The CIA Triad and New Security Challenges

Confidentiality, Integrity and Availability, AKA the CIA triad, has long been known as a model used to guide security policies within an organisation. But with security risks ever growing, does the CIA triad provide a sustainable model which can continue to address the security challenges of the future? You can read more on this concept here.

The Internet of Things (IoT) for example, which refers to the network of things which are embedded with electronics, software and network connectivity allowing them to collect and exchange data - now pose a new, different security risk. Likewise, Big Data brings with it extra challenges because of the mass amount of data that needs to be secured and the number of sources involved in sending the data.

With this in mind, Information Security Buzz asked their expert panel members which includes Bloxx CEO, Charles Sweeney, ‘if there is need to modify the CIA triad given these new emerging technologies?’

In his response, Charles focused on the need for flexibility when dealing with both these different security challenges and new technologies,

“Alongside the universally regarded pillars of confidentiality, integrity and availability, it could be argued that a fourth idea of flexibility should be added onto the security model. No matter how secure the environment is, data is no longer just collected, stored and retained, but needs to be used by businesses in order to provide the best service possible.

 To utilise data securely, companies must be flexible in their methodologies in order to take full advantage of the latest technologies. Moving the data to the cloud, assigning ID keys in place of personally identifiable information and being able to replace, remove and update data are just a few techniques that can ensure it is as secure as possible, whilst also remaining insightful for your business.

If companies are to take full advantage of the accelerating IoT and big data revolution, then a large, static data silo will undoubtedly hold them back. Online information is no longer simply kept ‘on record’ but is actively engaged with by forward-thinking businesses. However, data that is being utilised and adding value to business service is without doubt more of a lucrative target to hackers and scammers, so it is vital that it can be manipulated, moved and encrypted with ease, ensuring it remains protected”

 You can read the full article alongside the other expert panellist’s response here