General Certified in Cybersecurity (CC) links
General CC Links:
https://www.isc2.org/Certifications/cissp/Certification-Exam-Outline
https://www.isc2.org/Certifications/Qualification-Pathfinder
https://blog.isc2.org/isc2_blog/2022/09/so-youre-certified-in-cybersecurity-now-what-.html
https://blog.isc2.org/isc2_blog/2022/08/new-to-cybersecurity-career-hacks.html
Confidentiality, integrity, and availability (CIA) are three fundamental pillars of cybersecurity. They serve as a foundation for designing and implementing secure systems, protecting against cyber threats and attacks, and ensuring that sensitive data and critical assets remain secure.
Confidentiality in Cybersecurity:
In the context of cybersecurity, confidentiality refers to protecting sensitive information from unauthorized disclosure or access. Sensitive information can include personal identifiable information (PII), financial data, trade secrets, intellectual property, and other proprietary information. To ensure confidentiality, cybersecurity measures such as encryption, access controls, and data loss prevention technologies are used to prevent unauthorized access, disclosure, or theft of sensitive data.
Integrity in Cybersecurity:
Integrity in cybersecurity refers to the protection of the accuracy and completeness of data. This includes ensuring that data is not tampered with or altered by unauthorized users or malicious actors, and that any changes made to data are authorized and controlled. In order to protect data integrity, cybersecurity measures such as digital signatures, access controls, and audit trails are used to ensure that data is protected from unauthorized modifications.
Availability in Cybersecurity:
Availability in cybersecurity refers to the availability and reliability of systems and services, and ensuring that authorized users have access to the resources they need when they need them. Availability can be disrupted by cyber attacks such as distributed denial of service (DDoS) attacks, ransomware attacks, and other forms of malware. To ensure availability, cybersecurity measures such as redundancy, disaster recovery planning, and backup systems are implemented to ensure that systems and services remain available and operational in the event of an outage or attack.
In summary, confidentiality, integrity, and availability are essential principles in cybersecurity. These principles guide the design and implementation of secure systems and ensure that sensitive data and critical assets remain protected from cyber threats and attacks. By adhering to these principles, organizations can improve their security posture and reduce the risk of cyber incidents.
If data integrity is most important to us, which of these would we MOST likely use?
Message Digests :
Message digests, also known as hash functions, are a cryptographic technique used to ensure data integrity. A message digest is a fixed-length sequence of bits that is generated by applying a mathematical algorithm to a message or data file. The algorithm takes the input message or file and applies a set of mathematical operations to produce a unique fixed-length output, which is the message digest.
Message digests are commonly used to verify the integrity of data in transit or at rest. They can be used to confirm that a file or message has not been altered or tampered with during transmission or storage. This is achieved by generating a message digest of the original file or message before transmission or storage, and then generating a new message digest of the received or retrieved file or message. If the two message digests match, then it is highly likely that the data has not been tampered with.
Message digests are widely used in cybersecurity for a variety of applications, including digital signatures, password storage, and file verification. They are also used in blockchain technology to ensure the integrity of the blockchain ledger. Popular message digest algorithms include SHA-256, MD5, and SHA-3.
If data integrity is the most important consideration, then the cybersecurity measure that would be most likely used is digital signatures. Digital signatures are a form of authentication that ensure the integrity of a message, document, or data file. A digital signature is created using a mathematical algorithm that generates a unique code, which is attached to the message or file. If any changes are made to the message or file, the digital signature will be invalidated, indicating that the data has been tampered with. Digital signatures are commonly used to authenticate documents, verify the identity of the sender, and ensure the integrity of data in transit or at rest. By using digital signatures, organizations can ensure that data is protected from unauthorized modifications, which is essential for maintaining data integrity.
After an attack we have suffered a loss of public confidence, which leg of the CIA was compromised?
Confidentiality :
Loss of public confidence can be attributed to the compromise of the confidentiality and/or availability leg of the CIA triad.
If sensitive information was disclosed to unauthorized parties as a result of the attack, the confidentiality of the information was compromised. This can result in a loss of public confidence as customers and other stakeholders may feel that their private information is not being adequately protected by the organization.
If the attack caused a disruption to services or systems, resulting in a loss of availability, this can also erode public confidence. Customers and stakeholders may lose trust in the organization's ability to provide reliable services and may seek alternatives that they perceive to be more dependable.
It's also possible that the loss of public confidence was a result of a combination of compromised confidentiality and availability. In any case, it's important for organizations to take steps to rebuild public trust after a cyber attack. This can include being transparent about the incident and its impact, taking steps to remediate vulnerabilities, and implementing additional security measures to prevent future attacks.
Comments
Post a Comment