Core concepts, principles, and security controls
Before diving into technical aspects like SQL injections or password cracking, understanding the basic principles of cybersecurity is essential. The fundamental challenge of cybersecurity is balancing security with usability.
There is an inherent friction between network security and network usability/convenience. Increased security often means decreased convenience, while increased convenience can weaken security posture.
Internet service providers typically set complex default passwords (e.g., "3%1WT&!92#SXH") for home routers. Users often replace these with simpler passwords (e.g., "cupcake#1") for convenience, which significantly reduces security.
The protection of data and information from unauthorized access, unlawful modification, disclosure, corruption, or destruction.
Example: Encrypting sensitive customer data to protect it from unauthorized access.
The protection of the systems that hold and process critical data (computers, servers, network devices, smartphones).
Example: Implementing firewalls to protect servers that store company data.
Ensures information is only accessible to those with appropriate authorization.
Example: Encrypting sensitive files so only authorized personnel can decrypt and read them.
Ensures data remains accurate and unaltered unless modification is required.
Example: Using checksums to verify that files haven't been changed during data transfer.
Ensures information resources are accessible and functional when needed by authorized users.
Example: Implementing redundancy measures for a website to ensure it remains online regardless of traffic volume.
The traditional C.I.A. triad has been expanded to include two additional concepts:
Guarantees that a specific action has taken place and cannot be denied by the parties involved.
Example: Using digital signatures on emails to ensure the sender cannot deny sending the message.
The process of verifying the identity of a user or system.
Example: Checking a username and password against stored credentials to confirm user identity.
| Concept | Definition | Example |
|---|---|---|
| Authentication | Verifying the identity of a user or system | Checking username and password against stored credentials |
| Authorization | Determining what actions or resources an authenticated user has permission to access | Granting read-only access to database records while restricting edit permissions |
| Accounting | Tracking user activities and resource utilization for auditing or billing purposes | Logging all user activities on a network to monitor for unusual behavior |
| Control Type | Purpose |
|---|---|
| Preventative | Stop attacks before they occur |
| Deterrent | Discourage potential attackers |
| Detective | Identify when an attack has occurred |
| Corrective | Mitigate damage after an incident |
| Compensating | Alternative controls when primary controls cannot be implemented |
| Directive | Guide behavior through policies and procedures |
A security model operating on the principle that no one, inside or outside the organization, should be trusted by default. Verification is required from everyone trying to access resources.