Describe the critical factors of information security.

Description should include

• explaining that the confidentiality/integrity/availability (CIA) triad model provides the baseline standard of evaluating and implementing information security measures on any system
• stating that each component in the CIA triad has designated goals that provide distinct requirements, and that each goal provides an essential component of information security measures
• identifying the following goals within the CIA triad and defining the terms as they apply to cybersecurity:
• Confidentiality: The goal ensures that data are only accessed by authorized person(s) through security measures such as user names and passwords and access control lists (ACL).
• Integrity: The goal ensures the data are trusted. This means data must be guarded against unauthorized changes. Methods of ensuring integrity include data permissions and encryption.
• Availability: The goal is to provide solutions to ensure that systems can be accessed when requested. This includes providing deploying system protections and proper hardware maintenance and system patching.
• Additional components should include the following:
• Authentication: A process in which credentials are provided to verify the identity of an entity (e.g., user, system).
• Nonrepudiation: A cryptologic technique that provides the proof of the integrity and origin of data.

Description should also include manufacturing system-specific elements:

• Priority of the CIA triad based on specific critical infrastructure sectors
• Emphasis on Availability and Integrity in manufacturing systems

Process/Skill Questions:

• With regard to cybersecurity, CIA stands for what?
• What does availability mean with regard to cybersecurity?
• Why is data integrity important?
• Why is there is a trade-off between confidentiality, integrity, and availability?