times. It means that people who are allowed to see the information can get to it easily and quickly when they need it. . Examples of availability could be using Redundant Array of Independent Disks (RAID), maybe a fail-over cluster, a data backup, or Heating Ventilation Air Conditioning (HVAC) to regulate the system for critical servers.
Least privilege is a security principle that states that people and systems should only have access to the minimum amount of information and resources that they need to do their job.
The idea behind this principle is to reduce the risk of security breaches, malware, and other types of cyber attacks. If people and systems only have access to the information and resources that they need, it becomes much more difficult for attackers to exploit vulnerabilities and cause harm.
Just like when your parents say “you can only play with your toys in the living room.” This means you don’t have access to play in other rooms like the kitchen or your parent’s room. This helps to keep you and your toys safe.
In the same way, least privilege helps to keep important information and things safe. Only people who really need to see it or use it are allowed to. This way, if anything bad ever happens, less things will get hurt or broken. Just like how you only play in the living room so nothing gets damaged, least privilege makes sure that only the right people can access important things.
By following the principle of least privilege, organizations can reduce the attack surface and minimize the damage that can be done in case of a security breach. It also helps to maintain the confidentiality, integrity, and availability of sensitive information.
DEFENSE IN DEPTH
Defense in depth is a security strategy that involves using multiple layers of protection to secure sensitive information and systems. The idea is that if one layer of defense fails, there are still multiple other layers that can prevent an attacker from accessing sensitive information or systems.
Just like having a big, strong castle to protect important things inside. The castle has many different walls and gates to keep bad people out. Each wall and gate is a different layer of protection. Even if one wall or gate is broken, there are still other walls and gates that can keep the important things inside the castle safe.
Just like the castle, defense in depth is a way to protect important information or things by using multiple layers of protection. This way, even if one layer doesn’t work perfectly, there are still other layers that can help keep the important information or things safe.
For example, consider a bank. To secure its sensitive information, the bank might implement the following layers of defense:
- Physical security: Guards at the front door, security cameras, and locked cabinets for storing sensitive documents.
- Network security: Firewalls, intrusion detection systems, and virtual private networks (VPNs) to prevent unauthorized access to the bank’s computer systems.
- Access controls: Passwords, biometric authentication, and security tokens to control who can access sensitive information and systems.
- Data encryption: Encrypting sensitive information, such as customer account information, so that even if an attacker gains access to the data, they cannot read it.
- Incident response plan: Procedures and plans in place to respond to security incidents and minimize the damage.
By using multiple layers of defense, the bank makes it more difficult for attackers to penetrate its systems and access sensitive information. Even if one layer fails, the others are still in place to protect the bank’s assets.
Why Should Businesses Use the CIA Triad?
The CIA triad provides a simple yet comprehensive high-level checklist for the evaluation of your security procedures and tools. An effective system satisfies all three components. An information security system that is lacking in one of the three aspects of the CIA triad is insufficient. It is also valuable in assessing what went wrong — and what worked — after a negative incident.
When Should Businesses Use the CIA Triad?
Businesses should use the CIA triad in most security situations, particularly because each component is critical. However, it is particularly helpful when developing systems around data classification and managing permissions and access privileges. Business should also stringently employ the CIA triad when addressing the cyber vulnerabilities of your organization