Please enable JavaScript.
Coggle requires JavaScript to display documents.
Cybersecurity Mind Map: CIA & Security Mechanisms - Coggle Diagram
Cybersecurity Mind Map: CIA & Security Mechanisms
CIA (Confidentiality, Integrity, Availability)
Integrity (Keeping data trustworthy)
Definition
It ensures that data remains unaltered during transmission or storage. If the data is modified in any way, its integrity is compromised.
The information is safe from accidental or intentional modification or alteration.
How to Ensure?
Access Control
his is crucial for integrity. It defines who has the permission to change, edit, or delete data.
Antivirus software
A core purpose of antivirus is to stop malware that is specifically designed to corrupt, modify, or destroy your files.
Data Backup & Recovery
This supports integrity by allowing you to restore data to a previous, uncorrupted version if it is ever compromised.
Secure Communication Protocols
This prevents "man-in-the-middle" attacks where an attacker could intercept and alter data while it's in transit.
Authentication mechanism
By ensuring only the correct person can log in, it prevents unauthorized changes to data.
Availability (Keeping systems running)
Definition
It ensures that the network, systems, and data are accessible and operational for users when needed.
The information is available to authorized users when needed.
How to Ensure?
Data Backup & Recovery
This is the most important mechanism for availability. If data is lost, deleted, or encrypted by ransomware, backups are what make it available again.
Firewalls
This helps ensure availability by protecting your systems from certain types of network attacks that are designed to crash them and make them unavailable.
Antivirus software
This supports availability by preventing malware that could crash your computer or ransomware that makes your files inaccessible.
Access Control
This prevents unauthorized users from deleting data or locking legitimate users out of the system.
Confidentiality ( Keeping secrets secret)
Definition
It ensures that sensitive information is accessible only to authorized individuals or systems and prevents unauthorized access.
The information is safe from accidental or intentional disclosure
How to Ensure?
Access Control
This is the most direct control. It defines who is allowed to see the data.
Authentication mechanism
This is the first step of Access Control. It verifies a user's identity before they can even attempt to access data.
Secure Communication Protocols
This is essential for confidentiality. It encrypts data as it travels over the network, making it unreadable to eavesdroppers.
Firewalls
This is a key control. It acts as a barrier to prevent unauthorized users on external networks from getting in to access your data.
Antivirus software
This supports confidentiality by preventing spyware and keyloggers that are designed to steal sensitive information like passwords and financial details.
Security Mechanism
Firewalls
A firewall is a network security system that acts as a barrier between a trusted internal network (like a company's office network) and an untrusted external network (like the Internet). It monitors and controls incoming and outgoing network traffic based on a set of predefined security rules.
Access Control
Access control is the security practice that regulates who or what can view, use, or change resources in a computing environment. It is the enforcement of policies that dictate who gets access to what, and what they can do with it.
Antivirus software
Antivirus (or antimalware) is a type of software designed to detect, prevent, and remove malicious software from a computing device. This includes viruses, worms, trojans, ransomware, and spyware.
Data Backup & Recovery
The process of creating and storing copies of data that can be used to restore the original data in the event of a data loss. The "Recovery" part is the documented plan and procedure to use these backups to restore systems to full operation.
Secure Communication Protocols
A set of rules that governs the secure transmission of data over a network. These protocols use cryptography to ensure data remains protected and private while it travels from its source to its destination.
Authentication mechanism
Authentication is the process of verifying a user's identity to prove they are who they claim to be. It is the crucial first step of any access control system.