CYS103 WK 1 CIA TRIAD ASSIGMNMENT CYS 103
docx
keyboard_arrow_up
School
Eastern Gateway Community College *
*We aren’t endorsed by this school
Course
103
Subject
Information Systems
Date
Jan 9, 2024
Type
docx
Pages
5
Uploaded by MinisterRatPerson690
CIA Triad Assignment
CYS103_1000 - Network Defense
2
CIA Triad
Understanding how businesses, non-profits, and trade associations execute each element of the CIA (Confidentiality, Integrity, and Availability) Triad is crucial. A comprehensive illustration of this would emphasize significance. The following examples pinpoint the targeted threat, the possible negative consequences, and how implementing the CIA Triad can ultimately benefit the organization.
Maintaining confidentiality regarding information security is crucial - meaning authorized users and processes should only access or modify data (Fruhlinger, 2020). It is vital to
ensure that sensitive information is not compromised and that privacy is protected.
Ensuring confidentiality involves implementing methods for verifying a user's identity and determining authorized access to data, achieved through authentication and authorization processes (Fruhlinger, 2020). For example, a business can implement confidentiality by encrypting sensitive data before storing it on its servers. Taking this step helps to address the threat of data theft, which can result in potential harm, such as financial loss or damage to the company's reputation. By ensuring that only authorized personnel can access the encrypted data, the business can benefit from increased security and protection of sensitive information.
Another example includes a healthcare provider that can implement confidentiality using secure messaging applications to communicate with patients. Application measures help to address the threat of unauthorized access to sensitive patient information, which can result in potential harm, such as medical identity theft or breach of privacy. By ensuring that only authorized personnel can access the messaging application and that all messages are encrypted (Chai, 2023) end-to-end, the healthcare provider can benefit from increased security and protection of its patients' sensitive information.
3
CIA Triad
Maintaining the integrity of data means ensuring that it is in a correct state and cannot be improperly modified, intentionally or unintentionally (Fruhlinger, 2020). Protecting the physical integrity of storage media can also protect the virtual integrity of data. Defending against breaches of integrity includes detecting changes in data and conducting frequent backups (Chai). Breaches of integrity are less apparent but could include altering business data or hacking financial systems. A typical attack on data integrity is a defacement attack where hackers alter a website's HTML for fun or ideological reasons (Fruhlinger, 2020).
A non-profit organization can establish database access controls and auditing features to maintain integrity. These actions help prevent data manipulation that can result in misleading or incorrect information sharing. By restricting data modification to authorized personnel and tracking changes, the non-profit can enhance trust and reliability in its data.
Plagiarism detection software can be implemented in an educational institution's learning management system to address the threat of academic dishonesty. By flagging and addressing plagiarism, this can help increase academic integrity and trust in the student body.
To ensure availability, authorized users must have access to data as they require it. One can achieve this by maintaining all systems and ensuring they can handle anticipated network traffic, such as keeping the hardware current, monitoring bandwidth usage, and having contingency plans for when systems fail (Fruhlinger, 2020). For example, a trade association can use redundant servers and backup systems to implement availability, which assists in addressing the threat of system failure, resulting in potential harm, such as downtime and loss of productivity. By ensuring that backup systems are in place, the trade association can benefit from increased uptime and minimal disruption to its operations.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
4
CIA Triad
An e-commerce website can implement availability by ensuring that it is hosted on a reliable server with a backup server in case of downtime or technical issues. This helps to address the threat of denial-of-service (DOS) attacks or server failures, which can result in potential harm, such as loss of sales revenue or damage to the website's reputation. By ensuring that the website is always up and running and that customers can access it anytime, the e-
commerce website can benefit from increased availability and customers.
In conclusion, it is vital to comprehend how various organizations, such as businesses, non-profits, and trade associations, implement each aspect of the CIA Triad and are affected by each. These examples accurately identify potential threats, negative consequences, and how using the CIA Triad can ultimately benefit the organization. Utilizing the CIA triad serves to guide organizational security policies and frameworks. It is not just about purchasing tools but prioritizing and thinking strategically (Chai, 2023).
5
CIA Triad
References
Chai, W. (2023, February 10).
What is the CIA triad? definition, explanation, examples: TechTarget
. WhatIs.com. https://www.techtarget.com/whatis/definition/Confidentiality-
integrity-and-availability-CIA
.
Fruhlinger, J. (2020, February 10).
The CIA triad: Definition, components and examples
. CSO Online. https://www.csoonline.com/article/568917/the-cia-triad-definition-components-
and-examples.html
.