CYBERSECURITY AND ITS THREE PRINCIPLES

CYBERSECURITY

In today’s world, many organizations use the network to store, gather and share information. As more data is gathered and stored, the protection of this information is significant. To protect these data, the field of cybersecurity is introduced. Cybersecurity is a practice of protecting your computers, mobile phones, servers, data, and other electronic devices from malicious attacks. On a personal level, you have to protect your identity, data, and computer devices. At the industrial level, it is everyone’s responsibility to protect their organization’s data. In the modern world, protecting our data and privacy is really important. This field provides a wide range of opportunities due to the increasing reliance on computers and the internet. Cybersecurity can also be called network security, information security, and information technology security. Any information about you can be considered as data. It may be educational, medical, employment, and financial data. Sometimes the data which you stored in your computing device can be profitable to others. By hacking your device, they get access to your data and they may threaten you. So it’s your responsibility to be aware of the cyber world.

CIA TRIAD

The three main principles of cybersecurity are confidentiality, integrity, and availability. (CIA Triad). This provides the guidelines for data security for an organization.

CONFIDENTIALITY

Confidentiality ensures the privacy of data by restricting unauthorized access to the data. So, the term confidentiality can also be termed as privacy. An organization’s policies should restrict the access to data only to the authorized person and ensure that the data is only viewed by those authorized individuals. For example, a Java programmer in a company should not have access to view the personal details of other employees in that company. In addition to this, an organization has to make sure that proper training is given to the employees to protect themselves and company from the cyber-attacks. Some of the methods to ensure confidentiality is data encryption, create strong passwords (a word containing uppercase and lowercase letters, special symbols, and digits with a minimum of 8 characters), multifactor authentication, and be aware of fraudulent emails.

INTEGRITY

 Integrity ensures the accuracy, consistency, and trustworthiness of the data. Data integrity can also be referred to as data quality. Data undergoes varieties of stages include storage, retrieval, update, and transfer. During these states, data must remain unaltered. The need for data integrity varies among different organizations. For instance, Instagram does not verify its user profiles whereas in the bank and financial sectors data integrity is indispensable, and in the medical field it is the matter of life and death. Loss of data integrity may cause severe problems to the organization. So it is important to ensure data integrity. Data integrity can be compromised by human error (input), transferring from one device to another device, or by any cyber-attacks. Data integrity can be verified using a checksum. It verifies the strings of characters in a file after they have been transferred from one device to another device.

AVAILABILITY

Availability is the principle that explains the availability of data at the point when users needed. Proper mitigation plans should be done in case of sudden attacks to recover from it quickly as possible. The denial-of-service (DoS attacks) can threaten system availability. An organization can ensure its availability of data by proper maintenance of equipment, keeping the software and operating system up to date, mitigation plans, new technological implementations and performing hardware repairs, and keeping backups of data.