Information security dates back to when humans began keeping secrets in the early days, physical files and documents were kept under literal lock and key.
Once the business world began using computers, network security became essential to protect the electronic network infrastructure of these vital systems.
The advent of the internet changed everything, adding once-unimagined technological capabilities but also creating new vulnerabilities and giving rise to a critical new industry, that is known as cybersecurity.
According to SANS Institute security training experts, refers to “processes and methodologies designed and implemented to protect print, electronic, or any other form of confidential, personal and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification or interference.” References to “print” and information or data are important, as cybersecurity only deals with digital or electronic information or data.
“The practice of protecting systems, networks and programs from digital attacks,” according to high-tech giant Cisco. “These attacks are usually intended to access, change, or destroy sensitive information or extort money from consumers or disrupt normal business processes.” PCmag simplifies the definition to “protection of data and systems in networks connected to the internet.”
Explains the SANS Institute, is “the process of taking physical and software precautions to protect underlying network infrastructure from unauthorized access, misuse, malfunction, modification, destruction or improper disclosure, thereby creating a secure platform for computers, users and programs to perform critical functions allowed in a secure environment.”
What is the CIA Triad in Security?
When the conversation turns to information security, network security and cybersecurity, it is useful to understand the CIA triad. While the term CIA may initially be reminiscent of the dark world of spies and secrets when used in connection with the secret security industry, in this context it actually refers to a series of guidelines and objectives that security experts focus on when developing policies and procedures for effective information security programs. The three elements of the CIA triad are considered the three most important components of information security.
CIA – Confidentiality, Integrity, Availability
Confidentiality: Ensuring that information cannot be accessed by unauthorized persons, is usually enforced through encryption, IDs and passwords, two-factor authentication and additional defense strategies.
Integrity: Protects information and systems from being modified by unauthorized persons, thereby ensuring that protected data is accurate and reliable.
Availability: Ensuring authorized persons have access to information when required; this includes maintaining all systems carefully, keeping them up to date with upgrades, using backups to protect against interference or data loss.
Widely observed throughout the security industry, the CIA triad, according to Techopedia, “was created to provide basic standards for evaluating and implementing information security regardless of the underlying system and/or organization.”
Credit to: https://bit.ly/3IOHXGN