|
|
The CIA triad is a well-known model in information security development. It is applied in various situations to identify problems or weaknesses and to establish security solutions. It is an industry standard that information systems professionals should be familiar with.
What is the CIA Triad?
The CIA triad refers to an information security model made up of the three main components: confidentiality, integrity and availability. Each component represents a fundamental objective of information security. In order to avoid confusion, the CIA triad is sometimes referred to as the AIC triad, or PAIN, which stands for privacy, availability/authentication, integrity and non-repudiation.
The three components [...]
The ISO (International Organization for Standards) publishes international standards for the private sector. The ISO 27000 standards series refers to information security matters. Since October 2005, the ISO has published six of these standards, with controls ranging from managing security systems to problem solving methodology to [...]
The E-Government Acts of 2002 involved a large number of new regulations to implement and control the use of electronic technologies by the U.S. Government. Title III of this Act, called the Federal Information Security Management Act required all Government agencies to develop extensive information security [...]
Last week, the British Security Service and Secret Intelligence Services, better known as MI5 and MI6, showed exactly how expensive information security procedures really can be. Details unveiled last week show MI6 scrapped a 2006 undercover drug raid operation in Columbia for fear that a lost USB stick containing covert agents and informants may have fallen into the wrong [...]
Credit card payment processor Heartland Payment Systems announced this week that hundreds of millions of credit card transactions were stolen last year. This latest hack far eclipsed the 45 Million TJX Companies records lost from 2004-2007. The stolen data includes names, credit/debit card numbers and expiration [...]
Last week, a NY Police Sergeant admitted he made unauthorized accesses to the FBI’s National Crime Information Center database in December [...]
It took over a decade, but two German researchers found an application for a flaw in the MD5 hash widely used throughout the Internet for [...]
Postini is Google’s 2006 acquisition for secure messaging, and a direct competitor to IronPort. All of their offerings surround Software As A Service (SAAS), matching directly with Google’s overall technology strategy. They provide several services, including web security, anti-spam/malware, mail filtering, and archival with indexing. The Data Leakage Prevention capabilities provide privacy protections through outbound communication filters. Additionally, there are management tools and continuity procedures appropriate for enterprise use.
Postini’s background technology stems from threat assessment and message parsing capabilities, grown through several years as a primary mail provider. There are two major patents, with a variety of [...]
Eveyone’s either watched or at least heard of CSI – Crime Scene Investigation. With the spin-offs, there are three out of five nights a week in Prime Time where you may learn about trace evidence, bullet trajectories, and splatter patterns. It’s been such a phenomenon that Criminal Justice is the most popular/fastest growing new major in colleges.
One thing that comes up every now and again on the show surrounds evidence and collection; someone kicks a gun out of position, forgets to wear gloves while picking something up, or there was a fire due to someone’s carelessness. During the trial, while [...]
An interview with the Barbra Symonds, Associate Partner with IBM, and former IRS Director of Privacy & Information Protection, and before that project manager for the Veteran’s Administration’s Privacy policy will appear on the site within the next 7 – 10 days, pending approval. Barbra was part of the original group that defined the Certified Information Privacy Professional for Government (CIPP/G). It was a great interview, with some timely comments on the state of information security and information privacy.
|
|
