Must Know Cybersecurity Principles to Understand

And Still, The Reigning Undisputed Cybersecurity Foundation Principle is?

CIA Triad

Cybersecurity can be a complex subject, but all successful cybersecurity programs are built on a set of fundamental principles. The CIA Triad is a set of principles that includes confidentiality, integrity, and availability. These core principles will help anyone establish a strong security posture, identify risks, and mitigate them effectively.

Confidentiality aims to protect sensitive information from prying eyes. Imagine it as a vault that securely stores the most valuable assets. This means that in cybersecurity, only authorized users have access to sensitive information.

Access controls, encryption and other security measures are used to maintain confidentiality. This prevents unauthorized access.

Integrity, the second principle in the CIA Triad is all about maintaining accuracy and reliability of data. Imagine that someone has tampered with data. It could have catastrophic consequences, leading to incorrect decisions.

Use measures like digital signatures and checksums to ensure data integrity. These tools can detect any unauthorized changes to data, and help ensure its authenticity.

Availability, the third pillar in the CIA Triad. This principle ensures data and resources can be accessed when required. Imagine a situation where a service or system that is critical becomes unavailable. The productivity can be halted and revenue losses can rapidly accumulate.

Implement redundancy, fault-tolerance, disaster recovery plans and load balancing to guarantee availability. These measures will ensure that systems are accessible even when there is an unexpected interruption.

The CIA Triad infuse every aspect of information security assurance and these three principles–confidentiality, integrity, and availability, serve as the root.

Parkerian Hexad

It has been said that the CIA Triad is focused on technology and ignores the human element. The Parkerian Hexad therefore addresses the human element with three more principles: Possession or Control, Authenticity, and Utility.

Possession or Control is the idea that individuals with authority should be able to protect data from unauthorised access, use or disclosure. It also means they can disrupt, modify, or destroy information. This is essentially about maintaining authority and ownership over data.

It is important to have possession or control of data in addition to confidentiality. This principle stresses the importance of having a clear idea who has access and can track and monitor the data usage. Implementing robust identity management and access control systems allows organizations to ensure that only authorized users can access data and manipulate it.

Authenticity signifies that the information comes from the source it claims to come from. Digital certificates, multifactor authentication and other methods can be used to verify this.

Utility is a term that describes information in a format which can be used by individuals who are authorized. It is possible to achieve this by using standard formats, protocols, and documentation.

Utility ensures that cybersecurity measures do not hinder the functionality and usability of systems and as such, it is important to strike a balance between usability and security. Cybersecurity shouldn't hinder business, but should instead enhance it. 

The Parkerian Hexad provides a useful framework for managing cybersecurity risks. It can be used for developing and implementing security controls to protect information against a variety of threats.

Below are some examples on how to apply the Parkerian Hexad in practice.

  • Physical security measures can be used by a retail store to prevent theft of its stock.
  • Digital certificates can be used to verify the identity of a website to its visitors.
  • Software developers may provide training and documentation to ensure that their users are using their products safely.

Focusing on all six pillars, rather than just CIA alone, allows organizations to take a more deliberate approach in securing their environments. The Parkerian Hexad is a powerful framework for a comprehensive cybersecurity strategy.

Strategy, People, Process & Technology

Cybersecurity is a complex field. However, there are some core principles which are necessary for success in every domain. These principles includes:

Cybersecurity should be integrated into the business strategy. Understanding the assets, risks and tolerance of risk within an organization is key. After this understanding has been established, a strategy for cybersecurity can be developed in order to protect the most important assets of the organization.

  • Develop a comprehensive cyber security strategy that is aligned with the organization’s goals.
  • Prioritize the most valuable assets in terms of their value and risks.
  • Set up a framework for risk management that includes regular assessment, monitoring and reporting.
  • Make sure that your cybersecurity strategy is reviewed and updated regularly to reflect new threats and vulnerabilities.

People: The most important part of any cybersecurity program. They are responsible for the implementation and maintenance of security controls. All employees should receive training and education, irrespective of their position in the company.

  • Create a culture of cybersecurity that stresses the importance of security across the entire organization.
  • Train your employees in cybersecurity best practices including password management and phishing awareness.
  • Assign roles and responsibilities to cybersecurity in the organization.
  • Assure that the cybersecurity team is equipped with the skills and resources necessary to manage security risks effectively.

Process: Cybersecurity policies, procedures & practices are crucial for ensuring security controls are maintained and implemented consistently. These processes need to be documented and regularly reviewed to ensure they are effective.

  • Implement a robust response plan, which includes procedures for detecting and investigating security incidents, as well as responding to them.
  • Test your incident response plan regularly to make sure it works.
  • Set clear policies and procedures regarding data protection, network security, and access control.
  • Review and update your policies and procedures regularly to ensure they remain effective.

Technology: Cybersecurity technologies provide the tools and capabilities required to defend against cyberattacks. Technology is only as good as the people who use it.

  • Implement a multi-layered defence strategy, including firewalls, intrusion prevention and detection systems, and endpoint security.
  • Update and patch your software and system regularly to fix known vulnerabilities.
  • Implement strong access control measures, such as multi-factor authentication (MFA) and least privilege.
  • Monitor your network and system regularly for suspicious activities.

These are some examples to show how these elements can be used together:

  • Strategy: A business develops a cyber-security strategy that is focused on protecting customer data. This strategy involves implementing security controls in order to protect databases and websites against attack.
  • People: The IT team of the company implements the security measures defined in the cybersecurity plan. They also educate employees about cybersecurity best practices such as how they can spot phishing emails or create strong passwords.
  • Process: The company creates a response process to security incidents. This process includes steps to identify, contain, and eradicate security incidents.
  • Technology: To protect its systems and networks from attacks, the company uses security technologies such as intrusion detection systems and firewalls.

A successful cybersecurity program is dependent on strategy, people, processes, and technology. Each element has a specific role to play, but all must work together in order to protect the organization against a variety of threats.

McCumber Cube

The McCumber Cube is a specific tool that analyses, identifies, and manages risks posed by threats. It takes a broader view than the CIA triad or Parkerian Hexad, which focuses on information security principles.

What is the McCumber cube and why should I care?

Imagine a three-dimensional Rubik’s cube, but instead of just three sides, it has six. Each side represents a dimension of cybersecurity. Let us look at each side:

This first dimension is referred to as “Threats & Countermeasures” or “Information Security Properties.” It is essentially the CIA Triad, with an additional security service covering mainly;

Non-Repudiation: the ability to prove a person or organization was responsible for an action or transaction. It is a means of establishing the authenticity of a particular activity (which comes from the Parkerian Hexad Principle of “Authenticity”).

Authentication: the process by which the identity of an individual, a device or a system is verified. This is usually done by using usernames, passwords or other forms of credentials that are then checked against a database with authorized users.

The second dimension focuses on identifying the three “Information States”, or states of data and information.

Data in Transit: This is information that is being sent over a network. For example, between two devices.

These types of data are particularly susceptible to interception and tampering as they are not protected by the encryption or security measures that protect data in rest or storage. Cybersecurity measures like encryption, firewalls and network segmentation are effective in protecting data while it is being transmitted.

Data at Rest or Storage: This is information that has been stored on a server or device, for example, on a hard disk, in a data base, or on cloud storage.

These types of data are typically more secure than data that is in transit because they are not transmitted over a network. They are also protected by security measures like access controls and encryption. It is vulnerable to theft, however, if the security measures are not implemented and maintained properly.

Data in Process: This is information that’s being processed by a system, application or other software. Information that is temporarily stored in memory, or information being sent between components of a computer system can be included.

It is easy to overlook data in process, but this can be an attractive target for attackers. This is because it is vulnerable and can be exploited to gain access to sensitive information or systems. Cybersecurity measures, such as encryption and access controls, can be used to limit the ability of unauthorized users to access or manipulate the data.

The third dimension of the Cube identifies the expertise & skills required to provide protection, refer to as “Security Measures.” This effectively includes the already discuss Strategy, Process, technology & People. Where Processes is equivalent to the Cuber layers of “Policy and Practice”

The cube is a useful tool for:

Vulnerabilities – Identify weak points in cyber strategy by looking at each aspect. Are policies current? Are employees well-trained and qualified? Are external threats on the radar?

Prioritize: not all cybersecurity risks have the same importance. The Cube allows use to prioritize attention and resources based on specific threats and vulnerabilities within each dimension.

Plan strategically: With a complete view of the organization’s cyber landscape, a strategy can be created that covers all aspects.

Mastering the McCumber Cube allows us to be agile and adapt to new technologies as they are developed and will help tackle cybersecurity in all its forms, making organization is more resilient and secure.

Conclusion

The principles discussed – the CIA Triad, Strategy, Parkerian Hexad, People, Process & Technology, and the McCumber Cube – are not only theoretical concepts, but practical guidelines which should form the basis of any cybersecurity endeavours.

How Can ITM Help You?

IT Minister covers all aspects of Cyber Security including but not limited to Home cyber Security Managed Solutions to automated, Manage Threat IntelligenceDigital Forensic InvestigationsPenetration TestingMobile Device ManagementCloud Security Best Practice & Secure Architecture by Design and Cyber Security Training. Our objective is to support organisations and consumers at every step of their cyber maturity journey. Contact Us for more information.

Leave a Reply

Your email address will not be published. Required fields are marked *