Known to pracitioners as Confidentiality, Integrity and Availability, CIA, is forever-green in its understanding, making it a constant talking point in any technology platform. As the phases of the project expand, so does its needs. Its not a responsive method so a crash course understanding wont give any more depth when compared to reading whitepapers found though search enging results.
The business sets the soft tone of security requirements and its the practitioner that enages the known CIA triage model through hands on experiences of People, Technology and Process.
The business sets the soft tone of security requirements and its the practitioner that enages the known CIA triage model through hands on experiences of People, Technology and Process.
- GP knows patient records must be confidential,
- Hospital knows equipment must be available to treat patients,
- Drug manufacturer knows scientific reaserch must have its integrity kept intact when creating drugs for patients.
Similarly, content creators like movie studies or web design firms need integrity of content to provide it to carrier grade distributors make it available for confidential use for users.
During cyber compramises, a practitioner needs access to pragmatic documents. Yes, they have access to vendor portals, or access to technology governing bodies like ISO, PCI or Sans bodies, just like the government provide health guidlines on how laboraties are to be built or what chemicals can be used to create medicine but each providing their views on understanding technology and its application.
The barter system allowed the exchange of goods and services - those real time dynamics exist today, though those exchanges also now extend to cloud and social technology platforms that require CIA and use of other methods like Defense in Depth layer analysis to identify possible points of aggrevators in the platform, data content and social sentiments.
Every business has different perspective of CIA that can be addressed through people, process and technology.
This is cyber, this is iterations of security.