Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


The CIA Triad

No description

Faham Usman

on 22 May 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of The CIA Triad

Information Security
The CIA Triad
Awareness Campaign
Salim is your Cyber Security Advisor.
Aims at promoting, building and ensuring a safer & secure cyber environment and culture in the UAE.
About aeCERT
One of the initiatives of the UAE Telecommunications Regulatory Authority.
aeCERT is the United Arab Emirates Computer Emergency Response Team.
About aeCERT
Confidentiality, Integrity, and Availability
CIA defined
Identifying the Secure Elements
Written policies
Measuring compliance
Alternate Definitions
What is Information Security

Salim (aeCERT)
For more information
Understand what is information security
Adopt CIA or other security framework or several
Perform regular audits
Get security employees certified
Publish security procedures
Train employees
Understand encryption
Communicate Policies to
Security Staff
What to Backup
Availability: BCP/DR
Data Classification Policy
Source: http://telicthoughts.blogspot.com/2009/02/when-one-thinks-of-securing-information.html
Criticisms of CIA
Definition of Information Security
Security Policies
Definition of Information Security
Definition of Information Security
Access Control
Access Control
Who Has Access to Confidential
Access Control
Availability and Authentication
Integrity is assuring the accuracy and consistency of data by making sure that the content of the data is not accessed or modified by any unauthorized person.
How to Measure Security
Encryption: Prime Numbers
The CIA Triad : Confidentiality,
Integrity and Availability
Non-Repudiation Extended
Classify Data according to
Business Impact
AIC Triad or PAIN
Where Is Confidential Data Stored?
Parker Extend’s CIA Definition:
the Parkerian Hexad
Source: http://blogs.adobe.com/conversations/2013/10/important-customer-security-announcement.html
Incident: Adobe
Data Classification
Identifying the Security Elements
What is Confidential Data?
Microsoft’s STRIDE Threat Model
Signed Emails
Protecting Confidentiality
Data Classification
Hash: Protect Integrity
Take an inventory of what data you have and classify it according to the loss one were to suffer if you lost that data.

Security Investigators found source codehere on a server used by cyber criminals. Adobe confirms that a breach has occurred. Adobe releases press release.
The objective of this control is :

To ensure authorized user access

To prevent unauthorized access to systems and services

To enable assignment of access rights, a formal user registration and de-registration process should be in place and implemented
Full transcript