Cybersecurity Fundamentals: Threats, CIA Triangle, and System Components

Classified in Computers

Written on in English with a size of 3.63 KB

Essential Concepts in Information Security

Threat vs. Threat Agent: Key Distinctions

The word “threat” usually stands for a category of things that pose a potential danger. Viruses, worms, and other types of malware, for example, are threats. A “threat agent,” by contrast, is a specific threat, or a specific type of virus, worm, or other malware. For example, the Blaster Worm is a threat agent.

Vulnerability vs. Exposure in Security Systems

Vulnerability is a fault within the system, such as software package flaws, unlocked doors, or an unprotected system port. It leaves things open to an attack or damage.

Exposure is a single instance when a system is open to damage. Vulnerabilities can in turn be the cause of exposure.

Infrastructure Protection and Information Security

The Committee on National Security Systems (CNSS) defines information security as the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information. Thus, assuring the security of utility services is a critical element in the information system.

Security Dominant in Early Computing Years

Computer Security was the dominant type of security. The focus was on the physical protection of hardware. Before computers were networked, protection mechanisms included locking doors and implementing physical security policies.

Why Top-Down Security Approach is Superior

The top-down approach is considered superior as it is initiated by upper-level managers. This has significance since acceptance by senior management is considered key and vital to the success of an information security program implementation.

The Three Components of the C.I.A. Triangle

The three components of the C.I.A. triangle are:

  • Confidentiality
  • Integrity
  • Availability

They are used as a basic model for the protection of information.

Why the C.I.A. Triangle Remains Essential

The C.I.A. triangle is still used because it addresses the major concerns regarding the vulnerability of information systems.

Critical Characteristics of Information Security

These characteristics are used in the study of computer security to define and measure the quality and security posture of data:

  • Availability: Authorized users can access the information when needed.
  • Accuracy: The information is free from errors.
  • Authenticity: The information is genuine and verifiable.
  • Confidentiality: Preventing disclosure of information to unauthorized individuals.
  • Integrity: The information is whole and uncorrupted.
  • Utility: The information has a value for some purpose.
  • Possession: Ownership or control over the information.

Six Components of an Information System

The six components of an information system are:

  • Hardware
  • Software: Commonly associated with security study due to frequent software errors.
  • Personnel: Most directly affected by security study, requiring training, awareness, and education.
  • Networks
  • Data
  • Procedures: The instructions used to complete a specific task. They may expose vulnerabilities in the system.
Karma: 8%
Visits: 0

Related entries:

Tags:
Exposure Information Security Infrastructure Protection Cybersecurity Integrity Data Protection Vulnerability Security Policy Availability Information System Components CIA Triangle Top-Down Approach Confidentiality Threat Definition Threat Agent Computer Security