TRENDS Research and Advisory released
a new study that confirmed that information security is achieved through triad of
“confidentiality, integrity, and availability.” Confidentiality has to do with
the protection of the message content stored or exchanged between the stake-holders
against all forms of hacking. This could be done by encryption which uses
specific codes made of a private access key and certain algorithm. Availability
means that data should be available to authorized users whenever they require
it in line with the valid regulations.
The study entitled: “Information
Security and the Triad of Confidentiality, Integrity, and Availability,” was prepared
by Dr. Youssef Ali Muhammad Mubarak Al-Hammadi, Professor of Information
Security and Cryptography at the College of Information Technology in the United
Arab Emirates University. The author stated that information security is
concerned with protecting and securing data and information. It is the biggest
source of risk and a major concern for many IT managers. It includes weaknesses
in identity and asset management, lack of security in software and
applications, sharing passwords with others, lack of use of updated antivirus
software, and reckless opening of suspicious e-mail attachments.
External Risks
The study indicated that there are
external risks related to information security. They include the threats to
which the user or the system is exposed, whether during storage, transmission
and communication via any network. There are inherent risks during the processing
stage, such as electronic hacking attacks, malware, social networks engineered attacks
and disruption or service slowdowns. Other types of such cyberattacks
include unwelcome attempts to disable or destroy information
through unlawful access to infrastructure, computer
systems or exposing data to unauthorized parties or persons.
Preventive Measures
The study confirmed that the information
security science highlights the significance of preventive measures to address anticipated
or emerging risks. It is stressing the importance of verifying user identity and
ensures disaster recovery plans are prepared and well-rehearsed. This is done
through developing response and recovery plans to be activated in the event of
security incidents or technological failures that compromise the privacy,
safety and protection of reliable data. The process includes threat detection
tests for potential security vulnerabilities which should be addressed in
advance before any malicious attempts by third parties.
The
study indicated that
information security includes a set of scientific disciplines such as:
“cryptography, network security, hardware, operating systems, digital
forensics, databases, authentication processes, and access control through
managing passwords, smart cards and vital records specifications.”
©2024 Trends Research & Advisory, All Rights Reserved.
