CyberSecurity 101

CyberSecurity 101

The CIA Triad

Information Security is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. The core pillars of information security are Confidentiality, Integrity, and Availability. These three elements form the basis in developing information security policies within an organization.

  • Confidentiality: the characteristic of information that is not made available or disclosed to unauthorized individuals, entities, or processes.

  • Integrity: the characteristic of information that is accurate and complete throughout the data life cycle.

  • Availability: the characteristic of information that is where it should be when it should be there so it can be processed and transmitted when needed.

NIST Cybersecurity Framework

The NIST Cybersecurity Framework is used to assess and mature cybersecurity programs and capabilities to prevent, detect, and respond to cyber incidents.

  • Identify: Develop an organizational understanding to manage cybersecurity risk to people, processes, and technology.

  • Protect: Develop and implement appropriate safeguards to ensure delivery of critical services.

  • Detect: Develop and implement appropriate activities to identify the occurrence of a cybersecurity event.

  • Respond: Develop and implement appropriate activities to take action regarding a detected cybersecurity incident.

  • Recover: Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident.

Threats, Vulnerabilities, and Risks

The NIST Cybersecurity Framework is used to assess and mature cybersecurity programs and capabilities to prevent, detect, and respond to cyber incidents.

  • Asset: Assets are the people, processes, and technology that need to be protected so the business can meet its objectives.

  • Threat: Threats are the things we protect against, they can exploit a vulnerability to damage or destroy an asset.

  • Vulnerability: Vulnerabilities are the weaknesses that are exploited by threats to harm an organization's assets.

  • Risk: A Risk is the total loss of an asset if a threat successfully exploited a vulnerability.


General Information


Technical Publications

Symantec Intelligence Report 2019
Verizon Data Breach Investigations Reports
Deloitte-NASCIO 2018 Cybersecurity Study
Socializing Securely: Using Social Networking Services
Introduction to Information Security
DDoS Quick Guide
Malware Threats and Mitigation Strategies

Contact Us

Please fill in the form below and we will contact you as soon as possible.

RICHARD CRAYDON, CHIEF INFORMATION SECURITY OFFICER.
Please read our Privacy Policy, Disclaimer and Accessibility Policy.
If any questions, contact us on the email below.