Cybersecurity
Cybersecurity: Key Concepts
- Cybersecurity is the practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.
- This definition frames how organizations guard assets against threats and aligns with the CISSP focus on protecting information assets across people, processes, and technology.
- Key goals tied to cybersecurity include regulatory compliance, maintaining and improving business productivity, reducing expenses related to risk, and maintaining brand trust.
CIA Triad
- The CIA triad represents the three core principles of information security:
- Confidentiality: Preventing unauthorized disclosure of information.
- Integrity: Ensuring information is accurate, complete, and not tampered with.
- Availability: Ensuring information and critical services are accessible when needed.
- Formal representation (conceptual): the triad can be viewed as the set which guides security controls and decision-making.
- Significance: Together, these three properties balance protection against disclosure, alteration, and uptime; focusing on one or two at the expense of the others can create risk (e.g., strong confidentiality with poor availability).
Threat Actor
- Definition: Any person or group who presents a security risk.
- Implication: Threat actors can target an organization to exploit vulnerabilities and compromise assets.
Benefits of Security
- Protects against external and internal threats.
- Meets regulatory compliance.
- Maintains and improves business productivity.
- Reduces expenses associated with risk.
- Maintains brand trust.
Common Job Titles
- Security analyst or specialist.
- Cybersecurity analyst or specialist.
- Security Operations Center (SOC) analyst.
- Information security analyst.
Role of Security Analysts
- Security analysts are responsible for monitoring and protecting information and systems.
- Potential follow-on responsibilities (in practice):
- Monitor security events and alerts across networks and endpoints.
- Analyze incidents to determine impact and root cause.
- Respond to and coordinate mitigation efforts.
- Implement and tune security controls to reduce risk.
- Collaborate with broader security teams and stakeholders to improve defenses.
Connections and Implications
- This content builds on foundational security principles used across courses and real-world practice:
- The CIA triad underpins risk assessment, controls selection, and incident response planning.
- Understanding threat actors informs threat modeling and proactive defense strategies.
- Role clarity for security analysts supports effective SOC operations and day-to-day security monitoring.
- Practical implications:
- Regulatory compliance often emphasizes confidentiality and integrity, while availability is critical for operational uptime.
- Maintaining brand trust requires consistent security posture and transparent incident handling.