Skip to main content

INTRODUCTION TO CYBER SECURITY PRINCIPLES

When implementing cybersecurity, there are two specific goals to be attained: first, confidential information must be kept out of reach of potential cyber attackers and other unauthorized individuals. Second, cybersecurity measures must not hinder authorized users' access to the information. The following are the three main principles of cybersecurity:

Confidentiality - Cybersecurity should ensure that the information to be secured is only accessible to authorized users and prevents the disclosure of information to unauthorized parties. For example, to implement confidentiality of company information on a cloud-based Customer Relationship Management (CRM) system, access can be restricted to users with the right username-password combination. Most systems also implement confidentiality through data encryption, which is an additional layer of security. Decryption of the data requires an individual or system to attempt access using the requisite key.

Integrity - Cybersecurity efforts should ensure information remains accurate, consistent and not subject to unauthorized modification. For example, from the CRM example provided, integrity is achieved when measures are put in place to ensure that email communication between a sales representative and a customer is not intercepted and modified by an intruder when it is still in transit.

Availability - Efforts to secure information in cyberspace should not hinder its access by an authorized party. Additionally, cybersecurity implementation has to provide for redundancy access in case of any outage. For example, the company using the cloud-based CRM system can implement proxy servers and firewalls as a security measure against Denial of Service (DoS) attacks, which would create system unavailability if successful.

Comments

Post a Comment

Welcome.

Popular posts from this blog

United Nations Conference on Trade and Development

United Nations Conference on Trade and Development The  United Nations Conference on Trade and Development  ( UNCTAD ) was established in 1964 as a permanent intergovernmental body. UNCTAD is the part of the  United Nations Secretariat  dealing with trade, investment, and development issues. The organization's goals are to: "maximize the  trade ,  investment  and development opportunities of  developing countries  and assist them in their efforts to integrate into the world economy on an equitable basis". UNCTAD was established by the  United Nations General Assembly  in 1964 and it reports to the UN General Assembly and  United Nations Economic and Social Council . [1] The primary objective of UNCTAD is to formulate policies relating to all aspects of development including trade, aid, transport, finance and technology. The conference ordinarily meets once in four years; the permanent secretariat is in Geneva.
Post a Comment
Read more

Digital Forensics and Encryption

Digital Forensics and Encryption The use of encryption technology to protect computer data is growing—and that fact presents a challenge for forensic investigators. Without a decryption key, forensic tools cannot be used to find digital evidence. Even with the key, searching encrypted data can be tricky and time consuming. Below are some answers to common questions about trends in the use of encryption and what investigators can do to get as much evidence as possible from an encrypted file or drive.
Post a Comment
Read more

Cryptography - Wikipedia

Cryptography Cryptography  or  cryptology  (from  Ancient Greek :  κρυπτός ,  romanized :  kryptós  "hidden, secret"; and  γράφειν   graphein , "to write", or  -λογία   -logia , "study", respectively [1] ) is the practice and study of techniques for  secure communication  in the presence of third parties called  adversaries . [2]  More generally, cryptography is about constructing and analyzing  protocols  that prevent third parties or the public from reading private messages; [3]  various aspects in  information security  such as data  confidentiality ,  data integrity ,  authentication , and  non-repudiation [4]  are central to modern cryptography. Modern cryptography exists at the intersection of the disciplines of  mathematics ,  computer science ,  electrical engineering ,  communication science , and  physics . Applications...
Post a Comment
Read more