Elliot, a brilliant, but highly unstable young cybersecurity engineer and vigilante hacker, becomes a key figure in a complex game of global dominance, when he and his shadowy allies try to take down the corrupt corporation, he works for…Sounds cool, huh? It does for Elliot, from season four of Mr. Robot! If this were to happen, and I am not saying that it won’t, it is our job as cybersecurity professionals to protect the Confidentiality, Integrity and Availability (CIA) of this corporation’s network. What does cybersecurity really mean? According to Cisco (2019), it is the practice of protecting systems, networks, and programs from digital attacks. In other words, protecting the CIA! Cybersecurity translates to providing a balanced security approach that protects the CIA of your corporation’s network which should be based on the company security policy.
Confidentiality is the first part of the triad. It is the means to prevent unauthorized users to gain access to your data. Data with a greater sensitivity level will have more preventative methods in place to accomplish your goals (data classification). For example, encryption would protect or hide data in motion and access control lists (ACL) would help minimize malicious content. A great way to decide what controls to implement is to classify your data.
Integrity is up next. As a cybersecurity professional, you want to prevent unauthorized modifications or corruption to your data. Please keep in mind that not all integrity breaches are attacks. We are human and humans make many mistakes. I can remember as a Systems Administrator, I had inadvertently deleted data that I probably should have not done! Whoops! Hello backups! However, if highly sensitive data was intentionally altered from an employee or from someone from the outside, that would be a bad day. How do you improve on integrity? Digital signatures and hashes would be an avenue to explore.
Availability is the last piece of the CIA triad. Availability is ensuring that your data is accessible when it is needed. Let’s think about this for a moment. Your corporation is hosting an ecommerce website that was suddenly under a Denial of Service (DoS) attack. What is the result? Your customers are having difficulty accessing (availability) your website to learn and purchase items. A situation such as this, will harm the financial state of your business and your reputation. What can we implement to protect this leg of the CIA triad? For me, I would consider implementing load balancing technology, an external hosting site (hot site), updated equipment running RAID technology and detailed documentation.
About the Author
Russ Munisteri is an Information Technology professional and educator. After completing his Bachelor’s Degree in Media and Communications, Russ felt that he was lost in the fog. He was unclear what direction he wanted to take. At the time, a friend pointed him towards a technical school to learn about computers with a focus on obtaining specific IT certifications. From there, Russ had landed my first IT job in the Help Desk Department, which later led to becoming a Systems Administrator. He was able to take his knowledge and put it into play. Russ had the opportunity to work with various technologies, disaster recovery procedures, construct and secure networks with his new almighty power of being an administrator! Oh yeah! While working as a System Admin, Russ went back to school and obtained his Master’s Degree.
As a Systems Administrator, Russ worked with various technologies, involved with projects, cloud environments, etc. During that time, Russ felt that he was being called to help others through education and teaching people technology. Guess what? His wish came true. MyComputerCareer hired Russ at the Raleigh, North Carolina campus and started teaching Microsoft and CompTIA certifications. He taught for almost two years and helped to change hundreds of students’ lives. Russ was recently promoted to the Director of Education, where he will help to mentor Instructors to be the best that they can be in the classroom. He also continues on with his own education, while continuing pursue technology trends and advanced IT certifications.
“True success isn’t about money or things. It’s about people, commitment, loyalty and relationships.” ~Jon Gordon
Based in Holly Springs, North Carolina, MyComputerCareer, Inc. is an innovative adult technical school with courses taught online and at its seven campuses in Indiana, Ohio, North Carolina and Texas. Students who complete MyComputerCareer’s rigorous Information Technology courses may earn up to 13 highly valuable IT Certifications in areas ranging from Operating Systems to Computer Networks and Cyber Security, certificates often required even for those with four-year college degrees. In addition, these courses form the foundation for students interested in obtaining an Associate’s degree from MyComputerCareer.
GI Bill® is a registered trademark of the U.S. Department of Veterans Affairs (VA). More information about education benefits offered by VA is available at the official U.S. government Web site at https://www.benefits.va.gov/gibill.
Check MyComputerCareer Out!
Want to see more? Or are you looking for IT certifications like CompTIA A+, CompTIA Net+, CompTIA Server+, CompTIA Server+, CCNA, CCENT, Microsoft Certified Professional (MCP), CEH and others? Come on over and check us out!