Google Ads
This is a transcript for a video linked here: CISSP Domain 1 - CIA Triad.
00:00:00.480 --> 00:00:07.280 this is the first in a series of videos i'll be making on cyber security concepts these will be 00:00:07.280 --> 00:00:13.600 based around some of the principles in the sisp certification exams but also useful for anyone 00:00:13.600 --> 00:00:19.440 interested in learning more about IT security and how to keep your system safe when appropriate 00:00:19.440 --> 00:00:25.040 i'll be referring to real-world examples and in future videos i'll be demonstrating some simulated 00:00:25.040 --> 00:00:30.080 attacks this is something you'd be interested in please subscribe and click the notification 00:00:30.080 --> 00:00:37.920 icon to see future videos this is from the domain one of cisp security and risk management 00:00:40.800 --> 00:00:47.360 one of the key security models is the cia triad this is a high level concept which stands for 00:00:47.360 --> 00:00:55.440 confidentiality availability and integrity looking at these in turn let's start with confidentiality 00:00:55.440 --> 00:01:01.360 this is the first aspect of the cia triad it's about keeping data secret so that it can only 00:01:01.360 --> 00:01:06.960 be accessed by those who have the appropriate permissions it extends beyond information about 00:01:06.960 --> 00:01:12.800 a person and may also involve restricting access to data objects and resources whilst 00:01:13.680 --> 00:01:20.640 must continue to allow authorized access breaches of confidentiality may not always be intentional 00:01:21.280 --> 00:01:26.720 they could be the result of a human error lack of oversight lack of understanding or incompetence 00:01:28.080 --> 00:01:32.000 clearly there have been many breaches of security some of which have hit the headlines 00:01:33.280 --> 00:01:37.360 t-mobile have experienced data breaches which resulted in personal information 00:01:37.360 --> 00:01:45.440 of millions of their customers being stolen the sony attack in 2014 where terabytes of 00:01:45.440 --> 00:01:52.560 data were stolen from sony's servers including some unreleased films and to look at some of the 00:01:52.560 --> 00:01:57.120 specific aspects of confidentiality i'm going to break this down into a number of points 00:01:58.240 --> 00:02:02.560 versus sensitivity this is about information which could cause harm or damage 00:02:04.800 --> 00:02:08.160 discretion this is information 00:02:08.160 --> 00:02:13.840 which if it was acted upon could influence or control events or cause harm or damage 00:02:16.640 --> 00:02:22.320 criticality a measure of how critical the information is particularly to a corporation 00:02:26.720 --> 00:02:34.880 concealment concealment is a way of hiding or preventing disclosure if you're looking at 00:02:34.880 --> 00:02:39.920 concealing information it shouldn't be just about not linking to it and the information's still 00:02:39.920 --> 00:02:45.360 there hoping that people don't find it it's about making sure the information is hidden 00:02:46.480 --> 00:02:52.560 so that they're not aware of it as well as it being unaccessible to them 00:02:55.760 --> 00:03:03.520 secrecy and this is the act of keeping something secret and privacy which is keeping information 00:03:03.520 --> 00:03:09.600 confidential particularly information which is personally identifiable or may cause embarrassment 00:03:12.240 --> 00:03:18.720 seclusion is about storing something out of a weight location usually with strict 00:03:18.720 --> 00:03:23.520 access controls for example you may have a different place to store credit card 00:03:23.520 --> 00:03:26.320 information rather than it being in the normal database 00:03:29.280 --> 00:03:34.800 isolation is similar to seclusion but takes it a step further so it may be that you actually 00:03:34.800 --> 00:03:41.040 store those credit card information in a way that can only be accessed by certain systems 00:03:42.240 --> 00:03:45.840 so in a separate system that's isolated from the others 00:03:50.720 --> 00:03:58.080 the second aspect of the cia triad is integrity which is about the reliability and correctness 00:03:58.080 --> 00:04:06.000 of data it involves preventing unwar unauthorized alterations which may be malicious activities such 00:04:06.000 --> 00:04:13.840 as someone looking to change their grade a classic from the film war games or a virus destroying data 00:04:13.840 --> 00:04:20.560 or it could be through a mistake by authorized users controls must be in place to restrict access 00:04:20.560 --> 00:04:30.080 to data objects and resources confidentiality and integrity depend on each other perhaps an extreme 00:04:30.080 --> 00:04:37.520 example of what damage can be done with integrity is with the stuxnet computer one this considered 00:04:37.520 --> 00:04:42.800 to have been a cyber weapon and it caused substantial damage to the iranian nuclear program 00:04:43.840 --> 00:04:48.640 in that case it wasn't the data that was being corrupted but it was targeted the code for the 00:04:48.640 --> 00:04:55.680 programmable logic controllers plcs and it caused the gas centrifuges to spin out of control causing 00:04:55.680 --> 00:05:00.960 physical damage if we look at integrity in a bit more detail you can break this down into a number 00:05:00.960 --> 00:05:07.520 of points as well there's the accuracy data needs to be accurate needs to be correct and precise 00:05:09.280 --> 00:05:12.720 truthfulness it should be a true reflection of reality 00:05:14.720 --> 00:05:22.000 validity means it's factually or logically sound accountability and this is that the 00:05:22.000 --> 00:05:26.160 operators should be responsible for their actions and the results of those actions 00:05:28.960 --> 00:05:37.840 responsibility should be someone or something in charge or having control over the data 00:05:40.080 --> 00:05:45.920 completeness data should be complete including all the necessary components and parts it's 00:05:45.920 --> 00:05:54.800 no good having only part of a personal details and comprehensive it should be complete in scope 00:05:56.160 --> 00:06:05.200 and then the final aspect of the cia triad is availability availability it's about having 00:06:05.200 --> 00:06:11.600 uninterrupted access to the services the system should have sufficient processing capability 00:06:11.600 --> 00:06:18.240 bandwidth and timeliness as deemed necessary threats can include denial of service attacks 00:06:18.240 --> 00:06:23.680 environmental and human errors which could arise due to lack of oversight or lack of competence 00:06:25.280 --> 00:06:30.160 it could be a result of badly configured services including security rules 00:06:32.080 --> 00:06:36.960 here's some real examples a denial of service attack can be difficult to protect against 00:06:36.960 --> 00:06:39.280 particularly if distributed across a botnet 00:06:40.640 --> 00:06:45.520 the problem is that the cost of resources such as bandwidth and processing to allow genuine access 00:06:46.880 --> 00:06:50.720 i had some of my own software which i experienced the denial of service attack on 00:06:51.440 --> 00:06:55.920 in that case the attacks were from a single address i was able to add code to detect 00:06:55.920 --> 00:07:03.520 a potential attack and block against it a much worse example was the wannacry ransomware it's 00:07:03.520 --> 00:07:11.280 a significant impact on the uk national health service in 2017. in that case it was a crypto 00:07:11.280 --> 00:07:17.280 worm which would infect and encrypt computers that were running an unpatched version of windows 7 00:07:18.160 --> 00:07:23.680 had a significant impact on the its systems and the ability to provide medical care 00:07:25.040 --> 00:07:30.240 fortunately a kill switch was discovered by marcus hutchkins whilst often credited 00:07:30.240 --> 00:07:35.600 as a white attacker for this he had a darker side including working on the kronos malware 00:07:37.520 --> 00:07:40.640 so look at the cia triad in more detail 00:07:41.600 --> 00:07:49.840 and there's a few concepts here so first one is usability it needs to be easy to use 00:07:52.400 --> 00:07:57.840 and accessibility should be a wide range of subjects that can interact with the resource 00:08:01.040 --> 00:08:04.480 timeliness and this means should be prompt 00:08:04.480 --> 00:08:11.840 on demand reasonable response time including low latency 00:08:14.080 --> 00:08:18.160 the cia triad is not the only model for applying security there are many others 00:08:18.800 --> 00:08:26.320 one example is the DAD or dad triad this takes the opposite approach 00:08:26.320 --> 00:08:31.840 of cia in that by identifying the things that you want to avoid rather than the 00:08:31.840 --> 00:08:39.840 things that you desire which was the cia triad these are D for disclosure 00:08:41.360 --> 00:08:44.560 A for alteration and then D for destruction 00:08:47.680 --> 00:08:55.360 and then we can also look at some other models the aaa or aaa model it's an important one which 00:08:55.360 --> 00:09:00.240 i'll be covering in a future video which looks at authorization and authentication 00:09:02.720 --> 00:09:08.320 i'm going to leave it there for now i hope this has been useful if so please give it a like so i 00:09:08.320 --> 00:09:14.160 know that these are worthwhile and people are responding to this i'll be looking at putting 00:09:14.160 --> 00:09:17.920 more of these together and if you're interested in watching those future videos 00:09:17.920 --> 00:09:21.200 please subscribe to this channel and click on the notification icon 00:09:21.760 --> 00:09:25.920 to get notified about the future videos thanks for watching
