Information Security

Information security is "the state of well-being of information and infrastructure in which the possibility of theft, tampering, or disruption of information and services is kept low or tolerable." 

Information security focuses on proactively protecting information and systems from unauthorized access, misuse, disclosure, disruption, or destruction.

Elements of Information Security

It relies on five major elements:

1. Confidentiality: assurance that the information is only accessible to authorized persons or systems. Breaches — improper data handling or unauthorized access. Controls — access controls & credentials, data encryptions, and proper hardware disposal.

2. Integrity: assurance that data or resources are sufficiently accurate and reliable for their purpose; trustworthiness that they have not been tampered with intentionally or unintentionally. Controls - cryptographic encryption, checksums, and access controls.

3. Availability: assurance that systems responsible for delivering, storing, and processing information are accessible when required by authorized persons. Controls - hardware redundancy, AV solutions, etc.

4. Authenticity: refers to a characteristic of communication, transactions, or data that ensures the quality of being genuine or uncorrupted; a significant role of authentication is confirming that a user is genuine/authentic. Controls — biometrics, smart cards, digital certificates.

5. Non-repudiation: assurance that process, communication, or transaction cannot later be denied as being executed by a person or system. For example, a sender cannot deny sending a message, nor can the recipient deny receiving the message. Controls — digital signatures.

CIA Triad: Confidentiality, Integrity, and Availability.

The above helps inform organizations on how to set up secure systems, security controls, and policies. Cybersecurity professional use them to establish f

The above helps inform organizations on setting up secure systems, security controls, and policies. Cybersecurity professionals use them to establish appropriate controls to mitigate threats, risks, and vulnerabilities.

• Vulnerabilities:

• Threats: any circumstance or event that can negatively impact assets, e.g., social engineering attacks, denial of service, etc.

• Risks: the likelihood of a threat occurring. They are rated as Critical, High, Medium, or Low.

• Vulnerabilities: are application, system, or network weaknesses that a threat can exploit, such as weak passwords or outdated/misconfigured firewalls.

Note: Both a vulnerability and a threat must be present for there to be a risk.

Likelihood x Threat = Risk

• Assets: any item with perceived value (data, software, or hardware) to an organization, which thus carries an inherent risk (improper tampering, destruction, or disclosure) and thus requires protective security controls and measures.

• Compliance: the process of adhering to internal standards and external regulations, enabling organizations to avoid fines and security breaches.

• Security Frameworks: guidelines for building plans to help mitigate risks and threats to the CIA triad.

• Security Controls: safeguards designed to reduce specific risks; they are used with security frameworks to establish a strong security posture.

• Security posture refers to an organization's ability to manage its defense of critical assets and data and react to change; a strong security posture leads to lower risk for the organization.