Cybersecurity is the protection of systems, servers, networks, etc including hardware, software, and data from cyberattacks. looking at all the kinds of cyberattacks possible and the data breaches in the past. It is the mechanism or protocol to save us from such sorts of cyberattacks.
In a computing context, security comprises of two things, Cybersecurity, and Physical security. enterprises use these to protect against unauthorized access to data centers or other forms of data sources.
This comes under information security(Infosec). Infosec is designed to maintain confidentiality, integrity, and availability of data. Information security is a subset of cybersecurity. considering those three things we need to protect against the following in it.
1} Unauthorized Access
2} Unauthorized Deletion
3} Unauthorized Modification
These three terms are very synonymous to commonly used term “CIA Triad”.
What is CIA Triad?
CIA Triad is a security model designed to protect our online information. This stands for CONFIDENTIALITY, INTEGRITY, and AVAILABILITY. Confidentiality refers to keeping information secret. Integrity refers to maintaining the expected state of our information or systems. Availability ensures that the information or systems are accessible to those with permissions.
The CIA Triad also referred to as ‘three pillars of security’. From large enterprises to small companies are based on these principles for information security.
CONFIDENTIALITY
Confidentiality is equivalent to privacy. the company takes privacy measures, designed to prevent sensitive information from reaching the wrong people. the right people can in fact get the access must be restricted to those who authorize to view the data in question. It is common for the data to be categorized according to the amount and type of damage that can be done with it.
Confidentiality can be Violated in uncountabe ways. For, an example to attack the system in such a way to gain unauthorized access to servers or databases.
Attacks Based On Confidentiality:
1} Cracking encrypted passwords
2} Man in the Middle attacks
3} Data breaches
4} Installing malware/spyware on servers
5} SQL Injection
In order to maintain the confidentiality of data, strong access controls and authentication mechanisms should be implemented. The company can provide Adequate training for those who have access to data. Data encryption and steganography are also important to ensure confidentiality.
INTEGRITY
Integrity involves maintaining accuracy, integrity, and trustworthiness of data. The meaning of integrity in itself is the state of being whole and undivided. These measures include file permissions and user access controls. Integrity also means the quality of the data being whole or complete. Integrity ensures the authenticity and reliability of data. It ensures the data has not tampered with in any unauthorized way.
Integrity can be compromised in two ways. The first way includes an attack vector such as tampering or altering the data after escalating privileges by attack vectors. For example, changing the configurations, passwords, and other important logs to evade detection.
Attacks based on integrity:
1} Web Application penetration testing
2} Maliciously accessing servers for data
3} Botnets
4} Database port scans
In order to maintain the integrity of data, properly updated intrusion detection systems must be installed. Other methods include data encryption, digital signatures, digital certificates, and hashing.
AVAILABILITY
Availability is the accessibility of data to authorized users when they need them. If data, applications, or services are not available to users when they need them, its value decreases. the company ensures availability by maintaining hardware and correctly functional operating system environment. The environment must be free of software conflicts.
the company can ensure a fully patched operating system and upgraded to its latest version. This may also help in data conflicts. Unpredictable disasters are also a reason for availability loss. To mitigate this, data should be backed up in backup servers in a different geographical location.
Attacks based on integrity:
1} DoS and DDoS attacks
2} Forced encryption of data
3} Flooding server with too many requests
4} Disrupting power supply to database servers
In order to maintain the availability of data, proper hardware, and software tolerance for both servers and systems must be ensured. Regular software patching and system upgrade and denial of service protection must be installed.