Establishing and maintaining the organization’s security policies can be a daunting task, but using the three-pillared strategic approach to cyber security can help you identify and manage cyber security risks in a methodic and comprehensive manner. The CIA triad describes three crucial components of data and information protection which can be used as guides for establishing the security policies in an organization. In addition, individuals who value and wish to preserve their privacy are interested in information security. Breaches may be the result of the actions of hackers, intelligence agencies, criminals, competitors, employees or others. Information security breaches occur when information is accessed by unauthorized individuals or parties. Information security refers to the preservation of integrity and secrecy when information is stored or transmitted. The concept of availability can also refer to the usability of a system. Redundant systems may be in place to offer a high level of fail-over. Such systems must also allow users to access required information with little waiting time. These systems must be resilient against cyber threats, and have safeguards against power outages, hardware failures and other events that might impact the system availability.Īvailability is a major challenge in collaborative environments, as such environments must be stable and continually maintained. Systems defined as critical (power generation, medical equipment, safety systems) often have extreme requirements related to availability. For a system to demonstrate availability, it must have properly functioning computing systems, security controls and communication channels.
Integrity: Data integrity refers to the certainty that the data is not tampered with or degraded during or after submission.A breach of confidentiality may take place through different means, for instance hacking or social engineering. Ensuring confidentiality means that information is organized in terms of who needs to have access, as well as the sensitivity of the data. When information has been kept confidential it means that it has not been compromised by other parties confidential data are not disclosed to people who do not require them or who should not have access to them. Confidentiality in this context means that the data is only available to authorized parties. Confidentiality: This component is often associated with secrecy and the use of encryption.The three components of the CIA triad are discussed below: Each component represents a fundamental objective of information security. The CIA triad refers to an information security model made up of the three main components: confidentiality, integrity and availability. When we discuss data and information, we must consider the CIA triad. It must be properly managed and protected every step of the way.
The data we gather comes from multiple sources, such as information technology (IT), operational technology (OT), personal data and operational data. The first two pillars are ‘people’ and ‘process’, The last pillar is ‘data and information’.ĭata and information protection is the most technical and tangible of the three pillars.
IT SYSTEM SECURITY SERIES
This is the third and final article in a series addressing the three-pillar approach to cyber security. The three-pillar approach to cyber security The third pillar is data and information protection Media Newsroom Statistics and Insights Events Blogs: Energy in transition Sector insights Maritime Power and renewables Oil and gasĭNV Group About us Corporate governance Research & development Joint Industry Projects DNV Ventures Sustainability Annual reportīusiness areas Maritime Energy Systems Business Assurance Supply Chain & Product Assurance Digital Solutions Veracity data platformĬareers Overview Job opportunities Career development Why DNV? Meet our people Diversity & inclusion Ship management, operations and ship design.Reliability, availability and maintainability (RAM).Electric grid performance and reliability.Offshore classification – fleet in service.Digital monitoring of medium-voltage cable networks.The three-pillar approach to cyber security: Data and information protection Sectors Services Insights About us Sign in Sign in to Veracity Open menu Open search
0 kommentar(er)
