Categories Topics
Description
Information Security Objectives

Overview
The primary objectives of Information Security include Confidentiality, Integrity and Availability of information. Also known as "CIA", Confidentiality, Integrity and Availability should be three critical drivers for every organization's information security program and strategy

Guidelines
Confidentiality is the practice to ensure only authorized disclosure of data. Methods of ensuring confidentiality include encryption (see topic) and access control objectives to include:
  • Identification (user identity)
  • Authentication (establishes user identity)
  • Authorization (rights and permissions granted to individual that enables access to a resource)
  • Accountability (system's ability to determine actions of individual or audit trail)
Integrity is the process of ensuring data is consistent and not changed from unauthorized modifications. Data should also be created or maintained by well-formed transactions. See topics Integrity Checking for more information.

Availability is the process of ensuring reliable and timely access to information. Mechanisms include Business Continuity Plan (see topic) and Disaster Recovery, to name a few.

Topic Category
Information Security Program
 
News Articles
CNBC Talks to Cyber Threat Alliance About Taking the Fight to Cyberattackersresearchcenter.paloaltonetworks.com1/15/2015