I am two chapters deep into CompTIA Security+ Study Guide. In this blog, I will not cover every concept or detail but something that I found interesting while reading the book and answering test questions.

Let’s talk about the famous CIA triad. Every book that I read about Cybersecurity starts with this conceptual model consisting of three areas or, as CompTIA likes to say, the three key objectives. They are:

1. Confidentiality
2. Integrity
3. Availability

The confidentiality aspect ensures that unauthorized individuals are not able to access your data. Cybersecurity specialists deploy all sorts of tools like firewalls, access control lists, encryption to prevent unauthorized access. But, again, the attacker’s goal is to disclose sensitive information. Of course, sensitive data can be anything, such as your medical records or salary information.

The integrity aspect ensures that information you are seeing has not been tempered maliciously or not. Cybersecurity specialists deploy hashing and integrity monitoring tools to enforce the requirements for systems and data. Attackers seek to violate the integrity of the information. Think of websites that were defaced by various slogans or silly videos.

The last aspect, availability, ensure that systems and data are always available for authorized users. Cybersecurity specialists implement fault tolerance, clusters, and backup systems to prevent mayhem. Attackers seek to undermine the availability. Think of DDoS attacks that disrupt systems and services.

Every organization should have this triad on its mind. It helps to build a cybersecurity framework and strategy to tackle cybersecurity threats.