The CIA Triad
Jacob Castillo
09/17/2023
The CIA triad which consists of confidentiality, integrity, and accessibility is a model that is designed to protect the information security within a company by guiding its policies and procedures. It is sometimes referred to as AIC so that there isn’t any confusion with the Central Intelligence Agency (Wesley, 2023).
Confidentiality
The confidentiality aspect of the CIA triad is strongly correlated with that of “privacy” and its main purpose is to protect sensitive information and data from unauthorized attempts to access the sensitive information. Depending on the security threat of the data if it were to be compromised, there would be either more or less strict measures taken to protect the data. An example of confidentiality would be the implementation of two-factor authentication (2FA) to verify the identity of the user.
Integrity
The integrity facet of the CIA triad essentially ensures that the data maintains its trustworthiness over its entire lifecycle. This is done by making sure that data is not intercepted during transit and altered which could have drastic consequences to the company. Nonrepudiation can be achieved with the use of digital signatures and or encryption which ensures that the data sent is not accessed and changed by unauthorized users.
Availability
The availability part of the CIA triad refers to the continued maintenance of the company’s hardware and technical infrastructure that contain and relay information. This is crucial to the company to make sure that data is continuously available to the authorized users within the company. An example of maintaining availability would be to make sure there is proper security such as firewalls that will protect against any malicious DoS attacks.
The differences between them
Confidentiality refers to making sure that the data and information are not accessed by unauthorized users, while integrity makes sure that the data isn’t accessed or intercepted by unauthorized users and then changed by them. Lastly, availability is just making sure that authorized users have consistent access to the data and information that they need.
References
Chai, Wesley. “What Is the CIA Triad? Definition, Explanation, Examples: TechTarget.” WhatIs.Com, TechTarget, 10 Feb. 2023, www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA.
Fruhlinger, Josh. “The CIA Triad: Definition, Components and Examples.” CSO Online, 10 Feb. 2020, www.csoonline.com/article/568917/the-cia-triad-definition-components-and-examples.html.
Vulnerabilities of Critical Infrastructure and SCADA Systems Role in Mitigating Them
Jacob Castillo
11/6/2023
SCADA “Supervisory control and data acquisition” systems assume the role of controlling infrastructure or industrial processes. Although these systems help to improve the efficiency and safety/security of these processes, they can potentially pose a cybersecurity threat. The question is, how do we mitigate these new vulnerabilities that could potentially be present within these systems?
What are SCADA Systems and how do they Mitigate Risks within Critical Infrastructure
SCADA systems allow for the organization to monitor and control entire systems and sites that could be over a large geographic area so that you can know exactly how those sites and systems are performing 24/7 (www.scadasystems.net). Most actions within critical infrastructure are automatically done by remote terminal units (RTUs) or programmable logic controllers (PLCs). While the RTUs or PLCs are doing this they are performing data acquisition that is eventually formatted in such a way that the operator of the control room may be able to make decisions based on the displayed data shown, which can be diagnostic data, management information, trending information, etc. (www.scadasystems.net). This is called human-machine interface (HMI), which links to the SCADA systems database and provides the system operator with graphical information in the form of mock diagrams. Having these RTUs and PLCs in place it provides security actions and systems that can automatically activate based on certain factors that are met, a simple example of this may be a fire suppression system that activates when it detects a certain amount of smoke. An example of HMI can be as simple as the low fuel light that comes on in a car to as complex as a multi-projector setup that displays the current positions of all trains on a railway system.
SCADA Security Issues and How to Mitigate Them
SCADA networks are facing two main security issues with the first one being unauthorized access and or changes to software which could be done by human access, viruses, or other issues that can affect the host computer. The second security threat lies in the fact that there is often little to no security at the packet control protocol, which means that attackers could utilize this to gain access to the SCADA device. Those that utilize SCADA systems elect to use a VPN to mitigate the potential threat of being attacked via the packet control protocol vulnerability but there remains the potential that direct physical access to network switches and jacks connected to the SCADA systems would bypass the security of the VPN (www.scadasystems.net). Some SCADA vendors are developing industrial VPN firewall solutions that will protect TCP/IP-based networks and there have been some whitelisting solutions that prevent unauthorized changes to applications. Defense-in-depth is a multilayered form of security that is implemented through multiple different technologies such as intrusion detection systems and single-point-of-failure. Although this multilayered defense strategy would work well, implementation of this strategy would be difficult in terms of devices already with limited resources and computational ability (Tariq et al, 2019). The use of signature-based intrusion systems with state analysis is a proposed way of detecting complex cyber-attacks.
Conclusion
In conclusion, the use of SCADA systems within critical infrastructure can drastically improve efficiency and the safety of the critical infrastructure processes but it also introduces the potential for cyberattacks through these network-based SCADA systems. This needs to be addressed with the same cybersecurity mitigation strategies as any other network. There are already some security strategies in place but there needs to be more universal security systems in place instead of some of these SCADA users that are complacent and think that only the use of a VPN would be enough.
References:
SCADA Systems – SCADA Systems. (n.d.). Www.scadasystems.net. https://www.scadasystems.net/
Tariq, N., Asim, M., & Khan, F. A. (2019). Securing SCADA-based Critical Infrastructures: Challenges and Open Issues. Procedia Computer Science, 155, 612–617. https://doi.org/10.1016/j.procs.2019.08.086
Challenges of Being the CISO With a Limited Budget
Jacob Castillo
11/12/2023
Being the Chief Security Officer (CISO), it is essential to balance the tradeoff between additional cybersecurity technologies and training, and having a limited budget makes this task even more challenging.
Comprehensive Risk Assessment
The first thing that I would do as the CISO would be to conduct a comprehensive risk assessment so that I can identify the potential vulnerabilities and threats and determine the likelihood and impact of these vulnerabilities/threats (Stevens, 2016). The results of the assessment would help to determine how the limited budget should be allocated based on which threats either have the largest impact or likelihood of occurrence.
Allocation of The Budget
If it is determined by the risk assessment that the employees are the weakest part of the company’s security, then a more significant portion of the budget would be allocated to additional cybersecurity awareness and training. Now if it is shown that critical systems are the weakest link then more budget would be allocated to firewalls, intrusion detection systems, and endpoint protection software.
Conclusion
Making sure to prioritize the budget on the most consequential threats/risks of the company will be most beneficial to the company. It will reduce risks, protect critical assets, and improve the overall security posture of the company with the limited resources available.
References
How the CISO role is evolving. (n.d.). CSO Online. https://www.csoonline.com/article/566757/what-is-a-ciso-responsibilities-and-requirements-for-this-vital-leadership-role.html
Stevens, M. (n.d.). Analyzing The CIO’s Roles & Responsibilities Regarding Cybersecurity. BitSight. https://www.bitsight.com/blog/analyzing-cios-roles-responsibilities-cybersecurity